This topic is locked
Hi, Malwarbytes found and quarantined the following items:
Trojan.Downloader
PUP.Optional.Bundle
PUP.Optional.SafeSoftware
PUP.Adware.Agent
PUP.Optional.Spigot.SID
PUP.Optional.Spigot.A
When I try to go on Internet Explorer it tells me it cannot connect. I can go on Google Chrome and Mozilla Firefox but it takes time before load.
I ran FRST and am attaching the FRST.txt and Addition.txt files.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-05-2015 02
Ran by Owner (administrator) on OWNER-PC on 15-05-2015 14:53:29
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner & jaytar)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(Inmar, Inc.) C:\Program Files\Digital Coupon Printer\DigitalCouponPrinter.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\KBD\kbd.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\Program Files\Hewlett-Packard\KBD\KbdStub.EXE [12288 2008-07-21] (Microsoft)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [UpdateP2GoShortCut] => c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-09-11] (CyberLink Corp.)
HKLM\...\Run: [TSMAgent] => c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-10-17] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer for HP TouchSmart] => c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-10-17] (CyberLink)
HKLM\...\Run: [DVDAgent] => c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-09-26] (CyberLink Corp.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688 2008-09-23] (Hewlett-Packard)
HKLM\...\Run: [Intuit SyncManager] => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [1439496 2010-10-19] (Intuit Inc. All rights reserved.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1989920 2013-08-26] (Wondershare)
HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [509216 2015-02-16] (QFX Software Corporation)
HKLM\...\Run: [Digital Coupon Print Driver] => C:\Program Files\Digital Coupon Printer\DigitalCouponPrinter.exe [88000 2015-04-20] (Inmar, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\...\Run: [Desktop Software] => "C:\Program Files\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-10-17] (Hewlett-Packard)
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\...\Run: [ComcastAntispyClient] => "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\...\MountPoints2: {af95a421-958f-11e3-8556-00248c5bbbf4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil10q_ActiveX.exe -update activex
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2010-06-01]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...vast&type=iedef
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...vast&type=iedef
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {8809A334-604B-472E-BC73-02DBFE49AAC8} URL =
SearchScopes: HKU\.DEFAULT -> {CA051B20-F0FC-4230-AA0A-688B1E122C1B} URL = http://search.live.c...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> Comcast URL = http://search.comcas...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> {CA051B20-F0FC-4230-AA0A-688B1E122C1B} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-05-14] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-05-14] (Oracle Corporation)
Toolbar: HKLM - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-29] (Microsoft Corp.)
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2405262934-3323221017-608346938-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Magic%20Ball%202%20New%20Worlds/Images/stg_drm.ocx
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Magic%20Ball%202%20New%20Worlds/Images/armhelper.ocx
DPF: {E4D88471-7ED7-43E1-B290-205559E8EBB2} https://paystubs.win...wser Logoff.dll
DPF: {ECB7BFF0-FF65-11D1-9004-00A0C92E6878} https://paystubs.win.../MWebEnable.dll
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2013-02-01] (Intuit, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.1.10.1
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\aw5qrtqm.default-1349813705501
FF Homepage: hxxp://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-05-14] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2009-05-21] (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2010-12-07] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2405262934-3323221017-608346938-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Owner\AppData\Roaming\CATALI~2\NPBCSK~1.DLL [2013-06-07] (Catalina Marketing Corporation)
FF Plugin HKU\S-1-5-21-2405262934-3323221017-608346938-1000: hopster.com/CouponPrinterPlugin -> C:\Users\Owner\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll [2013-02-21] (Hopster)
FF Plugin HKU\S-1-5-21-2405262934-3323221017-608346938-1000: revtrax.com/RevTraxPrintMyCoupon -> C:\Users\Owner\AppData\Roaming\RevTrax\RevTraxPrintMyCoupon\1.0.0.0\npRevTraxPrintMyCoupon.dll [2014-10-15] (RevTrax)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll [2011-03-30] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol500.dll [2011-03-30] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-12-03] (Coupons, Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [{9F98D632-32EB-4B14-B55E-D15DED337F39}] - C:\Users\Owner\AppData\Local\{9F98D632-32EB-4B14-B55E-D15DED337F39}
FF Extension: XULRunner - C:\Users\Owner\AppData\Local\{9F98D632-32EB-4B14-B55E-D15DED337F39} [2011-03-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-12]
Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-22] (Avast Software)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-08-22] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [2805084 2009-06-01] (INCA Internet Co., Ltd.) [File not signed]
R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-02-01] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-22] ()
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-22] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-22] ()
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [210512 2015-02-06] (QFX Software Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 PfFilter; C:\Program Files\IObit\Protected Folder\pffilter.sys [32672 2011-03-16] (IObit Information Technology)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-22] (Avast Software)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [59376 2008-09-26] (Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-15 14:53 - 2015-05-15 14:54 - 00022492 _____ () C:\Users\Owner\Desktop\FRST.txt
2015-05-15 14:53 - 2015-05-15 14:53 - 00000000 ____D () C:\FRST
2015-05-15 14:51 - 2015-05-15 14:51 - 01145856 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2015-05-14 13:56 - 2015-05-14 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-05-14 13:56 - 2015-05-14 13:56 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-14 13:56 - 2015-05-14 13:56 - 00000000 ____D () C:\Program Files\QuickTime
2015-05-14 13:53 - 2015-05-14 13:53 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-05-14 13:53 - 2015-05-14 13:53 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-05-14 13:53 - 2015-05-14 13:53 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-05-14 13:53 - 2015-05-14 13:53 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-14 13:53 - 2015-05-14 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-14 13:53 - 2015-05-14 13:53 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-05-13 16:33 - 2015-05-15 14:25 - 00001356 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2015-05-07 11:08 - 2015-05-07 11:08 - 01732608 _____ () C:\Users\Owner\Downloads\RevTraxPrintMyCoupon(1).msi
2015-05-01 12:01 - 2015-05-01 12:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\Hopster
2015-05-01 12:00 - 2015-05-01 12:00 - 00544768 _____ () C:\Users\Owner\Downloads\DigitalCouponPrinter-3.17.0.0.msi
2015-05-01 12:00 - 2015-05-01 12:00 - 00000000 ____D () C:\Program Files\Digital Coupon Printer
2015-04-23 12:58 - 2015-04-23 12:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 13:28 - 2015-04-22 13:28 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-22 12:46 - 2015-04-22 12:46 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-22 12:46 - 2015-04-22 12:46 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-16 03:25 - 2015-03-08 21:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 03:11 - 2015-03-04 22:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 03:10 - 2015-03-04 22:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 03:10 - 2015-03-04 22:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 03:09 - 2015-03-13 22:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 03:09 - 2015-03-12 21:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 03:09 - 2015-03-12 21:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 11:00 - 2015-03-09 19:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 11:00 - 2015-03-09 19:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 11:00 - 2015-03-09 19:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 11:00 - 2015-03-09 19:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 11:00 - 2015-03-09 18:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 11:00 - 2015-03-09 18:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 11:00 - 2015-03-09 18:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 11:00 - 2015-03-09 18:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 11:00 - 2015-03-09 18:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 11:00 - 2015-03-09 18:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 11:00 - 2015-03-09 18:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 11:00 - 2015-03-09 18:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 11:00 - 2015-03-09 18:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 11:00 - 2015-03-09 18:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 11:00 - 2015-03-09 18:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 11:00 - 2015-03-09 18:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 11:00 - 2015-03-09 18:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 11:00 - 2015-03-09 18:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 11:00 - 2015-03-09 18:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 11:00 - 2015-03-09 18:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 11:00 - 2015-03-09 18:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 11:00 - 2015-03-09 18:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-15 14:48 - 2009-03-15 04:57 - 01493496 _____ () C:\Windows\WindowsUpdate.log
2015-05-15 14:43 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-15 14:43 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-15 14:37 - 2014-01-08 14:37 - 00000000 ____D () C:\ProgramData\MCShield
2015-05-15 14:30 - 2009-11-13 11:42 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-15 14:30 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-15 13:16 - 2014-06-24 12:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-15 13:13 - 2008-01-20 22:47 - 00814798 _____ () C:\Windows\PFRO.log
2015-05-15 13:12 - 2006-11-02 09:01 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-15 13:10 - 2009-11-13 11:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-15 13:07 - 2012-08-28 11:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-15 11:22 - 2009-05-22 16:09 - 00000322 _____ () C:\Windows\Tasks\HPCeeScheduleForOwner.job
2015-05-14 18:00 - 2009-06-17 17:35 - 00000442 _____ () C:\Windows\Tasks\ParetoLogic Registration.job
2015-05-14 16:47 - 2010-11-01 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Ball 2
2015-05-14 16:35 - 2012-01-02 11:07 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-05-14 16:23 - 2011-04-23 11:50 - 00000000 ____D () C:\ProgramData\Big Fish Games
2015-05-14 16:23 - 2010-08-08 12:24 - 00000000 ____D () C:\BigFishGamesCache
2015-05-14 16:23 - 2009-05-27 21:20 - 00000000 ____D () C:\Program Files\Oberon Media
2015-05-14 13:54 - 2011-09-07 10:48 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-14 13:54 - 2011-09-07 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-14 13:53 - 2011-09-07 10:48 - 00000000 ____D () C:\Program Files\WinRAR
2015-05-14 10:23 - 2013-06-30 12:12 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-13 17:11 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Cursors
2015-05-13 16:49 - 2013-08-06 09:37 - 00000262 _____ () C:\Users\Owner\Desktop\AutoZonePro.com MyZone.url
2015-05-13 16:40 - 2014-06-24 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-13 16:40 - 2014-06-24 12:15 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-13 08:23 - 2010-11-22 17:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2015-05-10 08:12 - 2009-05-30 16:42 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2015-05-09 10:39 - 2013-06-10 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-09 10:37 - 2009-06-17 17:35 - 00000416 _____ () C:\Windows\Tasks\ParetoLogic Update Version2.job
2015-05-07 10:48 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-07 10:35 - 2012-04-25 14:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-07 09:16 - 2006-11-02 06:33 - 00752854 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-06 09:46 - 2009-05-23 08:23 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-04-22 12:46 - 2014-06-24 13:25 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-22 12:46 - 2013-03-20 16:49 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-22 12:46 - 2013-03-20 16:49 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-22 12:46 - 2012-01-12 09:40 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-22 12:46 - 2012-01-12 09:40 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-22 12:46 - 2012-01-12 09:40 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-04-22 12:46 - 2012-01-12 09:40 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-04-22 12:45 - 2012-01-12 09:40 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-16 10:07 - 2012-08-28 11:40 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-16 10:07 - 2011-05-18 16:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-16 03:25 - 2013-08-15 03:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 03:11 - 2009-05-29 13:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 03:11 - 2006-11-02 06:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Files in the root of some directories =======
2013-02-11 16:11 - 2013-02-11 16:11 - 0000288 _____ () C:\Users\Owner\AppData\Roaming\.backup.dm
2013-09-18 13:29 - 2014-03-25 10:00 - 0000036 _____ () C:\Users\Owner\AppData\Roaming\Opusbext.dat
2009-05-28 17:37 - 2014-11-20 16:49 - 0000248 _____ () C:\Users\Owner\AppData\Roaming\wklnhst.dat
2013-04-08 16:31 - 2013-07-16 13:20 - 0893239 _____ () C:\Users\Owner\AppData\Local\a.zip
2013-04-08 16:31 - 2013-07-16 13:20 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Owner\AppData\Local\BcsKtYcHW.dll
2015-05-13 16:33 - 2015-05-15 14:25 - 0001356 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2009-07-24 11:10 - 2009-07-24 11:10 - 0003584 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-10 08:56 - 2011-03-12 16:42 - 0000120 _____ () C:\Users\Owner\AppData\Local\Nyicipecil.dat
2011-03-10 08:56 - 2011-03-12 16:42 - 0000000 _____ () C:\Users\Owner\AppData\Local\Rcuhodohujehok.bin
2012-09-03 09:19 - 2012-09-03 09:23 - 4503728 ____T () C:\ProgramData\nud0repor.pad
Files to move or delete:
====================
C:\ProgramData\nud0repor.pad
C:\Users\Owner\jagex_runescape_preferences.dat
C:\Users\Owner\jagex_runescape_preferences2.dat
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\013c4f5aeaef.exe
C:\Users\Owner\AppData\Local\Temp\aae.exe
C:\Users\Owner\AppData\Local\Temp\bpuninstall.exe
C:\Users\Owner\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\Owner\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\Owner\AppData\Local\Temp\firefoxjre_exe-3.exe
C:\Users\Owner\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Owner\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\nircmd.exe
C:\Users\Owner\AppData\Local\Temp\pv.exe
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
C:\Users\Owner\AppData\Local\Temp\vfind.exe
C:\Users\Owner\AppData\Local\Temp\_is1171.exe
C:\Users\Owner\AppData\Local\Temp\_is207.exe
C:\Users\Owner\AppData\Local\Temp\_isFC7B.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-15 14:43
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-05-2015 02
Ran by Owner at 2015-05-15 14:54:33
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2405262934-3323221017-608346938-500 - Administrator - Disabled)
Guest (S-1-5-21-2405262934-3323221017-608346938-501 - Limited - Disabled)
jaytar (S-1-5-21-2405262934-3323221017-608346938-1002 - Administrator - Enabled) => C:\Users\jaytar
Owner (S-1-5-21-2405262934-3323221017-608346938-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - )
AIM 7 (HKLM\...\AIM_7) (Version: - )
AnswerWorks 5.0 English Runtime (HKLM\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
AoA Audio Extractor (HKLM\...\{D1725D54-279A-40C5-A70D-23C1785DB920}_is1) (Version: - AoAMedia.com)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 6 (HKLM\...\AVS4YOU Video Converter 6_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.3 (HKLM\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.1.0 - Business Objects)
CyberLink DVD Suite Deluxe (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2111 - CyberLink Corp.)
Digital Coupon Printer (HKLM\...\{2095A496-250E-4A1F-90AD-691246819A9A}) (Version: 3.17.0.0 - Hopster, Inc. an Inmar company)
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
ERIS 3 (HKLM\...\{6112EA9C-34B4-11D5-9187-0040C72A0D12}) (Version: - )
e-SAFETY Tutorials and Documentation (HKLM\...\{53AA7BEE-BBEA-4368-92A1-71B0A04C34A9}) (Version: 1.00.0035 - VzB - PA e-SAFETY Team)
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Drive (HKLM\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{64B9E2F5-558E-4C56-B419-A1679518F6E7}) (Version: 5.7.0.2784 - Hewlett-Packard)
HP Demo (HKLM\...\{A2016015-8323-4AF8-8B3E-F56239D7D59D}) (Version: 1.00.0000 - Hewlett-Packard)
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.0.2213 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2217 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5106.2815 - Hewlett-Packard)
HP Total Care Setup (HKLM\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Juno Preloader (HKLM\...\{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}) (Version: 1.0.0 - Juno, Inc.)
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.6.0.0 - QFX Software Corporation)
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0904 - CyberLink Corp.)
LabelPrint (Version: 2.5.0904 - CyberLink Corp.) Hidden
LightScribe System Software 1.14.25.1 (HKLM\...\{DA9DAC64-C947-47BA-B411-8A1959B177CF}) (Version: 1.14.25.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{5BD0CB24-11AF-4BA8-A198-38D25257C656}) (Version: 1.14.25.1 - LightScribe)
LimeWire 5.5.13 (HKLM\...\LimeWire) (Version: 5.5.13 - Lime Wire, LLC)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM\...\{4FAB5122-775E-4418-B8D9-E2873BC93570}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nanny 911 (Version: 2.2.0.82 - WildTangent) Hidden
NAPA Ride Control ERIS (HKLM\...\{E817ADA0-D228-11D6-86CC-00104B700971}) (Version: - )
NetZero Preloader (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
NGIS (HKLM\...\{54355060-9A23-11D4-9D4B-00010240F659}) (Version: 6.0 - SPX Corporation)
NGISCT (HKLM\...\{F9886B58-236B-473E-BA1C-AAB731D1EFF0}) (Version: 1.00.0000 - SPX)
NGISCT (Version: 1.00.0000 - SPX) Hidden
NGISRD (HKLM\...\{1FDC8149-87DC-4261-8935-75BE95A0F8F2}) (Version: 1.00.0000 - SPX Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OKI B4400 Status Monitor (HKLM\...\{AFAD9270-8FB4-4358-A199-662741E2A3B6}) (Version: 1.2.4 - Okidata)
P@H-Protocol (HKLM\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
PictureMover (HKLM\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.7 - Hewlett-Packard Company)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2112 - CyberLink Corp.)
Power2Go (Version: 6.0.2112 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2202 - CyberLink Corp.)
PowerDirector (Version: 7.0.2202 - CyberLink Corp.) Hidden
Protected Folder (HKLM\...\Protected Folder_is1) (Version: - IObit)
Puzzle Express (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}) (Version: - Oberon Media)
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
QuickBooks (Version: 20.0.4017.807 - Intuit Inc.) Hidden
QuickBooks Pro 2010 (HKLM\...\{0700E22B-A422-40A5-BD20-04BF618CA0F9}) (Version: 20.0.4017.807 - Intuit Inc.)
Quicken 2010 (HKLM\...\{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}) (Version: 19.1.1.27 - Intuit)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
Verizon Cloud (HKLM\...\Verizon Cloud) (Version: - Verizon Wireless)
WildTangent Games App (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.5.5 - WildTangent)
WildTangent Games App (HP Games) (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.4.16 - WildTangent)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WixEdit (HKLM\...\{1D44F148-5A2A-42CB-83AA-DB2B156F1ED7}) (Version: 0.7.5 - Jasper Keuper ([email protected]))
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
YTD Toolbar v7.2 (HKLM\...\{4BBD417F-13B6-4477-B7C2-AE705864058D}) (Version: 7.2 - Spigot, Inc.) <==== ATTENTION
Zuma Deluxe (HKLM\...\BFG-Zuma Deluxe) (Version: - )
Zuma's Revenge - Adventure (HKLM\...\BFG-Zumas Revenge - Adventure) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{1B3210AF-E236-46D4-83EF-6421F2FF543C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{1E78DD72-771E-42BF-8B4B-363CEB18E07B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{22664BE2-0806-4BA4-8643-DE40C9149176}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{2A9EBDB5-0600-4E8C-B910-4001BEB2DD8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{349D777D-F7A2-4AAE-967F-A54F05A7FF3B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBFinder.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{38F58721-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\COMObjectFactory.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{38F58742-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{38F58743-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{38F58744-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{45694C5E-84B1-EAB7-2715-BA8B94BFADBB}\InprocServer32 -> C:\Program Files\Common Files\muvee Technologies\071203\addonimportcamera.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{5249684A-D7A2-4DBE-94F4-B90923A7BC64}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{5700330B-D97E-5600-959F-2C33DC75C7F0}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll (Hopster)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{66CAD3BA-8C57-A6BF-F19A-00B02806338D}\InprocServer32 -> C:\Program Files\Common Files\muvee Technologies\071203\addonimportcamera.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{70478C56-E77F-4134-B3E3-3B18EE036D71}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{810CADD9-2658-4820-BA95-30199625191E}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2010\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2010\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{91D69176-2971-DE1F-BD90-704E68D00BC1}\InprocServer32 -> C:\Program Files\Common Files\muvee Technologies\071203\addonimportcamera.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{9F3041F6-9C7A-5252-AD04-F3C9EF05D2D9}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\RevTrax\RevTraxPrintMyCoupon\1.0.0.0\npRevTraxPrintMyCoupon.dll (RevTrax)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{A58C4EAB-2DB8-445E-9CAE-2AE197A5C708}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{AD848A76-F236-5EE2-819B-2BDE7ED40AE7}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Catalina – Print Savings\npBcsKtTcHW.dll (Catalina Marketing Corporation)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{BCD594EA-15C3-4FD8-B92B-114BB9694537}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBCtrIPMDS2.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{CE18240D-F3F8-43AE-9EA0-A0DC85A95375}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{D9BC6FC1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{E3555B8B-D055-3061-7037-B4ED0FE3743D}\InprocServer32 -> C:\Program Files\Common Files\muvee Technologies\071203\addonimportcamera.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{E6E4DF8B-17CE-43ED-B2C7-2CE10457552D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{E7D2D0F6-B754-438D-B5C9-BF848D311A0F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{F9EF917A-E55E-4242-B205-E778395AC313}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx No File
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2010\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2405262934-3323221017-608346938-1000_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
==================== Restore Points =========================
16-04-2015 03:01:12 Windows Update
17-04-2015 09:53:21 Scheduled Checkpoint
18-04-2015 11:19:30 Scheduled Checkpoint
19-04-2015 08:41:00 Scheduled Checkpoint
20-04-2015 08:47:03 Scheduled Checkpoint
21-04-2015 07:41:06 Scheduled Checkpoint
21-04-2015 07:45:56 Windows Update
22-04-2015 11:07:37 Scheduled Checkpoint
22-04-2015 12:44:21 avast! antivirus system restore point
23-04-2015 11:26:37 Scheduled Checkpoint
24-04-2015 08:16:55 Windows Update
24-04-2015 08:17:05 Scheduled Checkpoint
25-04-2015 10:51:16 Scheduled Checkpoint
26-04-2015 11:58:47 Scheduled Checkpoint
27-04-2015 08:22:12 Scheduled Checkpoint
28-04-2015 08:36:23 Windows Update
29-04-2015 08:46:45 Scheduled Checkpoint
30-04-2015 08:13:28 Scheduled Checkpoint
01-05-2015 09:05:23 Windows Update
01-05-2015 12:00:29 Installed Digital Coupon Printer
02-05-2015 12:25:40 Scheduled Checkpoint
03-05-2015 11:21:21 Scheduled Checkpoint
04-05-2015 08:00:36 Scheduled Checkpoint
05-05-2015 09:22:31 Scheduled Checkpoint
05-05-2015 09:26:46 Windows Update
06-05-2015 08:18:55 Scheduled Checkpoint
07-05-2015 09:05:32 Windows Update
08-05-2015 13:09:09 Scheduled Checkpoint
09-05-2015 11:32:33 Scheduled Checkpoint
10-05-2015 08:10:27 Scheduled Checkpoint
11-05-2015 09:29:49 Scheduled Checkpoint
12-05-2015 08:13:34 Scheduled Checkpoint
12-05-2015 08:13:49 Windows Update
13-05-2015 08:16:19 Scheduled Checkpoint
14-05-2015 09:42:32 Scheduled Checkpoint
14-05-2015 16:40:58 Removed SketchUp 2013
15-05-2015 08:14:18 Scheduled Checkpoint
15-05-2015 08:32:05 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E33E75F-3214-4097-921B-BBFCA0D09691} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10] (PC-Doctor, Inc.)
Task: {159A4535-B72A-4F18-874A-6143C9C5ADEE} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
Task: {29C3AABE-D3B1-4F2B-9490-AE2548F44F42} - System32\Tasks\{B908509A-DCAE-4AE7-A39B-6288229EB7CB} => pcalua.exe -a "C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0DKP8M5X\MagicBall2_AOL[1].exe" -d C:\Users\Owner
Task: {32208075-920B-40F0-A48B-0867F526E260} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5BF1EDDA-3BE5-4322-A290-415297766699} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {6364464D-9880-438E-903C-072D32364798} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {987DA3E2-2B2F-4C94-9C64-22B65870846D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Owner => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {BB83377F-F681-48E8-8B5F-BC16D3CDF138} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {BC478719-0271-4E53-A294-BB69F868FC72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {CAFFC522-FCB3-4608-B261-50ECBE94614C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {CDFFC427-46BC-4B31-A02A-6562C9B044F5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {CF5A6B4C-7B68-474D-93D6-649A3A20E996} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {F6F0CEF4-454E-4607-A741-477952CC5251} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-09-16] (Hewlett-Packard)
Task: {F971326B-8A5E-43B6-B8A3-D4CBAA5144B3} - System32\Tasks\{81E21718-12E3-4561-B2D7-995F3DCBFB34} => pcalua.exe -a C:\Users\Owner\Downloads\vbrun60sp5.exe -d C:\Users\Owner\Downloads
Task: {FE8684BF-4142-44AA-89EF-DE0538A2DC1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForOwner.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\ParetoLogic Registration.job => C:\Windows\system32\rundll32.exe C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml
==================== Loaded Modules (Whitelisted) ==============
2015-04-22 12:46 - 2015-04-22 12:46 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 12:46 - 2015-04-22 12:46 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-15 08:13 - 2015-05-15 08:13 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051500\algo.dll
2015-05-15 14:35 - 2015-05-15 14:35 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051501\algo.dll
2008-10-17 20:57 - 2008-10-17 20:57 - 00881960 ____N () C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-03-13 16:02 - 2015-04-22 12:46 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-09 13:14 - 2013-07-24 09:24 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2008-10-17 13:32 - 2008-10-17 13:32 - 00057344 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-10-17 13:39 - 2008-10-17 13:39 - 00032768 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-10-17 13:32 - 2008-10-17 13:32 - 00118784 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-10-17 13:32 - 2008-10-17 13:32 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-10-17 13:32 - 2008-10-17 13:32 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-10-17 13:32 - 2008-10-17 13:32 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-18 03:46 - 2009-04-11 02:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2008-10-17 13:32 - 2008-10-17 13:32 - 00010240 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-10-17 13:32 - 2008-10-17 13:32 - 00007168 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:00F7B10F
AlternateDataStreams: C:\ProgramData\Temp:1992908D
AlternateDataStreams: C:\ProgramData\Temp:21C2E351
AlternateDataStreams: C:\ProgramData\Temp:4BB26BE9
AlternateDataStreams: C:\ProgramData\Temp:62A1ED40
AlternateDataStreams: C:\ProgramData\Temp:895798AD
AlternateDataStreams: C:\ProgramData\Temp:8CE646EE
AlternateDataStreams: C:\ProgramData\Temp:9033BDFB
AlternateDataStreams: C:\ProgramData\Temp:9503D766
AlternateDataStreams: C:\ProgramData\Temp:9F603103
AlternateDataStreams: C:\ProgramData\Temp:A1D3FEF0
AlternateDataStreams: C:\ProgramData\Temp:A2B9AD4B
AlternateDataStreams: C:\ProgramData\Temp:DB549D28
AlternateDataStreams: C:\ProgramData\Temp:DCAF903C
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2405262934-3323221017-608346938-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 10.1.10.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\Windows\pss\LimeWire On Startup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Aim => "C:\Program Files\AIM\aim.exe" /d locale=en-US
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B57B8239-FC5C-48EE-A745-126A94CCF75E}] => (Allow) c:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{A50A96B4-0900-48DF-A302-41D2472F453E}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{6914C447-EC39-4B62-833E-CF8DF72746C8}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{1162D46D-943B-4A68-A638-7FD699C8B460}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{61A05C15-58FD-4CFA-9540-880FDA70E189}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{A1647596-1F99-446E-8E60-8B9B6DA1D09F}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{81604A3A-605C-4DE1-909C-03575368850E}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A82A2F66-D74A-496F-9068-A5DCE94BCAF7}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{9390706E-7278-469F-9BFF-4664197BC424}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{8D657C82-DD0C-4447-BA7F-0B3D329737C5}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{E6D6700A-1073-407E-9E6B-3330DC828CFF}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{0D23A54B-92C9-4428-8366-5B1ECDD07BB9}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{EAEEF4BC-EDC9-41CD-B1DD-98F731391CB5}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{732B27FF-DF56-4DFB-861A-C928D7D518ED}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0059F3EB-A63F-4A97-B057-12AB795F53FD}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{61B98EB4-50D2-480F-B06F-E104FD4758EB}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{B39936E3-447B-4C0D-B5BA-B9E10F3AE1D0}] => (Allow) C:\Program Files\AIM6\aim6.exe
FirewallRules: [{BD07CA77-74CD-4B55-ADF7-34BDD6A081B4}] => (Allow) C:\Program Files\AIM6\aim6.exe
FirewallRules: [{3502D163-841B-47C1-97AF-A77CB43D6530}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [{0234F9E3-D016-435D-8D1E-AC3657A5F5ED}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [TCP Query User{1DCDBD27-81F5-4DC4-8023-8765DD1206DD}C:\program files\hp games\penguins arena\penguinsarena.exe] => (Block) C:\program files\hp games\penguins arena\penguinsarena.exe
FirewallRules: [UDP Query User{19F7FE6E-F845-4C1D-8022-D4FF90E936B4}C:\program files\hp games\penguins arena\penguinsarena.exe] => (Block) C:\program files\hp games\penguins arena\penguinsarena.exe
FirewallRules: [TCP Query User{9CC9C116-B026-4AD6-8C6E-C5854B99AD39}C:\program files\sony\station\launchpad\launchpad.exe] => (Allow) C:\program files\sony\station\launchpad\launchpad.exe
FirewallRules: [UDP Query User{D9E47A91-9609-458D-9F5D-E74F4CFCE6B8}C:\program files\sony\station\launchpad\launchpad.exe] => (Allow) C:\program files\sony\station\launchpad\launchpad.exe
FirewallRules: [{D57CB2DF-EEC7-4DBA-8256-439965DB8277}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{FF4C1714-92EF-42C5-A02F-521E37869EC8}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{28A971C4-C9CA-4643-BC04-A82CF78D9154}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zSCABE.tmp\SymNRT.exe
FirewallRules: [{57F40BB8-DDB5-43B0-8734-D3C28BAA3418}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zSCABE.tmp\SymNRT.exe
FirewallRules: [{05AD1103-30CC-414B-970F-B8B5195B007F}] => (Allow) LPort=80
FirewallRules: [{BC731AD1-38EA-4500-B4CA-0E12C1FD0966}] => (Allow) LPort=80
FirewallRules: [{806FF93C-817B-445A-A402-2E0EE8FE1B6F}] => (Allow) LPort=80
FirewallRules: [TCP Query User{B4B32B87-FC8F-424D-AB98-C9AF63D5D9B6}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{B823EF7F-C7C5-421D-8DEC-B30A78943C66}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{88F6FC11-D428-4AE4-8D42-157045E5F1FE}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{18F93D7B-4072-4347-BAC8-92C9D5DD1F51}C:\ngis\ngis remote update.exe] => (Allow) C:\ngis\ngis remote update.exe
FirewallRules: [UDP Query User{536B3B09-A7B5-48A4-B9BC-7A1559ACAEDD}C:\ngis\ngis remote update.exe] => (Allow) C:\ngis\ngis remote update.exe
FirewallRules: [TCP Query User{0CFF8002-0524-4079-8C24-E2CC57576FEF}C:\tgpfiles\pts.exe] => (Allow) C:\tgpfiles\pts.exe
FirewallRules: [UDP Query User{84F05FB5-E96E-4865-88BF-BB036F43C074}C:\tgpfiles\pts.exe] => (Allow) C:\tgpfiles\pts.exe
FirewallRules: [TCP Query User{0D91C359-D4E3-4B48-B8E5-F1365FC48AB4}C:\tgpfiles\sceduler.exe] => (Allow) C:\tgpfiles\sceduler.exe
FirewallRules: [UDP Query User{726FB520-5932-4DE3-AD5F-9043350A4555}C:\tgpfiles\sceduler.exe] => (Allow) C:\tgpfiles\sceduler.exe
FirewallRules: [TCP Query User{6AA51F86-29CF-473E-864A-CEDCC7EC944D}C:\tgpfiles\process.exe] => (Block) C:\tgpfiles\process.exe
FirewallRules: [UDP Query User{E5DF342E-1216-4845-96F0-DA29B5D481E8}C:\tgpfiles\process.exe] => (Block) C:\tgpfiles\process.exe
FirewallRules: [TCP Query User{EEA88BBA-3D77-4778-B114-A35024B67A5E}C:\tgpfiles\cbook.exe] => (Allow) C:\tgpfiles\cbook.exe
FirewallRules: [UDP Query User{9D2C36AE-5047-4973-B4E5-E2D5400E11EC}C:\tgpfiles\cbook.exe] => (Allow) C:\tgpfiles\cbook.exe
FirewallRules: [{91D84A62-109B-47EF-B9DC-41179C0AA49F}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{FC26E561-7CEB-497A-B5B3-8AD583934EAD}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{C94E92EF-5286-42C2-A209-09FF799AF01E}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [TCP Query User{24003A94-46A8-4F02-8FB7-BCBDFB3835E7}C:\program files\verizon cloud\verizon.exe] => (Allow) C:\program files\verizon cloud\verizon.exe
FirewallRules: [UDP Query User{19A08B97-BF2B-442B-BB64-A1AFD30F67F4}C:\program files\verizon cloud\verizon.exe] => (Allow) C:\program files\verizon cloud\verizon.exe
FirewallRules: [{EF3A22EB-FC29-477A-A6F9-7672AC6B0BAE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{52A3FA41-0DC2-4E54-8DFF-CB65BC308229}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A21DE37F-A269-4897-9066-E5D73808E8B4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F71E68A2-DEB2-4453-AE9E-48AC48286FDD}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4E4D7644-9804-4977-9F2D-59CA3F4AF5B9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{97AAE6B0-C0AD-459A-9580-DA685FB816D7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A657A32A-D709-4ED0-8603-AFCF3B2213BB}] => (Allow) LPort=15600
FirewallRules: [{B7AD7CC1-6EC6-4163-8EB8-A37E7AF55092}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2015 02:38:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 9.0.8112.16636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: ee8
Start Time: 01d08f3db1092383
Termination Time: 14
Error: (05/15/2015 02:38:21 PM) (Source: HP AdvisorUpdate) (EventID: 0) (User: )
Description: Could not find a part of the path 'C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd'. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
at System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
at System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext)
at System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri)
at HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String path) ValidateDocument failed Business\SearchTargets.xml
Error: (05/15/2015 02:31:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/15/2015 01:15:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/15/2015 01:14:35 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (05/15/2015 10:54:58 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2010":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1036 from function:'DBMgr::DBConnPool::init'
Error: (05/15/2015 10:54:58 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2010":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_20; ;DBF=C:\Users\Public\Documents\Intuit\QuickBooks\Company Files\NIPER'S AUTO REPAIR.QBW;ENG=QB_data_engine_20;DBN=9d77e0bda3364dd8bfdf4ce3a22e5bff
Error: (05/15/2015 10:54:58 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2010":
Connection Error:Invalid user ID or password
Error: (05/15/2015 10:54:51 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (05/15/2015 10:54:51 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
System errors:
=============
Error: (05/15/2015 02:42:06 PM) (Source: nvstor32) (EventID: 5) (User: )
Description: A parity error was detected on \Device\RaidPort0.
Error: (05/15/2015 02:31:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Superfetch%%2
Error: (05/15/2015 02:31:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/15/2015 01:15:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
spldr
Wanarpv6
Error: (05/15/2015 01:15:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068
Error: (05/15/2015 01:14:56 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (05/15/2015 01:14:56 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (05/15/2015 01:14:39 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (05/15/2015 01:14:35 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (05/15/2015 01:14:27 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-05-15 14:53:55.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 14:53:54.509
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 14:53:53.584
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 14:53:52.640
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 13:27:02.917
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 13:27:02.215
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 13:27:01.513
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 13:27:00.842
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 13:27:00.140
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-15 13:26:59.438
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon™ 64 X2 Dual Core Processor 5000+
Percentage of memory in use: 42%
Total physical RAM: 2941.83 MB
Available physical RAM: 1699.64 MB
Total Pagefile: 6110.16 MB
Available Pagefile: 4844.6 MB
Total Virtual: 2047.88 MB
Available Virtual: 1884.31 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:286.43 GB) (Free:170.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.66 GB) (Free:1.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:7.45 GB) (Free:7.37 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=286.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Thank you in advance for your help
Edited by tniper, 15 May 2015 - 02:08 PM.
Sign In
Create Account
