Please advise, thanks
Anti virus / malware programs won't run updates
#1
Posted 27 May 2016 - 08:16 AM
Please advise, thanks
#2
Posted 27 May 2016 - 09:02 AM
Are you out of space on the hard drive?
If not then:
- Pause your anti-virus. Close all browsers.
#3
Posted 27 May 2016 - 01:54 PM
Hi
My hard drive is not full.
the log files as requested ;
# AdwCleaner v5.118 - Logfile created 27/05/2016 at 16:27:07
# Updated 23/05/2016 by Xplode
# Database : 2016-05-26.2 [Server]
# Operating system : Windows Vista Home Premium Service Pack 2 (X86)
# Username : Allen - ALLEN-PC
# Running from : C:\Users\Allen\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File Deleted : C:\Program Files\Yahoo!\Common\unyt.exe
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTBM.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.DataStore
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.StringList
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.StringList.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper.2
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTBM.YTBMButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTBM.YTBMButton.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40A62D1-8FC0-4F03-90C4-0DE03BE73A41}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SafeWeb
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\facemoods.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Yahoo\Companion
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7506 bytes] - [27/05/2016 16:27:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [7196 bytes] - [27/05/2016 16:25:28]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7652 bytes] ##########
# AdwCleaner v5.118 - Logfile created 27/05/2016 at 16:25:28
# Updated 23/05/2016 by Xplode
# Database : 2016-05-26.2 [Server]
# Operating system : Windows Vista Home Premium Service Pack 2 (X86)
# Username : Allen - ALLEN-PC
# Running from : C:\Users\Allen\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
File Found : C:\Program Files\Yahoo!\Common\unyt.exe
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\yt.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YTBM.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
Key Found : HKLM\SOFTWARE\Classes\protector_dll.Protector
Key Found : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Key Found : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Key Found : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
Key Found : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
Key Found : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
Key Found : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
Key Found : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
Key Found : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
Key Found : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
Key Found : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
Key Found : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.DataStore
Key Found : HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
Key Found : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.StringList
Key Found : HKLM\SOFTWARE\Classes\YPUBC.StringList.1
Key Found : HKLM\SOFTWARE\Classes\yt.YTHelper
Key Found : HKLM\SOFTWARE\Classes\yt.YTHelper.2
Key Found : HKLM\SOFTWARE\Classes\yt.YToolbarBand
Key Found : HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
Key Found : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl
Key Found : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl.1
Key Found : HKLM\SOFTWARE\Classes\YTBM.YTBMButton
Key Found : HKLM\SOFTWARE\Classes\YTBM.YTBMButton.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
Key Found : HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40A62D1-8FC0-4F03-90C4-0DE03BE73A41}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
Key Found : HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
Key Found : HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
Key Found : HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
Key Found : HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SafeWeb
Key Found : HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SafeWeb
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\facemoods.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Yahoo\Companion
***** [ Web browsers ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [7044 bytes] - [27/05/2016 16:25:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7117 bytes] ##########
junkware removal tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows Vista Home Premium x86
Ran by Allen (Administrator) on 27/05/2016 at 16:34:23.72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 117
Successfully deleted: C:\Users\Allen\AppData\Local\{0111A6E7-9609-4816-A943-04D3A265A795} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{038651C7-0771-47B7-90B5-1B9474B0EC27} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{049A5522-D38C-4BE1-B4DE-86B5310A75AC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{07CAEF87-0D4F-4EA9-A91A-1054C504D0CB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{093281CC-ED99-4818-943F-A6440E6464AF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{0B603D39-AEBA-4B0D-8B80-7090C021BE9F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{0E41A9FF-6C6E-443D-AC7A-95350ACBC69E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{0FCD1D09-E63F-4E08-BEAB-267449D9E2B2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{1035B2DC-F98C-4624-8BD1-1568FB6413C2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{143DDFD7-4A00-460A-9CEB-F13C83A59753} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{15CC08B3-80C1-4859-9DDF-6E8C72E2FDE0} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{1A02A01E-36FC-49C1-B29D-BDE3DB6D8A12} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{228E4EBA-EEC2-49C1-AD51-F705919F478E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{2471A811-14F6-4C97-9B67-214D65C59DFB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{27C6B51F-E5D6-495D-9E8F-842FCBB839D8} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{327518F1-C36A-4B66-B674-89704B633ACE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{346E73B1-21AF-476F-A69F-7055CE65C0E0} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{34B85E4C-682D-4F8D-8362-4993CCC03EB7} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{36656D19-C2CE-4483-8E76-A297C6CA726E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{392347A6-8188-4A72-A8E6-530AC1E3C925} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3AAC8670-732E-4B62-AF88-EE18AB98A1F2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3B6C935D-0B07-4DE1-AFE1-82890DD9B15E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3EC99054-CA92-440E-9B04-CCBAD48D9561} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{40779051-0AF6-4179-9C5E-336A408F152D} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{41983BC5-8BDB-4F91-BB65-732F7E22446F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{424A1A79-063E-4F1D-845E-0240C8B18C6F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{42DACE55-C6D1-4F56-8E1D-8CDE85533C86} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{44072D8F-9737-47D8-9F10-DA7CA3CA6BFF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{47D5302E-724C-46B2-814D-F2C1268E78FB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{492F4A77-884D-404C-A0A2-7EBFD12ECEA6} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{4C3067B3-7925-4E23-BCA5-8179D3B4B328} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{4D00F337-74F6-4679-B459-A8AF8FC1B882} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{512EF8C7-365C-44A3-859D-1201D2E56E8F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{58C31A23-A6ED-4CB0-BCEB-4978DDF330B9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{5E2B3FCA-744D-4DFE-BC6A-CDBB2D542601} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{5E616F8C-CC23-42CC-BC88-17812315F223} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{644EF245-27D8-4872-9010-81C863F9382A} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6454640B-3D3B-4A67-81F2-7F54F08E4B6B} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{64D04BAC-70A6-4D9C-95A6-21D87A0EFDC0} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{673D581B-B422-40A0-8882-22A12A52285E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6809E448-B2EC-42AA-97AE-8E8D62A359C2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{69993545-EA1F-4E75-B20C-F9D0061A1B40} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6B6B94A9-9758-4BF1-B727-C2FBA29AE36E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6EA5718E-BC28-4C84-9B7C-8C27B92DAB3F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{73A03463-7E14-4190-811F-BF6E90278926} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{79AF249C-EB48-43C0-94BF-DA163845FCEB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{7DB20BEB-A061-4E76-991F-F07DC33C9080} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{7F802F5C-3B52-4F0A-B74F-EFA498475BF9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{85DBE7A6-BE8F-467D-803E-92A36AAF21DE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{87CA310C-A439-4338-B058-A919C3FE1A7D} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{888EFB17-0D6A-43AE-8A9C-07487FDAB87C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{8A6A67C9-0884-4ED9-9E78-62DD6685B6F9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{8DD9ADC3-F435-459D-88C5-CB81FA9492CC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{92A3BBB6-2DAF-406A-BC66-2A0A66949C0C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{930820A6-07EF-469D-991A-AA106EE839A1} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{95B5D3C0-9568-430F-BBB2-F0DAF979D80C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{961F620B-4BB0-4601-8E57-F489F89DE82F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{98436F52-5411-441B-B79F-CBD22D2C0914} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9A7D33D2-FDD4-4EDF-9C60-3C446C8EA7E9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9D7A951F-3EEF-44CC-BBB7-184405A7251E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9DE13860-30FA-4F5A-B8BA-AA77F0D11E8F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9EC38C09-5FA9-4CBE-92A3-989442C2CF7A} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9FD1E98E-7E73-49F8-957C-E70993943FBB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A0A1B4A1-AC0D-4853-8F6B-29BEAD93693E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A1BF9DD4-A73D-4170-BE0D-B8BD5A092C82} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A1CE19F8-0261-4799-A4D9-961BD6C09341} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A277EBDC-B20E-479C-9139-2C03FE28A92C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A623376E-EDBD-4996-84DC-F62589E41A3B} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{AA19E789-8DFC-41DB-B0E7-4D39062EE4A1} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{AA27FA99-9770-45EA-A9B7-0E4427857904} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{AB38D6AE-1D4D-402F-B518-0BBA4D880AF9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{ADB7D47C-565A-4A35-8A1E-58809481AA30} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{B3953EF8-BA52-4127-8EDB-52EAD565597F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{B3E209BE-4C11-427B-AB69-412177B1FF5F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{B469007A-5F31-4F5A-9DD2-B387EE486DAA} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BBC66360-56AC-465D-B21B-D75505F6C6AE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BDA6DA02-E9DD-4927-998D-595CB5E9A8CF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BDDD9CAB-9027-441A-A211-0DD518185B9A} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BE5BD9BD-84F0-49B4-BC0F-B24538A356FC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BE625271-6E90-48B7-AAE8-8B2E54D3ED24} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{C0BDA725-B57A-4060-BA09-4817DBF6D9EC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{C9B8762A-9EDF-4558-96B2-229C180DD414} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{C9C1CE08-3DFF-46A2-B7F3-96601178B567} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{D0761173-6E9D-4445-9908-C02EFAE8F1EF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{D0F5E2EA-E95A-40F6-A28E-E460188FA8F3} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{D9BEB676-6F6C-42ED-A3AF-7C5523D92216} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DA93AE33-5995-41D8-B2A9-871E88C25F64} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DBF9CB18-733C-46A8-AC5C-6D918D38B485} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DD5DFEBF-338B-49D5-A9C7-8822C1A04399} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E0949254-BCCE-4518-B37A-7E4074121A37} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E44FA997-9274-471E-A31C-B5B263B3F982} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E8CAF4B4-DF7D-4DB1-9920-BF58CCE83541} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E9AE8165-17A7-4B25-80DA-020C9525E3F8} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{EB827709-0C18-48C7-9DB0-2A61099C4DAE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{EB860AED-C442-4029-9489-8F8C5934828C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{ED605250-850A-4AFC-AB6A-2685FDE11CA4} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{EEF2C33C-419A-4927-A0E9-349F56058477} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{F0DCAC80-0DB6-4F85-891E-E9217365D8A8} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{F5ADDAD6-279F-4F46-A8DF-6F435B0589AF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{FB73DC38-77B3-42DB-A191-A3D61E8FFED2} (Empty Folder)
Successfully deleted: C:\Windows\couponprinter.ocx (File)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12XM69D6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NJ0QCX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTI8O8CO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ENE9MSME (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7WD456B (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NUD7ZB00 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UX9CD5Y2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYH5K0XQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12XM69D6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NJ0QCX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTI8O8CO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ENE9MSME (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7WD456B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NUD7ZB00 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UX9CD5Y2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYH5K0XQ (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/05/2016 at 16:38:23.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Farbar tool log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2016 02
Ran by Allen (administrator) on ALLEN-PC (27-05-2016 16:42:50)
Running from C:\Users\Allen\Desktop
Loaded Profiles: Allen (Available Profiles: Allen)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acer Inc.) C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_21_0_0_242_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4853760 2008-01-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Synaptics, Inc.)
HKLM\...\Run: [BisonInst0402] => C:\Windows\BR040286.exe [53248 2007-05-09] (Bison Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [81920 2008-01-22] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2007-10-11] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [521776 2008-01-03] (Egis Incorporated)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2008-01-07] (Dritek System Inc.)
HKLM\...\Run: [Acer Assist Launcher] => C:\Program Files\Acer\Acer Assist\launcher.exe [1261568 2007-11-19] ()
HKLM\...\Run: [Acer Product Registration] => C:\Program Files\Acer\Acer Registration\ACE1.exe [3387392 2007-11-26] (Leader Technologies)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [15872 2008-05-02] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-04-17] (Google Inc.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4240760 2010-11-10] (Microsoft Corporation)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Google Update] => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Logitech Vid HD] => "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Facebook Update] => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-06] (Facebook Inc.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [TomTomHOME.exe] => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1721192 2011-03-30] (Hewlett-Packard Co.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [52142720 2016-04-29] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-01-03] (Egis Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk [2008-03-26]
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2008-10-27]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk [2016-05-27]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 142.166.166.166
Tcpip\..\Interfaces\{39C7CE13-FD2A-4C69-A839-A7F82396DA33}: [DhcpNameServer] 192.168.2.1 142.166.166.166
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://en.ca.acer.yahoo.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ca/
SearchScopes: HKU\S-1-5-21-534116950-1332898044-2559044525-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
SearchScopes: HKU\S-1-5-21-534116950-1332898044-2559044525-1003 -> {E6F8E096-4836-47C0-8883-6A99317FB847} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-01-03] (Egis Incorporated.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-534116950-1332898044-2559044525-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
Handler: intu-tt2014 - {97BB39CB-9ABA-4513-81E7-1D6FDA0854B8} - C:\Program Files\TurboTax 2014\ic2014pp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-06-05] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [2010-04-23] (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Allen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Allen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @talk.google.com/O1DPlugin -> C:\Users\Allen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Allen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Allen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (YouTube) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Google Search) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (Bookmark Manager) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-01-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-01-23]
CHR Extension: (Google Wallet) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [506416 2008-01-03] (Egis Incorporated)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-10-01] (Acer Inc.) [File not signed]
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072 2007-12-20] (Acer Inc.) [File not signed]
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-11-27] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [829096 2007-10-29] (Bison Electronics. Inc. )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2008-03-26] (NewTech Infosystems, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
U0 Sr; no ImagePath
U2 SrService; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-27 16:42 - 2016-05-27 16:43 - 00031152 _____ C:\Users\Allen\Desktop\FRST.txt
2016-05-27 16:42 - 2016-05-27 16:42 - 00000000 ____D C:\FRST
2016-05-27 16:41 - 2016-05-27 16:41 - 01734144 _____ (Farbar) C:\Users\Allen\Desktop\FRST.exe
2016-05-27 16:38 - 2016-05-27 16:38 - 00013849 _____ C:\Users\Allen\Desktop\JRT.txt
2016-05-27 16:32 - 2016-05-27 16:32 - 01610816 _____ (Malwarebytes) C:\Users\Allen\Desktop\JRT.exe
2016-05-27 16:29 - 2016-05-27 16:29 - 00000000 ____D C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2016-05-27 16:25 - 2016-05-27 16:27 - 00000000 ____D C:\AdwCleaner
2016-05-27 16:18 - 2016-05-27 16:18 - 03678272 _____ C:\Users\Allen\Desktop\AdwCleaner.exe
2016-05-19 23:00 - 2016-04-09 18:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-19 23:00 - 2016-04-09 16:00 - 02071040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-19 22:58 - 2016-04-09 18:22 - 00638184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-19 22:58 - 2016-04-09 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-19 22:53 - 2016-04-09 17:32 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-19 22:47 - 2016-04-09 17:37 - 03608808 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-05-19 22:47 - 2016-04-09 17:37 - 03556584 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-19 22:47 - 2016-03-10 14:07 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-19 22:45 - 2016-04-09 15:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-19 22:44 - 2016-04-09 16:07 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-19 22:19 - 2016-04-23 14:00 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-19 22:19 - 2016-04-23 13:59 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-19 22:19 - 2016-04-23 13:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-05-19 22:19 - 2016-04-23 13:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-05-19 22:19 - 2016-04-23 13:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-05-19 22:18 - 2016-04-23 14:03 - 12858880 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-19 22:18 - 2016-04-23 14:03 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-19 22:18 - 2016-04-23 14:01 - 09729536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 01831424 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-19 22:18 - 2016-04-23 14:00 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-19 22:18 - 2016-04-23 13:59 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-19 22:18 - 2016-04-23 13:59 - 01789952 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00711168 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-19 21:43 - 2016-05-19 21:43 - 00239874 _____ C:\Users\Allen\Desktop\reference letter.pdf
2016-05-16 11:56 - 2016-05-16 11:56 - 00134045 _____ C:\Users\Allen\Desktop\i.pdf
2016-05-04 14:05 - 2016-05-26 22:45 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-04 14:04 - 2016-05-04 14:04 - 00000903 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-04 14:04 - 2016-05-04 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-04 14:04 - 2016-05-04 14:04 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-05-04 14:04 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-04 14:04 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-04 14:04 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-04 14:02 - 2016-05-04 14:02 - 22851472 _____ (Malwarebytes ) C:\Users\Allen\Desktop\mbam-setup-2.2.1.1043.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-27 16:44 - 2012-10-06 13:39 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job
2016-05-27 16:41 - 2006-11-02 09:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-27 16:41 - 2006-11-02 09:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-27 16:36 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\inf
2016-05-27 16:36 - 2006-11-02 07:33 - 00860232 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-27 16:31 - 2010-07-11 23:22 - 00000000 ____D C:\Users\Allen\AppData\Roaming\Skype
2016-05-27 16:30 - 2009-04-19 21:49 - 00000000 ____D C:\Users\Allen\Tracing
2016-05-27 16:29 - 2015-06-02 15:17 - 00000402 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2016-05-27 16:29 - 2015-04-25 11:48 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-27 16:28 - 2006-11-02 10:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-27 16:27 - 2006-11-02 10:01 - 00032652 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-27 16:13 - 2009-06-30 16:23 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job
2016-05-27 16:12 - 2015-04-25 11:48 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-26 23:01 - 2014-09-24 14:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-26 20:38 - 2009-06-30 16:23 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job
2016-05-26 20:30 - 2012-10-06 13:39 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job
2016-05-24 19:42 - 2010-08-30 13:51 - 00453120 _____ C:\Users\Allen\Desktop\Logbook.xls
2016-05-24 19:42 - 2008-10-27 04:35 - 00002607 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-05-24 19:40 - 2008-10-27 04:35 - 00002605 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-05-20 21:26 - 2013-07-27 21:35 - 00000000 ____D C:\Windows\system32\MRT
2016-05-20 21:04 - 2006-11-02 07:24 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-05-20 20:38 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\rescache
2016-05-20 20:29 - 2011-07-10 22:54 - 00000000 ____D C:\Users\Allen\Resume
2016-05-20 20:19 - 2006-11-02 09:47 - 00390776 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-20 20:15 - 2006-11-02 09:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 19:20 - 2014-09-24 14:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-15 19:20 - 2014-09-24 14:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-05-09 22:27 - 2010-07-11 23:22 - 00000000 ___RD C:\Program Files\Skype
2016-05-09 22:27 - 2010-07-11 23:21 - 00000000 ____D C:\ProgramData\Skype
2016-04-29 14:25 - 2010-07-21 02:59 - 00060928 _____ C:\Users\Allen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Files in the root of some directories =======
2011-04-10 15:23 - 2011-04-10 15:23 - 0000052 _____ () C:\Users\Allen\AppData\Roaming\G1000Trainer_preferences.xml
2011-04-10 15:23 - 2011-06-19 22:14 - 0006733 _____ () C:\Users\Allen\AppData\Roaming\G1000Trainer_student_record.xml
2014-12-10 16:26 - 2014-12-10 16:26 - 0000052 _____ () C:\Users\Allen\AppData\Roaming\pdfcompressor.ini
2008-11-13 02:28 - 2008-11-13 02:28 - 0024206 _____ () C:\Users\Allen\AppData\Roaming\UserTile.png
2012-02-19 20:43 - 2012-03-16 18:36 - 0000680 _____ () C:\Users\Allen\AppData\Local\d3d9caps.dat
2010-07-21 02:59 - 2016-04-29 14:25 - 0060928 _____ () C:\Users\Allen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-02 12:28 - 2015-06-02 12:28 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-07-11 23:23 - 2010-07-11 23:23 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
C:\Users\Allen\AppData\Local\temp\libeay32.dll
C:\Users\Allen\AppData\Local\temp\mpam-39d1db97.exe
C:\Users\Allen\AppData\Local\temp\mpam-de95ee0.exe
C:\Users\Allen\AppData\Local\temp\msvcr120.dll
C:\Users\Allen\AppData\Local\temp\RtkBtMnt.exe
C:\Users\Allen\AppData\Local\temp\SkypeSetup.exe
C:\Users\Allen\AppData\Local\temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-27 16:34
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-05-2016 02
Ran by Allen (2016-05-27 16:44:31)
Running from C:\Users\Allen\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-09-17 20:14:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-534116950-1332898044-2559044525-500 - Administrator - Disabled)
Allen (S-1-5-21-534116950-1332898044-2559044525-1003 - Administrator - Enabled) => C:\Users\Allen
ASPNET (S-1-5-21-534116950-1332898044-2559044525-1005 - Limited - Enabled)
Guest (S-1-5-21-534116950-1332898044-2559044525-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Acer Assist (HKLM\...\Acer Assist) (Version: - Acer Incorporated)
Acer Crystal Eye (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 7.32.701.13d - Acer Crystal Eye)
Acer Crystal Eye Webcam (HKLM\...\{DD1DED37-2486-4F56-8F89-56AA814003F5}) (Version: 2.0.0.20 - Acer Crystal Eye Webcam)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 2.8.4354 - Egis Inc.)
Acer eLock Management (HKLM\...\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}) (Version: 2.5.4302 - Acer Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4301 - Acer Inc.)
Acer eNet Management (HKLM\...\{C06554A1-2C1E-4D20-B613-EE62C79927CC}) (Version: 2.6.4303 - Acer Inc.)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.5.4310 - Acer Inc.)
Acer ePresentation Management (HKLM\...\{BF839132-BD43-4056-ACBF-4377F4A88E2A}) (Version: 2.5.4300 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4302 - Acer Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 1.0.4301 - Acer Inc.)
Acer Registration (HKLM\...\Acer Registration) (Version: - Acer - Leader Technologies)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 2.11.20071207 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{FC57FC53-104C-415C-98D7-B05E659461A9}) (Version: 10.50.08 - Broadcom Corporation)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CryptoPrevent (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON NX100 Series Printer Uninstall (HKLM\...\EPSON NX100 Series) (Version: - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.2.183.13 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{AB2228C5-EA86-44E1-AFF6-58B9CC260CE3}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{C40DCEE3-A564-4692-B1D5-DA1F252BA3BC}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP LaserJet P1000 series (HKLM\...\HP LaserJet P1000 series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\HP Photo Creations) (Version: 1.0.0.18332 - HP)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
MrvlUsgTracking (HKLM\...\{02C85EC5-E864-4847-AF55-42730861004C}) (Version: 1.0.0 - Marvell)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NTI Backup NOW! 4.7 (HKLM\...\InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}) (Version: 1.00.0000 - NewTech Infosystems)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems) Hidden
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NTI Shadow (HKLM\...\InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}) (Version: 3.7.6.37 - NewTech Infosystems)
NTI Shadow (Version: 3.7.6.37 - NewTech Infosystems) Hidden
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Octoshape add-in for Adobe Flash Player) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.32.3730a.0 - CyberLink Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5543 - Realtek Semiconductor Corp.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.23 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.15.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}) (Version: 2.00.0002 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0002 - Texas Instruments Inc.) Hidden
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! Extras (HKLM\...\Yahoo! Customizations) (Version: - )
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Internet Mail (HKLM\...\Yahoo! Internet Mail) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Allen\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Allen\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Allen\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Allen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Allen\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Allen\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1340E10F-6A32-40A5-AB16-57CC12318002} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {18176CC6-1A9D-47F1-A26B-13910E7F909E} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-03-30] (Hewlett-Packard Co.)
Task: {1A4242C0-60C1-4610-A9FE-9D7141CE1931} - System32\Tasks\{99258A10-6B3B-429F-8C29-27D864D109A3} => C:\Program Files\Skype\Phone\Skype.exe [2016-04-29] (Skype Technologies S.A.)
Task: {26597DBB-F5CA-4CAA-B86E-BC0A98609B82} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Allen\AppData\Roaming\HP Photo Creations\Communicator.exe [2011-05-13] ()
Task: {2FA7A48B-76EB-49C5-857F-1258373A5860} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3CF60298-04EC-49DC-BDF6-2B76712045AB} - System32\Tasks\{DF166A33-0B21-42D0-9A6C-D6935E90AB73} => pcalua.exe -a C:\PROGRA~1\SOFTON~1\UNWISE.EXE -c C:\PROGRA~1\SOFTON~1\INSTALL.LOG
Task: {499D5A06-9F22-447F-BCE9-4946F822C169} - System32\Tasks\{5CAFF5CB-CA6E-4A8F-9E7A-D47D6B66AE7E} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLFL9HM6\SetupFSCopilot16[1].exe" -d C:\Users\Allen
Task: {58AE6357-C600-41C8-A2E0-0B4DF5811076} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-06] (Facebook Inc.)
Task: {645EA812-B73C-4E18-9181-34DB80502938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {6AF0F6F3-A64E-4D6E-BFF1-D03992F2E9F9} - System32\Tasks\{858EA598-D309-4606-BEBC-70EF9403C894} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\07L2HA66\SetupFSInn13B2_3[2].exe" -d C:\Users\Allen
Task: {714E4DED-E175-4C9D-831E-E337DC543BFC} - System32\Tasks\{D8721F9D-7F92-4077-B56D-66C255E56643} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE
Task: {7DC317EB-164C-41F4-9D21-72EFD94806A7} - System32\Tasks\{6E5A1472-C989-48BA-8778-96025461C0AC} => pcalua.exe -a C:\Users\Allen\Desktop\VirtumundoBeGone.exe -d C:\Users\Allen\Desktop
Task: {89192796-C51B-456B-A050-D5E3C45A5D6D} - System32\Tasks\{D5FE861A-C79C-4D59-A538-F3923F67D2A2} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZVZEMVG\SetupFSInn12[1].exe" -d C:\Users\Allen
Task: {BE22A2C9-84B7-40C2-80DB-4EE9515DCD3D} - System32\Tasks\{D785B799-7774-474C-96E6-0D20036729B1} => pcalua.exe -a "C:\Program Files\Fs2002 And Fs2004 Easy Installer Utility!\eesi.exe" -d "C:\Program Files\Fs2002 And Fs2004 Easy Installer Utility!"
Task: {C1EB9403-15B9-4A46-9032-A5525EF30E5F} - System32\Tasks\{F6F3960B-7566-4264-9DD1-908FEFD7C1D5} => pcalua.exe -a "C:\Program Files\FSFDT\uninstallFSCopilot.exe"
Task: {C261008A-2895-44B6-8146-9400682854F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C4DF8714-3D5B-4F78-AD03-1D5BCFEAFECD} - System32\Tasks\{262F4346-CCEC-4F15-B1D1-AB3419B87696} => pcalua.exe -a D:\setuppls.exe -d D:\ -c /AUTORUN
Task: {C9306C47-F213-4E0D-AE44-D5DBECC04F9C} - System32\Tasks\{88C44967-8EF0-4D52-9323-80C4B50F3543} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O7KXWM6P\wmp11-windowsxp-x86-enu[1].exe" -d C:\Windows\system32
Task: {CE16C034-B03F-4132-8CD6-063422115D25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {D0F03E06-D15C-45B5-86C8-A93F58BBF3EC} - System32\Tasks\Microsoft\Windows\RestartManager\{9388B6A3-309E-4d7f-B8A8-B87168832CB9} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {DBAB3616-414F-42C3-BD2F-79AC04CD09E3} - System32\Tasks\PDVDServ.EXE_1322400303 => C:\Program Files\CyberLink\PowerDVD\PDVDServ.EXE [2008-01-22] (Cyberlink Corp.)
Task: {F8E07DE8-CE5F-4FDC-951D-69BA2E61FBAC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FA8D32A9-622D-4C18-95C5-09B4106AD01C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-06] (Facebook Inc.)
Task: {FCFA6D6A-FA88-4452-98C5-BFF7A63332CF} - System32\Tasks\{F39A87A9-2776-4442-96B8-82EFD761788E} => pcalua.exe -a "C:\Program Files\Microsoft Games\FS2002\FSUNINSTALL.EXE" -c /runtemp /addremove
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\Allen\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{81269CAB-AB40-4890-B356-37C309F68D20}.job => C:\Windows\system32\msfeedssync.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Allen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Mail.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\Yahoo!\Common\ymmapi.dll,OpenURL hxxp://mail.yahoo.com/?.intl=ca&.redir=ymmapi10
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Mail.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\Yahoo!\Common\ymmapi.dll,OpenURL hxxp://mail.yahoo.com/?.intl=ca&.redir=ymmapi11
==================== Loaded Modules (Whitelisted) ==============
2008-09-17 17:27 - 2007-11-27 22:54 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe
2008-09-17 17:27 - 2007-11-27 19:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2011-03-30 18:19 - 2011-03-30 18:19 - 01841000 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2008-09-17 17:26 - 2007-12-19 22:09 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
2008-09-17 17:26 - 2007-12-19 22:09 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
2008-09-17 17:26 - 2007-12-19 22:09 - 00006656 _____ () C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
2008-03-26 05:23 - 2008-01-09 22:43 - 00057344 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
2008-03-26 05:23 - 2008-01-09 22:42 - 00024576 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
2008-09-17 17:22 - 2007-09-11 13:59 - 00307200 _____ () C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
2008-01-03 06:00 - 2008-01-03 06:00 - 00227888 _____ () C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
2008-09-17 17:25 - 2007-12-20 17:58 - 00679936 _____ () C:\Acer\Empowering Technology\eLock\eLockCTL.dll
2008-09-17 17:26 - 2007-12-19 22:09 - 00028672 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 03420160 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00155648 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
2008-09-17 17:23 - 2007-12-20 15:33 - 00249856 _____ () C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATTENTION
HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %* <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 07:23 - 2012-03-22 09:06 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Sample Pictures\Autumn Leaves.jpg
DNS Servers: 192.168.2.1 - 142.166.166.166
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{C9EF5EDA-50C2-4BE3-97E4-588F170D901D}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{E01BE071-B00A-491D-BB6A-556CA52ABD35}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{47620D60-F3FA-4BF0-A495-1D203C176DA8}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{74D7467A-EEFF-44B9-A907-702E9A129F00}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{48617D48-7F68-434D-8342-547FE235771E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [{C9E71106-7B3B-4CFD-8DA6-D011E8B77B56}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [TCP Query User{C17E2344-6137-465B-AAD7-44082193412C}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{BE179C4E-9D59-4E72-AC3B-3B90A91F09D7}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{F2DDA02E-CD32-4E79-9071-6112EE455060}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [{6BDC7595-0823-450D-B246-90610F59F8B5}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [TCP Query User{F10592A5-F603-4E2C-820C-146E3AF4244A}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{1D334044-58D8-40A6-8171-FA7A85505F92}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{5C24DAE7-542C-4D56-B1A4-78BB24E21C26}C:\program files\limewire\limewire.exe] => (Allow) C:\program files\limewire\limewire.exe
FirewallRules: [UDP Query User{725C063C-259C-4DC9-B60C-A56B6230D1FF}C:\program files\limewire\limewire.exe] => (Allow) C:\program files\limewire\limewire.exe
FirewallRules: [{390E7292-8F7E-443E-8784-B7F50965A7B1}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{A8123CDB-6339-4EDC-B3BE-4B0AB039EA18}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{7D48202A-539A-4356-A2FE-88E5F9372552}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{3947B629-6FBA-4962-8A79-545551BA0E0E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{ABA9C176-A253-44C7-8ED1-33F62868C50B}C:\program files\bittorrent\bittorrent.exe] => (Allow) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{AA4C98B2-CBED-4F05-BD2A-9B1555A857B1}C:\program files\bittorrent\bittorrent.exe] => (Allow) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [{FB6B0841-AEE2-4FC5-AF28-34DA925E84AC}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4C76D121-C306-41BD-A695-84DCCFF0828A}] => (Allow) svchost.exe
FirewallRules: [{A619DE9B-E9A6-4B30-BFF3-E5BC3B852692}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{EF7CD1E1-272B-4F16-BBBD-B26D7FE38820}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A43D41CC-946D-4BF5-9DEE-9B49A12FF698}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{396CE697-5AD3-422F-8E81-719CE1A61410}] => (Allow) LPort=2869
FirewallRules: [{BD673127-28AE-4D20-A67C-D13822D08483}] => (Allow) LPort=1900
FirewallRules: [{F5A2B141-767C-46A3-A4A6-13B3784D26B4}] => (Allow) LPort=80
FirewallRules: [{37753C3E-74FE-46F9-892F-61305A197DAD}] => (Allow) LPort=80
FirewallRules: [{F6688556-B806-4927-9655-8396D02B81D1}] => (Allow) LPort=80
FirewallRules: [{E4D2FBD9-ED9A-4925-9CDE-3BE742D85E47}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{58DCA8E1-C0CF-45B1-9030-C7D2468851DF}] => (Allow) C:\Users\Allen\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{DA23D471-DD9A-49CD-977A-19F9E4072849}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{9D8F25DF-6FF0-4F70-863B-35223BF19B2F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe] => Enabled:eDSfsu
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe] => Enabled:encryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe] => Enabled:decryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe] => Enabled:eDSMgr
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe] => Enabled:eDStbmngr
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe] => Enabled:eDSfsu
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe] => Enabled:encryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe] => Enabled:decryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe] => Enabled:eDSMgr
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe] => Enabled:eDStbmngr
==================== Restore Points =========================
06-04-2016 22:33:33 Windows Update
10-04-2016 16:22:12 Windows Update
11-04-2016 20:03:17 Windows Update
11-04-2016 20:07:09 Windows Update
11-04-2016 20:09:52 Windows Update
15-04-2016 21:21:35 Scheduled Checkpoint
16-04-2016 03:01:29 Windows Update
16-04-2016 16:07:01 Windows Update
17-04-2016 22:49:56 Scheduled Checkpoint
20-04-2016 21:39:27 Windows Update
21-04-2016 21:31:23 Scheduled Checkpoint
22-04-2016 20:35:00 Scheduled Checkpoint
25-04-2016 08:14:55 Windows Update
29-04-2016 12:19:36 Windows Update
29-04-2016 16:05:22 Windows Backup
02-05-2016 12:54:24 Scheduled Checkpoint
04-05-2016 08:40:08 Windows Update
07-05-2016 20:37:07 Windows Update
07-05-2016 22:55:31 Windows Update
09-05-2016 23:03:21 Scheduled Checkpoint
12-05-2016 09:09:08 Windows Update
19-05-2016 22:43:10 Windows Update
20-05-2016 21:01:09 Windows Update
24-05-2016 22:01:11 Windows Update
27-05-2016 16:34:23 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft Tun Miniport Adapter #2
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Broadcom NetLink Gigabit Ethernet
Description: Broadcom NetLink Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/27/2016 04:30:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:42 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (05/27/2016 04:30:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (05/27/2016 04:29:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/27/2016 04:29:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D215781D-019E-4FA0-903D-0CDCDE13A4F5}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (05/27/2016 04:27:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Modules Installer11200001Restart the service
Error: (05/27/2016 04:27:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: eSettings Service1600001Restart the service
Error: (05/27/2016 04:27:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: XAudioService1
Error: (05/27/2016 04:27:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service
Error: (05/27/2016 04:27:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ePower Service1600001Restart the service
Error: (05/27/2016 04:27:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Live ID Sign-in Assistant1100001Restart the service
Error: (05/27/2016 04:27:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: SQL Server VSS Writer1
Error: (05/27/2016 04:27:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: SQL Server Browser1600001Restart the service
CodeIntegrity:
===================================
Date: 2016-05-27 16:44:26.650
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-27 16:44:25.339
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-27 16:44:24.029
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-27 16:44:22.687
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-27 16:44:21.143
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-27 16:44:19.817
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-27 16:44:18.397
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-27 16:44:17.009
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-26 23:02:59.458
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-26 23:02:58.163
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Pentium® Dual CPU T2390 @ 1.86GHz
Percentage of memory in use: 47%
Total physical RAM: 3061.68 MB
Available physical RAM: 1617.68 MB
Total Virtual: 7083.76 MB
Available Virtual: 5600.38 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:232.88 GB) (Free:151.7 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 059CAD89)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Thanks
#4
Posted 27 May 2016 - 05:54 PM
sfc /scannow
#5
Posted 28 May 2016 - 12:12 PM
2016-05-28 14:46:19, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:46:19, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2016-05-28 14:46:34, Info CSI 00000009 [SR] Verify complete
2016-05-28 14:46:35, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:46:35, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2016-05-28 14:47:02, Info CSI 0000000d [SR] Verify complete
2016-05-28 14:47:04, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:47:04, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2016-05-28 14:47:16, Info CSI 00000011 [SR] Verify complete
2016-05-28 14:47:17, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:47:17, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2016-05-28 14:47:24, Info CSI 00000015 [SR] Verify complete
2016-05-28 14:47:26, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:47:26, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2016-05-28 14:47:32, Info CSI 00000019 [SR] Verify complete
2016-05-28 14:47:33, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:47:33, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2016-05-28 14:47:39, Info CSI 0000001d [SR] Verify complete
2016-05-28 14:47:41, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:47:41, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2016-05-28 14:47:46, Info CSI 00000021 [SR] Verify complete
2016-05-28 14:47:48, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:47:48, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2016-05-28 14:47:55, Info CSI 00000025 [SR] Verify complete
2016-05-28 14:47:56, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:47:56, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2016-05-28 14:48:03, Info CSI 00000029 [SR] Verify complete
2016-05-28 14:48:04, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:48:04, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2016-05-28 14:48:11, Info CSI 0000002d [SR] Verify complete
2016-05-28 14:48:12, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:48:12, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2016-05-28 14:48:21, Info CSI 00000031 [SR] Verify complete
2016-05-28 14:48:23, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:48:23, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2016-05-28 14:48:30, Info CSI 00000035 [SR] Verify complete
2016-05-28 14:48:31, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:48:31, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2016-05-28 14:48:37, Info CSI 00000039 [SR] Verify complete
2016-05-28 14:48:39, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:48:39, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2016-05-28 14:48:45, Info CSI 0000003d [SR] Verify complete
2016-05-28 14:48:46, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:48:46, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2016-05-28 14:48:53, Info CSI 00000041 [SR] Verify complete
2016-05-28 14:48:55, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:48:55, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:02, Info CSI 00000045 [SR] Verify complete
2016-05-28 14:49:03, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:03, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:09, Info CSI 00000049 [SR] Verify complete
2016-05-28 14:49:10, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:10, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:16, Info CSI 0000004d [SR] Verify complete
2016-05-28 14:49:18, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:18, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:23, Info CSI 00000051 [SR] Verify complete
2016-05-28 14:49:25, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:25, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:31, Info CSI 00000055 [SR] Verify complete
2016-05-28 14:49:33, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:33, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:39, Info CSI 00000059 [SR] Verify complete
2016-05-28 14:49:41, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:41, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:46, Info CSI 0000005d [SR] Verify complete
2016-05-28 14:49:47, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:47, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:51, Info CSI 00000061 [SR] Verify complete
2016-05-28 14:49:51, Info CSI 00000062 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:51, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:55, Info CSI 00000065 [SR] Verify complete
2016-05-28 14:49:56, Info CSI 00000066 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:56, Info CSI 00000067 [SR] Beginning Verify and Repair transaction
2016-05-28 14:49:58, Info CSI 00000069 [SR] Verify complete
2016-05-28 14:49:59, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:49:59, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:02, Info CSI 0000006d [SR] Verify complete
2016-05-28 14:50:03, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:03, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:06, Info CSI 00000071 [SR] Verify complete
2016-05-28 14:50:06, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:06, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:09, Info CSI 00000075 [SR] Verify complete
2016-05-28 14:50:10, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:10, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:13, Info CSI 00000079 [SR] Verify complete
2016-05-28 14:50:14, Info CSI 0000007a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:14, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:17, Info CSI 0000007d [SR] Verify complete
2016-05-28 14:50:18, Info CSI 0000007e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:18, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:20, Info CSI 00000081 [SR] Verify complete
2016-05-28 14:50:21, Info CSI 00000082 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:21, Info CSI 00000083 [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:23, Info CSI 00000085 [SR] Verify complete
2016-05-28 14:50:24, Info CSI 00000086 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:24, Info CSI 00000087 [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:30, Info CSI 00000089 [SR] Verify complete
2016-05-28 14:50:31, Info CSI 0000008a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:31, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:37, Info CSI 0000008d [SR] Verify complete
2016-05-28 14:50:38, Info CSI 0000008e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:38, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:44, Info CSI 00000091 [SR] Verify complete
2016-05-28 14:50:45, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:45, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2016-05-28 14:50:52, Info CSI 00000095 [SR] Verify complete
2016-05-28 14:50:53, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:50:53, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:00, Info CSI 00000099 [SR] Verify complete
2016-05-28 14:51:01, Info CSI 0000009a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:01, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:08, Info CSI 0000009d [SR] Verify complete
2016-05-28 14:51:09, Info CSI 0000009e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:09, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:15, Info CSI 000000a1 [SR] Verify complete
2016-05-28 14:51:17, Info CSI 000000a2 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:17, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:23, Info CSI 000000a5 [SR] Verify complete
2016-05-28 14:51:23, Info CSI 000000a6 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:23, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:29, Info CSI 000000a9 [SR] Verify complete
2016-05-28 14:51:31, Info CSI 000000aa [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:31, Info CSI 000000ab [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:39, Info CSI 000000ad [SR] Verify complete
2016-05-28 14:51:40, Info CSI 000000ae [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:40, Info CSI 000000af [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:45, Info CSI 000000b1 [SR] Verify complete
2016-05-28 14:51:47, Info CSI 000000b2 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:47, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction
2016-05-28 14:51:52, Info CSI 000000b5 [SR] Verify complete
2016-05-28 14:51:53, Info CSI 000000b6 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:51:53, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:01, Info CSI 000000b9 [SR] Verify complete
2016-05-28 14:52:01, Info CSI 000000ba [SR] Verifying 100 (0x00000064) components
2016-05-28 14:52:01, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:08, Info CSI 000000bd [SR] Verify complete
2016-05-28 14:52:10, Info CSI 000000be [SR] Verifying 100 (0x00000064) components
2016-05-28 14:52:10, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:15, Info CSI 000000c1 [SR] Verify complete
2016-05-28 14:52:16, Info CSI 000000c2 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:52:16, Info CSI 000000c3 [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:31, Info CSI 000000c5 [SR] Verify complete
2016-05-28 14:52:32, Info CSI 000000c6 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:52:32, Info CSI 000000c7 [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:37, Info CSI 000000c9 [SR] Verify complete
2016-05-28 14:52:39, Info CSI 000000ca [SR] Verifying 100 (0x00000064) components
2016-05-28 14:52:39, Info CSI 000000cb [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:45, Info CSI 000000cd [SR] Verify complete
2016-05-28 14:52:45, Info CSI 000000ce [SR] Verifying 100 (0x00000064) components
2016-05-28 14:52:45, Info CSI 000000cf [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:52, Info CSI 000000d1 [SR] Verify complete
2016-05-28 14:52:53, Info CSI 000000d2 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:52:53, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2016-05-28 14:52:59, Info CSI 000000d5 [SR] Verify complete
2016-05-28 14:53:00, Info CSI 000000d6 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:53:00, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2016-05-28 14:53:08, Info CSI 000000d9 [SR] Verify complete
2016-05-28 14:53:09, Info CSI 000000da [SR] Verifying 100 (0x00000064) components
2016-05-28 14:53:09, Info CSI 000000db [SR] Beginning Verify and Repair transaction
2016-05-28 14:53:15, Info CSI 000000dd [SR] Verify complete
2016-05-28 14:53:17, Info CSI 000000de [SR] Verifying 100 (0x00000064) components
2016-05-28 14:53:17, Info CSI 000000df [SR] Beginning Verify and Repair transaction
2016-05-28 14:53:35, Info CSI 000000e1 [SR] Verify complete
2016-05-28 14:53:36, Info CSI 000000e2 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:53:36, Info CSI 000000e3 [SR] Beginning Verify and Repair transaction
2016-05-28 14:53:51, Info CSI 000000e5 [SR] Verify complete
2016-05-28 14:53:53, Info CSI 000000e6 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:53:53, Info CSI 000000e7 [SR] Beginning Verify and Repair transaction
2016-05-28 14:54:16, Info CSI 000000e9 [SR] Verify complete
2016-05-28 14:54:17, Info CSI 000000ea [SR] Verifying 100 (0x00000064) components
2016-05-28 14:54:17, Info CSI 000000eb [SR] Beginning Verify and Repair transaction
2016-05-28 14:54:39, Info CSI 000000ee [SR] Verify complete
2016-05-28 14:54:40, Info CSI 000000ef [SR] Verifying 100 (0x00000064) components
2016-05-28 14:54:40, Info CSI 000000f0 [SR] Beginning Verify and Repair transaction
2016-05-28 14:55:01, Info CSI 000000f3 [SR] Verify complete
2016-05-28 14:55:02, Info CSI 000000f4 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:55:02, Info CSI 000000f5 [SR] Beginning Verify and Repair transaction
2016-05-28 14:55:29, Info CSI 000000f7 [SR] Verify complete
2016-05-28 14:55:29, Info CSI 000000f8 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:55:29, Info CSI 000000f9 [SR] Beginning Verify and Repair transaction
2016-05-28 14:55:43, Info CSI 00000103 [SR] Verify complete
2016-05-28 14:55:44, Info CSI 00000104 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:55:44, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
2016-05-28 14:55:50, Info CSI 00000107 [SR] Verify complete
2016-05-28 14:55:51, Info CSI 00000108 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:55:51, Info CSI 00000109 [SR] Beginning Verify and Repair transaction
2016-05-28 14:55:58, Info CSI 0000010b [SR] Verify complete
2016-05-28 14:55:59, Info CSI 0000010c [SR] Verifying 100 (0x00000064) components
2016-05-28 14:55:59, Info CSI 0000010d [SR] Beginning Verify and Repair transaction
2016-05-28 14:56:07, Info CSI 0000010f [SR] Verify complete
2016-05-28 14:56:07, Info CSI 00000110 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:56:07, Info CSI 00000111 [SR] Beginning Verify and Repair transaction
2016-05-28 14:56:15, Info CSI 00000113 [SR] Verify complete
2016-05-28 14:56:16, Info CSI 00000114 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:56:16, Info CSI 00000115 [SR] Beginning Verify and Repair transaction
2016-05-28 14:56:26, Info CSI 00000117 [SR] Verify complete
2016-05-28 14:56:27, Info CSI 00000118 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:56:27, Info CSI 00000119 [SR] Beginning Verify and Repair transaction
2016-05-28 14:56:43, Info CSI 0000011d [SR] Verify complete
2016-05-28 14:56:44, Info CSI 0000011e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:56:44, Info CSI 0000011f [SR] Beginning Verify and Repair transaction
2016-05-28 14:57:04, Info CSI 00000121 [SR] Verify complete
2016-05-28 14:57:05, Info CSI 00000122 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:57:05, Info CSI 00000123 [SR] Beginning Verify and Repair transaction
2016-05-28 14:57:23, Info CSI 00000125 [SR] Verify complete
2016-05-28 14:57:24, Info CSI 00000126 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:57:24, Info CSI 00000127 [SR] Beginning Verify and Repair transaction
2016-05-28 14:57:28, Info CSI 00000129 [SR] Verify complete
2016-05-28 14:57:28, Info CSI 0000012a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:57:28, Info CSI 0000012b [SR] Beginning Verify and Repair transaction
2016-05-28 14:57:31, Info CSI 0000012d [SR] Verify complete
2016-05-28 14:57:31, Info CSI 0000012e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:57:31, Info CSI 0000012f [SR] Beginning Verify and Repair transaction
2016-05-28 14:57:34, Info CSI 00000131 [SR] Verify complete
2016-05-28 14:57:35, Info CSI 00000132 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:57:35, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
2016-05-28 14:57:52, Info CSI 00000151 [SR] Verify complete
2016-05-28 14:57:52, Info CSI 00000152 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:57:52, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2016-05-28 14:57:55, Info CSI 00000155 [SR] Verify complete
2016-05-28 14:57:55, Info CSI 00000156 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:57:55, Info CSI 00000157 [SR] Beginning Verify and Repair transaction
2016-05-28 14:58:00, Info CSI 00000159 [SR] Verify complete
2016-05-28 14:58:01, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components
2016-05-28 14:58:01, Info CSI 0000015b [SR] Beginning Verify and Repair transaction
2016-05-28 14:58:06, Info CSI 0000015d [SR] Verify complete
2016-05-28 14:58:07, Info CSI 0000015e [SR] Verifying 100 (0x00000064) components
2016-05-28 14:58:07, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2016-05-28 14:58:19, Info CSI 00000161 [SR] Verify complete
2016-05-28 14:58:20, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:58:20, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2016-05-28 14:58:29, Info CSI 00000164 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"ir41_qcx.dll" from store
2016-05-28 14:58:33, Info CSI 00000167 [SR] Verify complete
2016-05-28 14:58:34, Info CSI 00000168 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:58:34, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2016-05-28 14:58:38, Info CSI 0000016b [SR] Verify complete
2016-05-28 14:58:38, Info CSI 0000016c [SR] Verifying 100 (0x00000064) components
2016-05-28 14:58:38, Info CSI 0000016d [SR] Beginning Verify and Repair transaction
2016-05-28 14:58:48, Info CSI 0000016f [SR] Verify complete
2016-05-28 14:58:49, Info CSI 00000170 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:58:49, Info CSI 00000171 [SR] Beginning Verify and Repair transaction
2016-05-28 14:58:54, Info CSI 00000173 [SR] Verify complete
2016-05-28 14:58:54, Info CSI 00000174 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:58:54, Info CSI 00000175 [SR] Beginning Verify and Repair transaction
2016-05-28 14:59:01, Info CSI 00000177 [SR] Verify complete
2016-05-28 14:59:01, Info CSI 00000178 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:59:01, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
2016-05-28 14:59:18, Info CSI 00000195 [SR] Verify complete
2016-05-28 14:59:18, Info CSI 00000196 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:59:18, Info CSI 00000197 [SR] Beginning Verify and Repair transaction
2016-05-28 14:59:31, Info CSI 000001a2 [SR] Verify complete
2016-05-28 14:59:32, Info CSI 000001a3 [SR] Verifying 100 (0x00000064) components
2016-05-28 14:59:32, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2016-05-28 15:00:40, Info CSI 000001a6 [SR] Verify complete
2016-05-28 15:00:40, Info CSI 000001a7 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:00:40, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2016-05-28 15:00:57, Info CSI 000001aa [SR] Verify complete
2016-05-28 15:00:58, Info CSI 000001ab [SR] Verifying 100 (0x00000064) components
2016-05-28 15:00:58, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2016-05-28 15:01:12, Info CSI 000001ae [SR] Verify complete
2016-05-28 15:01:12, Info CSI 000001af [SR] Verifying 100 (0x00000064) components
2016-05-28 15:01:12, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2016-05-28 15:01:23, Info CSI 000001b2 [SR] Verify complete
2016-05-28 15:01:24, Info CSI 000001b3 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:01:24, Info CSI 000001b4 [SR] Beginning Verify and Repair transaction
2016-05-28 15:01:33, Info CSI 000001b6 [SR] Verify complete
2016-05-28 15:01:33, Info CSI 000001b7 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:01:33, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2016-05-28 15:01:40, Info CSI 000001bb [SR] Verify complete
2016-05-28 15:01:41, Info CSI 000001bc [SR] Verifying 100 (0x00000064) components
2016-05-28 15:01:41, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2016-05-28 15:01:46, Info CSI 000001bf [SR] Verify complete
2016-05-28 15:01:47, Info CSI 000001c0 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:01:47, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
2016-05-28 15:02:10, Info CSI 000001c3 [SR] Verify complete
2016-05-28 15:02:11, Info CSI 000001c4 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:02:11, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
2016-05-28 15:02:19, Info CSI 000001c7 [SR] Verify complete
2016-05-28 15:02:20, Info CSI 000001c8 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:02:20, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction
2016-05-28 15:02:31, Info CSI 000001cb [SR] Verify complete
2016-05-28 15:02:33, Info CSI 000001cc [SR] Verifying 100 (0x00000064) components
2016-05-28 15:02:33, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
2016-05-28 15:02:38, Info CSI 000001cf [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-05-28 15:02:41, Info CSI 000001d1 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-05-28 15:02:41, Info CSI 000001d2 [SR] This component was referenced by [l:158{79}]"Package_16_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-49_neutral_GDR"
2016-05-28 15:02:46, Info CSI 000001d4 [SR] Verify complete
2016-05-28 15:02:47, Info CSI 000001d5 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:02:47, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2016-05-28 15:02:57, Info CSI 000001d8 [SR] Verify complete
2016-05-28 15:02:58, Info CSI 000001d9 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:02:58, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2016-05-28 15:03:12, Info CSI 000001dc [SR] Verify complete
2016-05-28 15:03:13, Info CSI 000001dd [SR] Verifying 100 (0x00000064) components
2016-05-28 15:03:13, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2016-05-28 15:03:33, Info CSI 000001e1 [SR] Verify complete
2016-05-28 15:03:34, Info CSI 000001e2 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:03:34, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
2016-05-28 15:03:41, Info CSI 000001e5 [SR] Verify complete
2016-05-28 15:03:42, Info CSI 000001e6 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:03:42, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
2016-05-28 15:03:51, Info CSI 000001e9 [SR] Verify complete
2016-05-28 15:03:51, Info CSI 000001ea [SR] Verifying 100 (0x00000064) components
2016-05-28 15:03:51, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2016-05-28 15:04:00, Info CSI 000001ee [SR] Verify complete
2016-05-28 15:04:00, Info CSI 000001ef [SR] Verifying 100 (0x00000064) components
2016-05-28 15:04:00, Info CSI 000001f0 [SR] Beginning Verify and Repair transaction
2016-05-28 15:04:09, Info CSI 000001f1 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2016-05-28 15:04:09, Info CSI 000001f2 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2016-05-28 15:04:12, Info CSI 000001f6 [SR] Verify complete
2016-05-28 15:04:12, Info CSI 000001f7 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:04:12, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2016-05-28 15:04:23, Info CSI 000001fa [SR] Verify complete
2016-05-28 15:04:23, Info CSI 000001fb [SR] Verifying 100 (0x00000064) components
2016-05-28 15:04:23, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
2016-05-28 15:04:35, Info CSI 000001fe [SR] Verify complete
2016-05-28 15:04:35, Info CSI 000001ff [SR] Verifying 100 (0x00000064) components
2016-05-28 15:04:35, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
2016-05-28 15:04:38, Info CSI 00000202 [SR] Verify complete
2016-05-28 15:04:42, Info CSI 00000203 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:04:42, Info CSI 00000204 [SR] Beginning Verify and Repair transaction
2016-05-28 15:04:50, Info CSI 00000206 [SR] Verify complete
2016-05-28 15:04:51, Info CSI 00000207 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:04:51, Info CSI 00000208 [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:01, Info CSI 0000020a [SR] Verify complete
2016-05-28 15:05:01, Info CSI 0000020b [SR] Verifying 100 (0x00000064) components
2016-05-28 15:05:01, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:10, Info CSI 0000020e [SR] Verify complete
2016-05-28 15:05:10, Info CSI 0000020f [SR] Verifying 100 (0x00000064) components
2016-05-28 15:05:10, Info CSI 00000210 [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:30, Info CSI 00000212 [SR] Verify complete
2016-05-28 15:05:30, Info CSI 00000213 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:05:30, Info CSI 00000214 [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:36, Info CSI 00000216 [SR] Verify complete
2016-05-28 15:05:36, Info CSI 00000217 [SR] Verifying 100 (0x00000064) components
2016-05-28 15:05:36, Info CSI 00000218 [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:42, Info CSI 0000021a [SR] Verify complete
2016-05-28 15:05:43, Info CSI 0000021b [SR] Verifying 100 (0x00000064) components
2016-05-28 15:05:43, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:57, Info CSI 00000227 [SR] Verify complete
2016-05-28 15:05:57, Info CSI 00000228 [SR] Verifying 35 (0x00000023) components
2016-05-28 15:05:57, Info CSI 00000229 [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:59, Info CSI 0000022b [SR] Verify complete
2016-05-28 15:05:59, Info CSI 0000022c [SR] Repairing 3 components
2016-05-28 15:05:59, Info CSI 0000022d [SR] Beginning Verify and Repair transaction
2016-05-28 15:05:59, Info CSI 0000022f [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-05-28 15:05:59, Info CSI 00000230 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2016-05-28 15:05:59, Info CSI 00000231 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2016-05-28 15:05:59, Info CSI 00000233 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-05-28 15:05:59, Info CSI 00000234 [SR] This component was referenced by [l:158{79}]"Package_16_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-49_neutral_GDR"
2016-05-28 15:05:59, Info CSI 00000235 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"ir41_qcx.dll" from store
2016-05-28 15:05:59, Info CSI 00000237 [SR] Repair complete
2016-05-28 15:06:00, Info CSI 00000238 [SR] Committing transaction
2016-05-28 15:06:00, Info CSI 0000023c [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
#6
Posted 28 May 2016 - 12:17 PM
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 28/05/2016 3:16:54 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/05/2016 5:42:12 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Log: 'System' Date/Time: 28/05/2016 5:42:04 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D215781D-019E-4FA0-903D-0CDCDE13A4F5} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Log: 'System' Date/Time: 28/05/2016 5:38:01 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {C2BFE331-6739-4270-86C9-493D9A04CD38} did not register with DCOM within the required timeout.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/05/2016 5:42:29 PM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0017C422D0E2. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Log: 'System' Date/Time: 28/05/2016 5:41:30 PM
Type: Warning Category: 0
Event: 4 Source: b57nd60x
Broadcom NetLink Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 28/05/2016 5:39:20 PM
Type: Warning Category: 0
Event: 4 Source: b57nd60x
Broadcom NetLink Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 28/05/2016 5:38:24 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
#7
Posted 28 May 2016 - 12:19 PM
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 28/05/2016 3:19:00 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/05/2016 5:42:14 PM
Type: Warning Category: 0
Event: 0 Source: AtBroker
The event description cannot be found.
Log: 'Application' Date/Time: 28/05/2016 5:42:06 PM
Type: Warning Category: 0
Event: 0 Source: AtBroker
The event description cannot be found.
Log: 'Application' Date/Time: 28/05/2016 5:42:06 PM
Type: Warning Category: 0
Event: 0 Source: AtBroker
The event description cannot be found.
Log: 'Application' Date/Time: 28/05/2016 5:42:06 PM
Type: Warning Category: 0
Event: 0 Source: AtBroker
The event description cannot be found.
Log: 'Application' Date/Time: 28/05/2016 5:42:03 PM
Type: Warning Category: 0
Event: 3 Source: SQLBrowser
The configuration of the AdminConnection\TCP protocol in the SQL instance MSSMLBIZ is not valid.
Log: 'Application' Date/Time: 28/05/2016 5:38:01 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-534116950-1332898044-2559044525-1003:
Process 776 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003
#8
Posted 28 May 2016 - 12:38 PM
the post was too long. Hence the file attached, thanks
Attached Files
#9
Posted 28 May 2016 - 12:43 PM
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
armsvc.exe 2,096 K 3,176 K 1960 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
audiodg.exe 15,696 K 13,644 K 1260 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
BcmSqlStartupSvc.exe 976 K 2,924 K 1992 BCM SQL Startup Service Microsoft Corporation (Verified) Microsoft Corporation
BR040286.exe 2,648 K 3,396 K 1116 USB PC Camera Bison Inc. (No signature was present in the subject) Bison Inc.
conime.exe 1,292 K 4,168 K 2848 Console IME Microsoft Corporation (Verified) Microsoft Windows
eDSLoader.exe 11,968 K 14,172 K 704 Acer eDataSecurity Management Loader Egis Incorporated (Verified) EGIS TECHNOLOGY INC.
eDSService.exe 1,548 K 4,304 K 2012 Acer eDataSecurity Management Service Egis Incorporated (Verified) EGIS TECHNOLOGY INC.
ehmsas.exe 1,564 K 4,820 K 1588 Media Center Media Status Aggregator Service Microsoft Corporation (Verified) Microsoft Windows
ehtray.exe 1,804 K 2,644 K 4016 Media Center Tray Applet Microsoft Corporation (Verified) Microsoft Windows
FlashUtil32_21_0_0_242_ActiveX.exe 5,412 K 10,012 K 496 Adobe® Flash® Player Installer/Uninstaller 21.0 r0 Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
hpwuschd2.exe 1,064 K 3,152 K 3220 hpwuSchd Application Hewlett-Packard (A certificate was explicitly revoked by its issuer) Hewlett-Packard
IAAnotif.exe 1,528 K 4,020 K 4044 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
IAANTmon.exe 2,824 K 5,048 K 792 RAID Monitor Intel Corporation (Verified) Intel Corporation
igfxext.exe 1,096 K 3,968 K 3708 igfxext Module Intel Corporation (Verified) Intel Corporation
igfxpers.exe 1,540 K 4,792 K 3728 persistence Module Intel Corporation (Verified) Intel Corporation
igfxsrvc.exe 1,372 K 4,032 K 1528 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
igfxtray.exe 1,636 K 4,732 K 1360 igfxTray Module Intel Corporation (Verified) Intel Corporation
LSSrvc.exe 1,036 K 3,036 K 996 Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
MobilityService.exe 11,400 K 9,120 K 1464 app (No signature was present in the subject)
msseces.exe 6,076 K 8,976 K 3216 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
NisSrv.exe 15,156 K 9,388 K 3328 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
PDVDServ.exe 1,576 K 4,760 K 2792 PowerDVD RC Service Cyberlink Corp. (No signature was present in the subject) Cyberlink Corp.
RtHDVCpl.exe 9,100 K 6,332 K 2404 HD Audio Control Panel Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkBtMnt.exe 2,624 K 3,972 K 3884 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
rundll32.exe 4,868 K 9,008 K 2208 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
ScanToPCActivationApp.exe 3,064 K 7,924 K 3696 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
services.exe 2,960 K 6,764 K 644 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe 6,092 K 4,412 K 1308 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
smss.exe 288 K 720 K 424 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
sqlbrowser.exe 1,112 K 2,768 K 2288 SQL Browser Service EXE Microsoft Corporation (Verified) Microsoft Corporation
sqlwriter.exe 3,744 K 4,836 K 2300 SQL Server VSS Writer Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 2,148 K 4,532 K 1284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,240 K 5,168 K 840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 580 K 2,192 K 2416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,840 K 68,296 K 5632 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,328 K 7,372 K 2368 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 12,744 K 11,864 K 1792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 8,924 K 12,848 K 1352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,264 K 6,708 K 856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SynTPStart.exe 1,680 K 5,076 K 1076 Synaptics Pointing Device starter Synaptics, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
taskeng.exe 2,008 K 5,940 K 3784 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
UnlockerAssistant.exe 1,240 K 3,492 K 3540 (No signature was present in the subject)
unsecapp.exe 2,160 K 3,760 K 3168 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,416 K 3,744 K 600 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,256 K 5,212 K 744 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
WLIDSVC.EXE 5,928 K 7,816 K 2556 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVCM.EXE 888 K 2,520 K 2692 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WmiPrvSE.exe 9,928 K 16,128 K 1816 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
eNet Service.exe < 0.01 15,140 K 11,496 K 12 acer eNet Management Service Acer Inc. (No signature was present in the subject) Acer Inc.
capuserv.exe < 0.01 40,400 K 20,140 K 2856 Service (No signature was present in the subject)
Acer.Empowering.Framework.Supervisor.exe < 0.01 46,692 K 45,804 K 2756 Acer Empowering Techonology Framework Launcher Acer Inc. (No signature was present in the subject) Acer Inc.
taskeng.exe < 0.01 9,584 K 9,976 K 3876 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
ePowerSvc.exe < 0.01 20,228 K 14,252 K 2644 WMIServi Application acer (No signature was present in the subject) acer
svchost.exe < 0.01 20,332 K 15,116 K 1136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 1,856 K 5,336 K 556 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
lsm.exe < 0.01 2,116 K 3,796 K 668 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
XAudio.exe < 0.01 760 K 2,132 K 2824 Modem Audio Service Conexant Systems, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
iexplore.exe < 0.01 21,564 K 34,568 K 5400 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
HP1006MC.EXE < 0.01 1,104 K 3,580 K 2496 SMLMProxy Module Software 2000 Limited (Verified) Microsoft Windows Hardware Compatibility Publisher
WmiPrvSE.exe < 0.01 23,628 K 29,228 K 2928 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
hkcmd.exe < 0.01 1,896 K 4,892 K 2256 hkcmd Module Intel Corporation (Verified) Intel Corporation
SearchIndexer.exe < 0.01 42,552 K 21,376 K 2800 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
eNMTray.exe < 0.01 29,108 K 24,336 K 2272 Acer eNet Tray Acer Inc. (No signature was present in the subject) Acer Inc.
svchost.exe < 0.01 4,160 K 6,672 K 916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe < 0.01 7,576 K 9,484 K 1760 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 109,808 K 115,500 K 1188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 5,232 K 9,420 K 656 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
LManager.exe < 0.01 10,440 K 6,768 K 2580 Acer Launch Manager Keyboard Application Dritek System Inc. (Verified) Dritek System Inc.
HPNetworkCommunicator.exe < 0.01 3,516 K 7,172 K 7188 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
explorer.exe < 0.01 30,136 K 38,748 K 3852 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe < 0.01 233,572 K 283,420 K 3584 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
osk.exe < 0.01 1,396 K 4,636 K 7752 On-Screen Keyboard Microsoft Corporation (Verified) Microsoft Windows
igfxsrvc.exe < 0.01 2,396 K 5,456 K 3504 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
eLockServ.exe < 0.01 19,080 K 12,316 K 2032 Acer eLock Management Acer Inc. (No signature was present in the subject) Acer Inc.
ePower_DMC.exe < 0.01 21,144 K 19,320 K 4356 Acer ePower Management DMC Acer Inc. (No signature was present in the subject) Acer Inc.
System < 0.01 0 K 18,728 K 4
csrss.exe < 0.01 2,892 K 9,800 K 612 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 0.76 37,000 K 44,112 K 3804 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.76 0 K 0 K n/a Hardware Interrupts and DPCs
MsMpEng.exe 0.76 113,808 K 107,632 K 968 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.76 16,424 K 12,900 K 1560 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe 2.27 2,200 K 4,864 K 2620 Synaptics TouchPad Enhancements Synaptics, Inc. (Verified) Synaptics Incorporated
procexp.exe 5.30 22,876 K 34,752 K 6792 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
svchost.exe 35.61 97,984 K 98,928 K 1168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
System Idle Process 53.79 0 K 24 K 0
#10
Posted 28 May 2016 - 05:25 PM
Two main problems.
This process is eating up too much CPU time. This is the one at the bottom of the list just before System Idle in Process Explorer.
svchost.exe 35.61 97,984 K 98,928 K 1168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
If you hover over it you will get a list of services that ride on this svchost.exe. What are they?
Speccy says it is running hot:
CPU
#11
Posted 28 May 2016 - 05:57 PM
It is very difficult to tell the svhost as it keeps moving about.
It is a laptop acer - extensa 5620z. It is usually on a hard surface, sometimes i lay it on the couch or bed.
The core says 51 temp 1 & 2
#12
Posted 28 May 2016 - 06:02 PM
it says dcom server process launcher (Dcom launch) - hard to read
#13
Posted 28 May 2016 - 06:04 PM
plug & play
those were the 2 items under the svhost
#14
Posted 28 May 2016 - 07:45 PM
It's probably DCOMLaunch, PlugPlay & Power. This is unusual. Normally it's way down in the CPU usage list.
Click on the Process column header. This will sort things by the Process name so they won't jump around. Find the svchost.exe which has the high CPU usage which should still be your DCOMLaunch, PlugPlay & Power. Directly under it you will see unsecapp.exe, wmiprvse.exe, prevhost.exe and probably a second wmiprvse.exe. Right click on each and Suspend. After each Suspend, check the CPU percentage for the svchost.exe. We want to find the one that makes it drop to .something.
sometimes i lay it on the couch or bed.
Never do that. A soft surface will block the air vents on the bottom and cause it to overheat. People have died when a laptop overheated and caught fire after they fell asleep with it on the bed. If you must use it on a soft surface set it on a hard surface like a tray or even a big book.
#15
Posted 29 May 2016 - 12:40 AM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users