Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Browser redirect virus?

Started by Barefeetpete , May 29 2015 07:02 PM
browser redirect

  • This topic is locked This topic is locked

#1
Barefeetpete
Posted 29 May 2015 - 07:02 PM

Barefeetpete

    New Member

  • Member
  • Pip
  • 3 posts

Hi - both my browsers chrome and IE7 constantly redirect me to blank page sites such as s.7addthis.com static.facbook, static.twitter etc, etc,

 

So far I've tried entering safe mode and checking msconfig. Resetting browser defaults and LAN settings and I've gone through a disk clean up.

 

I have also tried the following software.

TDSSkiller

ADWcleaner

Malwarebytes

 

and I am running avast.

 

I am not brilliantly computer literate and so I thank anyone in advance that can help me put this right. I've wated what seems like days on it so far and it's totally twisting my melon.

 

Many thanks,

 

Pete

 

Here goes.......

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
Ran by Pete (administrator) on PETE-PC on 30-05-2015 07:32:56
Running from C:\Users\Pete\Desktop
Loaded Profiles: Pete (Available Profiles: Pete)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {3be5afd1-1b3e-11e1-919c-00030dd52f6a} - F:\Windows\Install.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {407c0e21-39f4-11e1-9375-00030dd52f6a} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {504fe4f4-09a0-11e1-a87c-00030dd52f6a} - E:\Setup.exe /Auto
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {5906f55f-9b6a-11e3-889b-00030dd52f6a} - F:\Setup.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {5fcf842a-3b37-11e1-8fe0-00030dd52f6a} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {60b264ee-e270-11e1-8653-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {63ffb6c7-e1af-11e0-b6ed-00030dd52f6a} - F:\Windows\Install.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {6d578a9a-d91a-11e1-95e1-ac21c2a00374} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {6d578a9d-d91a-11e1-95e1-ac21c2a00374} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {6d578ab3-d91a-11e1-95e1-ac21c2a00374} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {6d578bb4-d91a-11e1-95e1-ac21c2a00374} - F:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {6d578cc7-d91a-11e1-95e1-ac21c2a00374} - E:\Setup.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {7ab87936-369d-11e1-8f51-00030dd52f6a} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {7ab8793b-369d-11e1-8f51-00030dd52f6a} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {8d9d12fd-d521-11e1-8513-00030dd52f6a} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {8d9d1302-d521-11e1-8513-00030dd52f6a} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {9559c2af-6640-11df-981c-806e6f6e6963} - E:\LaunchU3.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {9d6a26b3-d524-11e1-8666-00030dd52f6a} - E:\AutoRun.exe
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\MountPoints2: {ca3bd04a-35e1-11e1-90f1-00030dd52f6a} - E:\Windows\Install.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-28] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = 
SearchScopes: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-22] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-28] (Avast Software s.r.o.)
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/Photosynth,version=2.0 -> C:\Program Files\Photosynth\npPhotosynthMozilla.dll [2011-03-04] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin HKU\S-1-5-21-2765806483-2848671187-2391883295-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017319.dll [2012-09-25] (Amazon.com, Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-28]
 
Chrome: 
=======
CHR Profile: C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-09]
CHR Extension: (Google Drive) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-09]
CHR Extension: (Adguard AdBlocker) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-05-29]
CHR Extension: (YouTube) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-27]
CHR Extension: (Google Search) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-27]
CHR Extension: (Block site) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2015-05-24]
CHR Extension: (Bookmark Manager) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR Extension: (Gmail) - C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-28]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
S4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-28] (Avast Software)
S4 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-31] (Google)
S4 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] () [File not signed]
S4 lxdfCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdfserv.exe [99248 2007-05-30] (Lexmark International, Inc.)
S4 lxdf_device; C:\Windows\system32\lxdfcoms.exe [598960 2007-05-30] ( )
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [25728 2011-03-22] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-28] ()
S3 CT_QUALCOMM_U_drv; C:\Windows\System32\DRIVERS\CT_QUALCOMM_U_drv.sys [103552 2009-04-27] (QUALCOMM Incorporated)
R2 LiveGpdKBFilter; C:\Windows\system32\Drivers\LiveGpdKBFilter.sys [4096 2009-05-06] (Windows ® Win 7 DDK provider)
R2 LiveIO; C:\Windows\system32\Drivers\LiveIO.sys [15312 2009-05-11] ()
R3 Livekbc; C:\Windows\system32\Drivers\Livekbc.sys [4096 2009-05-06] (Systems Internals) [File not signed]
R3 Livemouclass; C:\Windows\system32\Drivers\Livemouclass.sys [3968 2009-05-06] (Systems Internals) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 qcusbser; C:\Windows\System32\DRIVERS\FXX\qcusbser.sys [103424 2011-03-22] (QUALCOMM Incorporated)
R3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [372224 2009-07-01] (Realtek Semiconductor Corporation                           )
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2014-02-07] (The OpenVPN Project)
S3 USB_BusEnum_T; C:\Windows\System32\DRIVERS\USB_BusEnum_T.sys [38400 2009-11-05] ()
S3 USB_ETS_T; C:\Windows\System32\DRIVERS\USB_ETS_T.sys [16128 2008-05-29] (Via Telecom, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-28] (Avast Software)
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 UsbModemDriver; system32\DRIVERS\USB_MODEM_T.sys [X]
S3 USB_WinMux_T; system32\DRIVERS\USB_WinMux_T.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-30 07:32 - 2015-05-30 07:33 - 00014725 _____ () C:\Users\Pete\Desktop\FRST.txt
2015-05-30 07:32 - 2015-05-30 07:33 - 00000000 ____D () C:\FRST
2015-05-30 07:28 - 2015-05-30 07:28 - 01147392 _____ (Farbar) C:\Users\Pete\Desktop\FRST.exe
2015-05-29 14:00 - 2015-05-29 14:00 - 00000000 ____D () C:\Windows\pss
2015-05-29 04:46 - 2015-05-29 04:46 - 00000726 _____ () C:\Users\Pete\AppData\Local\recently-used.xbel
2015-05-25 06:52 - 2015-05-30 07:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-25 06:51 - 2015-05-25 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-25 06:51 - 2015-05-25 06:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-25 06:51 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-25 06:51 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-25 06:51 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-24 15:02 - 2015-05-26 04:00 - 00000000 ____D () C:\Users\Pete\Desktop\mum
2015-05-24 10:27 - 2015-05-24 10:27 - 00096240 _____ () C:\Users\Pete\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-24 10:18 - 2015-05-25 18:12 - 00000000 ____D () C:\AdwCleaner
2015-05-22 10:06 - 2015-05-26 04:21 - 00002096 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-22 10:06 - 2015-05-22 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-22 10:01 - 2015-05-30 07:17 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 10:01 - 2015-05-30 04:31 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 07:57 - 2015-04-28 15:02 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-22 07:14 - 2015-05-22 07:15 - 00000000 ____D () C:\sh4ldr
2015-05-22 05:54 - 2015-05-22 07:02 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-14 03:38 - 2015-05-01 20:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 04:30 - 2015-04-22 08:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 04:30 - 2015-04-21 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 04:30 - 2015-04-21 23:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 04:30 - 2015-04-21 23:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 04:30 - 2015-04-21 23:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 04:30 - 2015-04-21 23:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 04:30 - 2015-04-21 23:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 04:30 - 2015-04-21 23:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 04:30 - 2015-04-21 23:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 04:30 - 2015-04-21 23:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 04:30 - 2015-04-21 23:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 04:30 - 2015-04-21 23:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 04:30 - 2015-04-21 22:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 04:30 - 2015-04-21 22:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 04:30 - 2015-04-21 22:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 04:30 - 2015-04-21 22:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 04:30 - 2015-04-21 22:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 04:30 - 2015-04-21 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 04:30 - 2015-04-21 22:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 04:30 - 2015-04-21 22:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 04:30 - 2015-04-21 22:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 04:30 - 2015-04-21 22:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 04:30 - 2015-04-21 22:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 04:30 - 2015-04-21 22:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 04:30 - 2015-04-21 22:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 04:30 - 2015-04-21 22:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 04:30 - 2015-04-21 22:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 04:30 - 2015-04-21 21:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 04:30 - 2015-04-21 21:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 04:29 - 2015-04-21 23:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 04:29 - 2015-04-21 22:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 04:29 - 2015-04-21 22:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 04:27 - 2015-01-29 10:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 04:17 - 2015-04-28 02:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-13 04:17 - 2015-04-28 02:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 04:17 - 2015-04-28 02:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 04:17 - 2015-04-28 02:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 04:17 - 2015-04-28 02:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 04:17 - 2015-04-28 02:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 04:17 - 2015-04-28 02:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 04:17 - 2015-04-28 02:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 04:17 - 2015-04-28 02:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 04:17 - 2015-04-28 02:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 04:17 - 2015-04-28 02:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 04:17 - 2015-04-28 02:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 04:17 - 2015-04-28 02:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 04:17 - 2015-04-28 02:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 04:17 - 2015-04-28 02:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 04:17 - 2015-04-28 02:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 04:17 - 2015-04-28 02:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 04:17 - 2015-04-28 02:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 04:17 - 2015-04-28 02:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 04:17 - 2015-04-28 02:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 04:17 - 2015-04-28 02:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 04:17 - 2015-04-28 02:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 04:17 - 2015-04-28 01:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 04:17 - 2015-04-28 01:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 04:17 - 2015-04-28 01:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 04:16 - 2015-05-05 08:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 04:16 - 2015-04-20 09:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 04:16 - 2015-04-20 09:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 04:16 - 2015-04-20 09:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 04:16 - 2015-04-18 09:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 04:16 - 2015-04-13 10:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 04:11 - 2015-03-04 11:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 04:11 - 2015-03-04 11:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 04:11 - 2015-03-04 11:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 04:11 - 2015-03-04 11:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 04:10 - 2015-04-08 10:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 04:10 - 2015-04-08 10:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 04:09 - 2015-02-18 14:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-30 07:31 - 2009-07-14 11:34 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-30 07:31 - 2009-07-14 11:34 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 07:14 - 2013-02-02 15:56 - 00000000 ____D () C:\Users\Pete\AppData\Roaming\Dropbox
2015-05-30 06:36 - 2013-09-08 14:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-30 06:29 - 2009-11-07 00:03 - 01603427 _____ () C:\Windows\WindowsUpdate.log
2015-05-30 04:30 - 2012-03-03 12:05 - 00111483 _____ () C:\Windows\setupact.log
2015-05-30 04:30 - 2009-07-14 11:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 13:31 - 2013-07-23 04:15 - 00000000 ____D () C:\Users\Pete\Desktop\The Mango_files
2015-05-29 05:28 - 2015-03-28 11:51 - 00000000 ____D () C:\Users\Pete\Desktop\BBQ
2015-05-28 16:09 - 2014-09-20 06:13 - 00000000 ____D () C:\Users\Pete\Desktop\surfimage
2015-05-28 13:22 - 2009-09-03 21:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-25 18:13 - 2009-09-03 22:24 - 01402204 _____ () C:\Windows\PFRO.log
2015-05-25 09:54 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-25 07:39 - 2013-06-28 14:04 - 00000000 ____D () C:\ProgramData\saffee Savoe
2015-05-25 06:51 - 2012-06-24 07:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-23 03:00 - 2015-04-05 03:34 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-22 11:22 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\registration
2015-05-22 10:06 - 2009-09-03 20:45 - 00000000 ____D () C:\Program Files\Google
2015-05-22 10:01 - 2010-08-24 15:20 - 00000000 ____D () C:\Users\Pete\AppData\Local\Deployment
2015-05-22 09:10 - 2009-08-03 15:18 - 00786598 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-22 09:03 - 2009-11-07 00:03 - 00000000 ____D () C:\Users\Pete
2015-05-22 07:58 - 2015-04-28 15:05 - 00001970 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-22 07:48 - 2013-08-30 10:13 - 00000000 ____D () C:\Program Files\Smartfren Connex Modem
2015-05-22 07:48 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-14 06:38 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\rescache
2015-05-14 04:03 - 2009-07-14 11:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-14 04:03 - 2009-07-14 11:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU(15).TXT
2015-05-14 04:03 - 2009-07-14 11:33 - 00380448 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 04:02 - 2009-09-03 20:45 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 03:59 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 03:18 - 2009-09-02 03:49 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 03:17 - 2010-06-04 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
 
==================== Files in the root of some directories =======
 
2009-11-10 23:48 - 2013-03-02 14:24 - 0000318 _____ () C:\Users\Pete\AppData\Roaming\wklnhst.dat
2011-02-15 21:38 - 2013-01-12 12:20 - 0012288 _____ () C:\Users\Pete\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-13 05:51 - 2012-06-12 08:25 - 0004096 ____H () C:\Users\Pete\AppData\Local\keyfile3.drm
2015-05-29 04:46 - 2015-05-29 04:46 - 0000726 _____ () C:\Users\Pete\AppData\Local\recently-used.xbel
2011-06-22 09:39 - 2011-06-22 09:40 - 0000000 _____ () C:\Users\Pete\AppData\Local\{03424EE6-5466-4D0D-8E77-BD9E9BE975EE}
2011-05-06 08:40 - 2011-05-06 08:40 - 0000000 _____ () C:\Users\Pete\AppData\Local\{0EF99317-952D-4D7E-82AF-F051770EB932}
2011-06-26 07:25 - 2011-06-26 07:25 - 0000000 _____ () C:\Users\Pete\AppData\Local\{3FB9C12C-3322-4022-B4E1-A7CE9140B7B3}
2009-11-09 21:56 - 2009-11-11 19:17 - 0000102 _____ () C:\ProgramData\lxdf
2012-01-24 09:35 - 2012-01-24 09:35 - 0005104 _____ () C:\ProgramData\qjaxlkio.dss
2010-11-19 19:24 - 2010-11-19 19:24 - 0913749 _____ () C:\ProgramData\SPL10DB.tmp
2010-12-09 21:47 - 2010-12-09 21:47 - 2735491 _____ () C:\ProgramData\SPL19BD.tmp
2009-11-11 17:16 - 2009-11-11 17:16 - 2777460 _____ () C:\ProgramData\SPL254.tmp
2010-07-09 16:10 - 2010-07-09 16:10 - 0519768 _____ () C:\ProgramData\SPL2AB8.tmp
2009-11-11 18:51 - 2009-11-11 18:51 - 0286513 _____ () C:\ProgramData\SPL30D4.tmp
2009-11-11 17:25 - 2009-11-11 17:25 - 2777460 _____ () C:\ProgramData\SPL365F.tmp
2009-11-11 19:13 - 2009-11-11 19:13 - 0286513 _____ () C:\ProgramData\SPL40A9.tmp
2010-05-18 20:16 - 2010-05-18 20:16 - 0694702 _____ () C:\ProgramData\SPL48A1.tmp
2009-11-11 17:38 - 2009-11-11 17:38 - 0291857 _____ () C:\ProgramData\SPL6170.tmp
2009-11-11 16:46 - 2009-11-11 16:46 - 0052084 _____ () C:\ProgramData\SPL7B78.tmp
2010-12-17 20:12 - 2010-12-17 20:12 - 0302600 _____ () C:\ProgramData\SPL8258.tmp
2010-07-09 16:28 - 2010-07-09 16:28 - 0519768 _____ () C:\ProgramData\SPL8361.tmp
2010-10-04 18:03 - 2010-10-04 18:03 - 0073624 _____ () C:\ProgramData\SPL8A1B.tmp
2010-08-19 15:31 - 2010-08-19 15:31 - 6100324 _____ () C:\ProgramData\SPL8C7C.tmp
2010-05-18 19:50 - 2010-05-18 19:50 - 0524116 _____ () C:\ProgramData\SPL90C1.tmp
2009-11-18 20:34 - 2009-11-18 20:34 - 15228454 _____ () C:\ProgramData\SPL91B3.tmp
2010-07-21 15:08 - 2010-07-21 15:08 - 4196013 _____ () C:\ProgramData\SPL95AA.tmp
2010-12-17 19:43 - 2010-12-17 19:43 - 0302600 _____ () C:\ProgramData\SPL9702.tmp
2010-09-03 16:55 - 2010-09-03 16:55 - 0387377 _____ () C:\ProgramData\SPL9929.tmp
2010-02-23 21:58 - 2010-02-23 21:58 - 4020308 _____ () C:\ProgramData\SPL9AC0.tmp
2009-11-11 17:31 - 2009-11-11 17:31 - 2777460 _____ () C:\ProgramData\SPLAD7D.tmp
2009-11-11 17:29 - 2009-11-11 17:29 - 2777460 _____ () C:\ProgramData\SPLB201.tmp
2010-09-03 16:59 - 2010-09-03 16:59 - 0387377 _____ () C:\ProgramData\SPLB224.tmp
2010-12-09 21:46 - 2010-12-09 21:46 - 2735491 _____ () C:\ProgramData\SPLB294.tmp
2011-01-26 16:35 - 2011-01-26 16:35 - 0332061 _____ () C:\ProgramData\SPLC488.tmp
2010-05-18 20:25 - 2010-05-18 20:25 - 0372952 _____ () C:\ProgramData\SPLD961.tmp
2009-11-18 20:25 - 2009-11-18 20:25 - 15228454 _____ () C:\ProgramData\SPLDD.tmp
2010-10-04 18:01 - 2010-10-04 18:01 - 0777300 _____ () C:\ProgramData\SPLDF10.tmp
2010-05-18 19:39 - 2010-05-18 19:39 - 0291992 _____ () C:\ProgramData\SPLE875.tmp
2010-05-06 16:47 - 2010-05-06 16:47 - 16489132 _____ () C:\ProgramData\SPLF7B2.tmp
 
Files to move or delete:
====================
C:\ProgramData\qjaxlkio.dss
 
 
Some files in TEMP:
====================
C:\Users\Pete\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnullze.dll
C:\Users\Pete\AppData\Local\Temp\Quarantine.exe
C:\Users\Pete\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pete\AppData\Local\Temp\sqlite3.dll
C:\Users\Pete\AppData\Local\Temp\{AEBD749C-1A6C-4644-8AF2-E2CD5D2D49F3}-37.0.2062.120_chrome_installer.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-24 00:07
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015
Ran by Pete at 2015-05-30 07:34:23
Running from C:\Users\Pete\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2765806483-2848671187-2391883295-500 - Administrator - Disabled)
Guest (S-1-5-21-2765806483-2848671187-2391883295-501 - Limited - Disabled)
Pete (S-1-5-21-2765806483-2848671187-2391883295-1001 - Administrator - Enabled) => C:\Users\Pete
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Pete\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Pete\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll No File
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}\InprocServer32 -> C:\Users\Pete\AppData\Local\Tbccint\Community Alerts\Alert.dll No File
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{1EF21888-3BD8-4064-BAD3-4BF694952652}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\WLPG.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Pete\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Pete\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Pete\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017319.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Pete\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
 
==================== Restore Points =========================
 
27-05-2015 05:44:15 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 09:04 - 2009-06-11 04:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {100A9814-198A-44A2-8D88-9E1C9802391B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
Task: {1FC4580D-E2D7-45DF-9F04-E636D0198CB0} - System32\Tasks\{A6CCF432-8D6E-4180-8353-BC3C64066B6C} => C:\Program Files\Hotspot Shield\bin\HSSCP.exe
Task: {3839D7D4-C7BE-42F4-82DA-C2784021A4BD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-28] (Avast Software s.r.o.)
Task: {5BC708D4-DFE1-4CE0-B740-7B61554B68B7} - System32\Tasks\{453AD51E-3C23-4FD9-AE4A-9CA4C6C14690} => C:\Program Files\Hotspot Shield\bin\HSSCP.exe
Task: {63D3E5FF-F739-4FBF-AE12-158C2F0F59A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {6EA4D75F-BABE-4858-B2A2-CAA30D86CB0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {8C13C5A2-2B86-4594-BBB7-0D42F67EC15D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
Task: {C9CCFDB3-A1A6-4C4D-9524-EB02E11A6D3D} - System32\Tasks\{31A99FE1-DE55-4E82-979C-277C0ED5F239} => Iexplore.exe http://ui.skype.com/...ffered;disabled
Task: {D8ED6609-81FB-4E94-B4FC-6D87ECA1CECF} - System32\Tasks\{53059015-9295-41F6-8FB1-C061C1863682} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {DECF4B75-732D-4776-B4CD-60BEB499CF83} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2009-11-11 18:40 - 2007-05-25 02:41 - 00045056 _____ () C:\Windows\System32\LXDFPMON.DLL
2009-11-11 18:40 - 2007-04-10 05:59 - 00069632 _____ () C:\Windows\System32\LXDFOEM.DLL
2009-11-11 18:40 - 2009-04-17 17:15 - 00032768 _____ () C:\Program Files\Lexmark 6500 Series\ipcmt.dll
2009-11-11 18:42 - 2007-05-26 08:42 - 00113664 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxdfdrpp.dll
2015-05-26 04:20 - 2015-05-23 03:22 - 01281864 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 04:20 - 2015-05-23 03:22 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-26 04:20 - 2015-05-23 03:22 - 14982472 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:054203E4
AlternateDataStreams: C:\ProgramData\TEMP:661DFA1C
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\public8media.com -> www.public8media.com
IE restricted site: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\searchnu.com -> www.searchnu.com
IE restricted site: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\searchnu.com -> hxxp://www.searchnu.com
IE restricted site: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\sitexcite.com -> sitexcite.com
IE restricted site: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\text-enhance.com -> text-enhance.com
IE restricted site: HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\...\textsrv.com -> textsrv.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2765806483-2848671187-2391883295-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pete\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: AvastVBoxSvc => 3
MSCONFIG\Services: GoogleDesktopManager-051210-111108 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HWDeviceService.exe => 2
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: lxdfCATSCustConnectService => 2
MSCONFIG\Services: lxdf_device => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: RapportMgmtService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CineForm Status.lnk => C:\Windows\pss\CineForm Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launch.lnk => C:\Windows\pss\Launch.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OSD.lnk => C:\Windows\pss\OSD.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Pete^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk => C:\Windows\pss\BBC iPlayer Desktop.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pete^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Pete\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: CheckNDISPort => C:\Program Files\Smartfren Connex Modem\CheckNDISPort.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Lexmark 6500 Series Fax Server => "C:\Program Files\Lexmark 6500 Series\fm3032.exe" /s
MSCONFIG\startupreg: lxdfamon => "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe"
MSCONFIG\startupreg: lxdfmon.exe => "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\Hi Suite\Hi Suite.exe -s
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Reminder => C:\Program Files\TTG\Reminder\Reminder.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{9CFA9763-12A0-483D-91CC-D84FE0BC6BDD}] => (Allow) C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{6704B4FD-6950-4E21-916E-A05F4CA3BC6C}] => (Allow) C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{07DA3EF5-6F40-4D45-8BB5-90F3986E1B0A}] => (Allow) C:\Program Files\Lexmark 6500 Series\lxdfmon.exe
FirewallRules: [{54577358-8377-474E-BA4D-805FF118AD10}] => (Allow) C:\Program Files\Lexmark 6500 Series\lxdfmon.exe
FirewallRules: [{E8C59849-E857-4FC2-9C1C-1B1F54890B6D}] => (Allow) C:\Windows\System32\lxdfcfg.exe
FirewallRules: [{7BA7B4DC-D498-4AFD-AB62-F6EAB5D04721}] => (Allow) C:\Windows\System32\lxdfcfg.exe
FirewallRules: [{8D53DBA5-1F1B-4AA0-99FC-52354B898EFD}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdftime.exe
FirewallRules: [{23D26E00-ECF1-4081-A5C3-A351F1AD008A}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdftime.exe
FirewallRules: [{F9A78FA8-AAD7-455A-A327-1700F12EBAE3}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdfjswx.exe
FirewallRules: [{12B4AC30-1B9E-4BA9-BE35-12C5EC2EC293}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdfjswx.exe
FirewallRules: [{8811E400-F87C-42FA-A993-623585616ADA}] => (Allow) C:\Windows\System32\lxdfcoms.exe
FirewallRules: [{4F19C137-DABC-4A35-8FA9-1DA703172F62}] => (Allow) C:\Windows\System32\lxdfcoms.exe
FirewallRules: [{92512C1A-3D80-4B4F-98A1-3DFED24BAD4F}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdfpswx.exe
FirewallRules: [{7BEFB3DB-1293-4924-B95F-1C9E65D9C364}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdfpswx.exe
FirewallRules: [{20E4A999-132E-493E-B985-04EE287B83C6}] => (Allow) C:\Program Files\Lexmark 6500 Series\lxdfamon.exe
FirewallRules: [{733926D7-F662-4464-B1DC-341730CF1A34}] => (Allow) C:\Program Files\Lexmark 6500 Series\lxdfamon.exe
FirewallRules: [{AD2B7B94-C700-43CE-8867-C993E62496C4}] => (Allow) C:\Program Files\Lexmark 6500 Series\frun.exe
FirewallRules: [{307DFFA4-D1E8-4F8C-89DF-37A3C9F1DE20}] => (Allow) C:\Program Files\Lexmark 6500 Series\frun.exe
FirewallRules: [{168E9D98-2448-489F-83D4-A40AEC3CCC95}] => (Allow) C:\Program Files\Lexmark 6500 Series\LXDFFax.exe
FirewallRules: [{5A4841B8-65DC-4C40-8292-FA0A94A3AABD}] => (Allow) C:\Program Files\Lexmark 6500 Series\LXDFFax.exe
FirewallRules: [TCP Query User{6CF88CE0-9FE9-4683-B35A-BC533F4F2579}C:\program files\lexmark 6500 series\lxdfmon.exe] => (Block) C:\program files\lexmark 6500 series\lxdfmon.exe
FirewallRules: [UDP Query User{EC33C4E5-A3D3-4015-A913-145F4CD71564}C:\program files\lexmark 6500 series\lxdfmon.exe] => (Block) C:\program files\lexmark 6500 series\lxdfmon.exe
FirewallRules: [TCP Query User{FC77AF6D-37AB-4DCA-8A59-1BABC8E3F02C}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [UDP Query User{0A5608FE-BBC1-4C10-9031-6060AB5D5903}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [TCP Query User{75D040F2-F8D0-464D-B221-AB11EC9B3C5D}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{31AE7C73-EB14-4747-9855-D925C39440DE}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{1776BF5D-DBF6-44B5-815C-E778B26EF96C}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{7973A899-D0CB-4E7D-8CBA-AC525F093EC4}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{1AF6AE5D-4142-461A-92AB-CBAAD9E7D4C2}] => (Allow) C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{7CC606A1-41B4-4B45-9072-841191E9CA92}] => (Allow) C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{C66019D3-9E44-4B3E-AA3B-2A8855C2ADFE}] => (Allow) C:\Users\Pete\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{73D47F51-D224-4252-A8D1-66617C617391}] => (Allow) C:\Users\Pete\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A2CEB072-70DF-4399-8B61-1E6E1B173B79}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B717F5FB-CAEE-4DB4-B030-2E94127EA46A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{68C5EEBF-E571-4C76-9243-A56D6DBDB457}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{60C6A7B6-CBA3-4C2A-8E4F-AE95AD858C7B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/30/2015 05:08:38 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/30/2015 05:08:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/30/2015 05:08:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/30/2015 05:08:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/30/2015 05:08:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/29/2015 01:33:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/29/2015 01:20:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/29/2015 01:20:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/29/2015 01:20:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/29/2015 01:20:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (05/30/2015 04:34:14 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
 
Error: (05/29/2015 08:53:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:24:37 on ‎29/‎05/‎2015 was unexpected.
 
Error: (05/29/2015 01:54:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (05/29/2015 01:54:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (05/29/2015 01:54:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (05/29/2015 01:54:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (05/29/2015 01:54:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (05/29/2015 01:54:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (05/29/2015 01:54:28 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (05/29/2015 01:54:28 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
 
Microsoft Office:
=========================
Error: (06/14/2014 03:21:49 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55882 seconds with 420 seconds of active time.  This session ended with a crash.
 
Error: (03/28/2013 01:42:53 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 119234 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error: (03/21/2013 10:18:33 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 63277 seconds with 120 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU 900 @ 2.20GHz
Percentage of memory in use: 54%
Total physical RAM: 3032.91 MB
Available physical RAM: 1374.93 MB
Total Pagefile: 6064.13 MB
Available Pagefile: 4296.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.74 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:139.77 GB) (Free:59.32 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: CFA505BF)
Partition 1: (Active) - (Size=9.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=139.8 GB) - (Type=07 NTFS)
 
==================== End of log ============================
 
Thanks again.
 
Pete

 

 


  • 0

Advertisements

#2
godawgs
Posted 29 May 2015 - 08:24 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Duplicate topic. Closed.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: browser redirect

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP