[shajoe44]

I have attached original error message that I sent to tech dept. They say I probably have malware.

 

OTL logfile created on: 5/4/2014 7:12:39 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Miriam Moody\My Documents\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1013.02 Mb Total Physical Memory | 299.70 Mb Available Physical Memory | 29.58% Memory free

2.38 Gb Paging File | 0.48 Gb Available in Paging File | 20.10% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 138.05 Gb Total Space | 107.96 Gb Free Space | 78.21% Space Free | Partition Type: NTFS

 

Computer Name: MIRIAM | User Name: Miriam Moody | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014/05/04 19:11:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Miriam Moody\My Documents\Downloads\OTL (1).exe

PRC - [2014/04/28 05:38:12 | 003,582,992 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\systemk\systemku.exe

PRC - [2014/04/28 05:38:05 | 003,543,056 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\systemk\SystemkService.exe

PRC - [2014/04/23 20:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2013/11/28 17:45:43 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2013/11/28 17:45:43 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

PRC - [2010/06/22 02:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe

PRC - [2010/06/01 18:27:50 | 002,057,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

PRC - [2010/03/11 01:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec IPS\PmmUpdate.exe

PRC - [2010/02/12 19:11:46 | 000,030,080 | ---- | M] () -- C:\WINDOWS\snuvcdsm.exe

PRC - [2010/02/12 19:11:42 | 000,099,712 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\WINDOWS\PLFSetL.exe

PRC - [2010/02/09 14:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe

PRC - [2010/01/29 19:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe

PRC - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe

PRC - [2009/10/13 13:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014/05/04 13:58:52 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14050401\algo.dll

MOD - [2014/05/03 12:50:28 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14050301\algo.dll

MOD - [2014/05/02 02:43:13 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14050200\algo.dll

MOD - [2014/04/30 09:13:25 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\14b0b026e92e72651cc47862de85e5d7\System.ni.dll

MOD - [2014/04/30 09:12:45 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a2767e13886a4a94c9c849c0e052c3d7\mscorlib.ni.dll

MOD - [2014/04/30 04:35:25 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14043000\algo.dll

MOD - [2014/04/28 05:38:18 | 000,490,000 | ---- | M] () -- C:\Program Files\Settings Manager\systemk\sysapcrt.dll

MOD - [2014/04/28 05:38:09 | 000,020,496 | ---- | M] () -- C:\Program Files\Settings Manager\systemk\syskldr.dll

MOD - [2014/04/23 20:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll

MOD - [2014/04/23 20:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll

MOD - [2014/04/23 20:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

MOD - [2014/04/23 20:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll

MOD - [2013/11/28 17:45:47 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll

MOD - [2010/02/12 19:11:46 | 000,030,080 | ---- | M] () -- C:\WINDOWS\snuvcdsm.exe

 

 

========== Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2014/04/28 05:38:05 | 003,543,056 | ---- | M] (Aztec Media Inc) [Auto | Running] -- C:\Program Files\Settings Manager\systemk\SystemkService.exe -- (SystemkService)

SRV - [2013/11/28 17:45:43 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2013/11/01 16:34:34 | 001,987,588 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)

SRV - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)

SRV - [2010/06/22 02:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)

SRV - [2010/06/01 18:27:50 | 002,057,560 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)

SRV - [2010/05/26 22:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)

SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2010/01/29 19:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)

SRV - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV - [2009/10/13 13:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - [2014/04/28 05:38:06 | 000,031,120 | ---- | M] (Aztec Media Inc) [Kernel | System | Stopped] -- C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A91196222)

DRV - [2014/04/28 05:38:06 | 000,031,120 | ---- | M] (Aztec Media Inc) [Kernel | Disabled | Running] -- C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A9119622)

DRV - [2014/02/13 22:36:58 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)

DRV - [2014/02/13 22:35:55 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2014/02/13 22:35:55 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)

DRV - [2014/02/13 22:35:55 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)

DRV - [2014/02/13 22:35:55 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2014/02/13 22:35:54 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2013/11/28 17:45:50 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)

DRV - [2010/06/17 02:50:02 | 000,082,384 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EUCR6SK.sys -- (EUCR)

DRV - [2010/05/30 23:58:36 | 006,608,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)

DRV - [2010/05/19 23:20:26 | 000,061,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)

DRV - [2010/03/12 17:41:22 | 005,867,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2010/02/12 19:11:44 | 001,766,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)

DRV - [2009/12/30 10:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)

DRV - [2009/11/17 19:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009/11/17 19:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009/07/13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)

DRV - [2008/12/02 14:52:00 | 000,058,800 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV - [2008/12/02 14:52:00 | 000,017,840 | ---- | M] (Egis Incorporated.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV - [2008/12/02 14:52:00 | 000,015,280 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...14wu45w4882u238

IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...p={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.default-s...&tm=325&src=hmp

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC

IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_enUS412US412

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/28 01:09:27 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/28 01:09:27 | 000,000,000 | ---D | M]

 

 

========== Chrome  ==========

 

CHR - default_search_provider: default-search.net (Enabled)

CHR - default_search_provider: search_url = http://www.default-s...p={searchTerms}

CHR - default_search_provider: suggest_url = ,

CHR - homepage: http://www.default-s...&tm=325&src=hmp

CHR - plugin: Error reading preferences file

CHR - Extension: Google Docs = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: avast! Online Security = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\

CHR - Extension: Google Wallet = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: Gmail = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files\Linkey\IEExtension\iedll.dll (Aztec Media Inc)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)

O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [EgisUpdate] C:\Program Files\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (Sonix Technology Co., Ltd.)

O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )

O4 - HKLM..\Run: [snuvcdsm] C:\WINDOWS\snuvcdsm.exe ()

O4 - HKLM..\Run: [SuiteTray] C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk =  File not found

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk =  File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)

O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)

O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{839A1957-E156-40E8-B812-9D68D5E08C5B}: DhcpNameServer = 192.168.1.254

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp

O27 - HKLM IFEO\bitguard.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\bprotect.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\bpsvc.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\browserdefender.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\browserprotect.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\browsersafeguard.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\dprotectsvc.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\jumpflip: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\protectedsearch.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\searchinstaller.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\searchprotection.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\searchprotector.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\searchsettings.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\searchsettings64.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\snapdo.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\stinst32.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\stinst64.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\umbrella.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\utiljumpflip.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\volaro: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\vonteera: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\websteroids.exe: Debugger - tasklist.exe File not found

O27 - HKLM IFEO\websteroidsservice.exe: Debugger - tasklist.exe File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/07/22 03:04:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802}\Shell - "" = AutoRun

O33 - MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL jsNeQ.exE

O33 - MountPoints2\{ac5696a8-5171-11e0-8dbc-0026c798e802}\Shell - "" = AutoRun

O33 - MountPoints2\{ac5696a8-5171-11e0-8dbc-0026c798e802}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{ac5696a8-5171-11e0-8dbc-0026c798e802}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O36 - AppCertDlls: x64 - (c:\program files\settings manager\systemk\x64\sysapcrt.dll) -  File not found

O36 - AppCertDlls: x86 - (C:\Program Files\Settings Manager\systemk\sysapcrt.dll) - C:\Program Files\Settings Manager\systemk\sysapcrt.dll ()

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014/05/02 11:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\systemk

[2014/05/02 08:49:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2014/05/01 08:57:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2014/04/30 09:43:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auslogics

[2014/04/30 09:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics

[2014/04/30 09:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics

[2014/04/30 00:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Desktop\autorun

[2014/04/29 09:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Desktop\SDR

[2014/04/26 14:02:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\usb_driver

[2014/04/25 13:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group

[2014/04/25 13:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro

[2014/04/25 13:22:26 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys

[2014/04/25 13:22:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group

[2014/04/25 13:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group

[2014/04/22 18:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Linkey

[2014/04/22 18:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Settings Manager

[2014/04/15 09:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

 

========== Files - Modified Within 30 Days ==========

 

[2014/05/04 19:11:29 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2014/05/03 19:37:27 | 000,107,019 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdrexe.JPG

[2014/05/03 16:56:46 | 000,175,853 | ---- | M] () -- C:\WINDOWS\hpoins35.dat

[2014/05/03 16:41:45 | 000,070,116 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\HP Install.JPG

[2014/05/02 11:12:50 | 000,483,592 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2014/05/02 11:12:50 | 000,080,830 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2014/05/02 09:11:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2014/05/02 08:50:37 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2014/05/02 08:48:43 | 000,096,602 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\error message.JPG

[2014/05/01 13:03:55 | 000,115,759 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Disk Mgmt.JPG

[2014/05/01 08:59:32 | 000,100,412 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Storage.JPG

[2014/05/01 00:25:18 | 000,090,267 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Device Mgmt.JPG

[2014/04/30 09:43:16 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk

[2014/04/30 09:36:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2014/04/30 09:34:17 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2014/04/30 09:34:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2014/04/30 09:34:06 | 1062,301,696 | -HS- | M] () -- C:\hiberfil.sys

[2014/04/29 13:56:54 | 000,099,748 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdr screenshot.JPG

[2014/04/28 00:51:06 | 000,038,941 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\screenshot.JPG

[2014/04/26 00:41:09 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

[2014/04/24 19:16:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2014/04/15 09:40:47 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2013.lnk

 

========== Files Created - No Company Name ==========

 

[2014/05/03 19:37:27 | 000,107,019 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdrexe.JPG

[2014/05/03 16:56:39 | 000,220,831 | ---- | C] () -- C:\WINDOWS\hpoins35.dat.temp

[2014/05/03 16:56:39 | 000,000,778 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat.temp

[2014/05/03 16:40:52 | 000,070,116 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\HP Install.JPG

[2014/05/02 08:48:43 | 000,096,602 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\error message.JPG

[2014/05/01 13:03:55 | 000,115,759 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Disk Mgmt.JPG

[2014/05/01 08:59:32 | 000,100,412 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Storage.JPG

[2014/05/01 00:25:18 | 000,090,267 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Device Mgmt.JPG

[2014/04/30 09:43:15 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk

[2014/04/29 13:56:53 | 000,099,748 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdr screenshot.JPG

[2014/04/28 00:51:06 | 000,038,941 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\screenshot.JPG

[2014/04/26 00:45:41 | 1062,301,696 | -HS- | C] () -- C:\hiberfil.sys

[2014/04/25 13:22:31 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

[2014/03/05 10:55:38 | 001,268,856 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2587936551-156640315-1538417202-1006-0.dat

[2014/03/05 10:55:30 | 000,243,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2014/01/29 13:33:07 | 000,000,286 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc

[2013/11/28 17:45:53 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys

[2013/11/28 17:45:53 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys

[2013/10/15 11:23:44 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/08/10 10:30:39 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\dt.dat

[2010/12/28 00:04:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Application Data\wklnhst.dat

 

========== ZeroAccess Check ==========

 

[2010/07/22 03:08:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 08:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2010/07/22 04:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer

[2014/04/30 09:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auslogics

[2013/11/28 17:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2013/11/28 17:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014

[2014/01/10 09:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2011/03/02 09:46:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2010/07/22 05:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EgisTec IPS

[2010/07/22 04:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi

[2011/03/04 21:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\myitlab

[2011/01/29 15:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Partner

[2014/05/04 18:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\systemk

[2014/04/25 13:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group

[2010/10/15 13:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent

[2013/11/28 17:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\AVAST Software

[2014/04/15 09:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012/10/22 20:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\TuneUp Software

[2014/04/22 18:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\uTorrent

 

========== Purity Check ==========

 

 

 

< End of report >

 

Attached Thumbnails

• 

[Advertisements]

The error is caused by an HP printer file.  Not sure why it is involved but let's see if we can get it to cooperate:

 

Please download GrantPerms.zip 

http://download.blee.../GrantPerms.zip

and save it to your desktop.

Unzip the file and  run GrantPerms.exe 

Copy and paste the following in the edit box:

 

 
 
"C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL"
 

 

Click Unlock. When it is done click "OK".

Click List Permissions and post the result (Perms.txt) that pops up. A copy of Perms.txt will be saved in the same directory the tool is run. 

[RKinner]

The error is caused by an HP printer file.  Not sure why it is involved but let's see if we can get it to cooperate:

 

Please download GrantPerms.zip 

http://download.blee.../GrantPerms.zip

and save it to your desktop.

Unzip the file and  run GrantPerms.exe 

Copy and paste the following in the edit box:

 

 
 
"C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL"
 

 

Click Unlock. When it is done click "OK".

Click List Permissions and post the result (Perms.txt) that pops up. A copy of Perms.txt will be saved in the same directory the tool is run. 

[shajoe44]

GrantPerms by Farbar 

Ran by Miriam Moody (administrator) at 2014-05-04 21:20:34

 

===============================================

\\?\C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL

 

   Owner: BUILTIN\Administrators

 

   DACL(NP)(AI):

            BUILTIN\Users   READ/EXECUTE   ALLOW   (I)

   BUILTIN\Administrators   FULL   ALLOW   (I)

   NT AUTHORITY\SYSTEM   FULL   ALLOW   (I)

[RKinner]

OK.  Do you still get the Access Denied error?

[shajoe44]

let me reboot............i was supposed to send you this link also...........http://www.geekstogo...-newer-version/

[RKinner]

We can remove your adware and check for malware:

 

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

 

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

 

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

 

 

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

 

The report will be saved in the C:\AdwCleaner folder.

 

 

 

Junkware-Removal-Tool

 

Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

• Pause your anti-virus.  Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

 

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop. 

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 

 

•  

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 

Press Scan button. 

It will produce a log called FRST.txt in the same directory the tool is run from.  

Please copy and paste log back here. 

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

[shajoe44]

yes i am

Attached Thumbnails

• 

[shajoe44]

# AdwCleaner v3.207 - Report created 04/05/2014 at 21:42:05

# Updated 05/05/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Miriam Moody - MIRIAM

# Running from : C:\Documents and Settings\Miriam Moody\My Documents\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222

[#] Service Deleted : SystemkService

[#] Service Deleted : vToolbarUpdater17.1.2

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Partner

[!] Folder Deleted : C:\Documents and Settings\All Users\Application Data\systemk

Folder Deleted : C:\Program Files\Linkey

Folder Deleted : C:\Program Files\SelectRebates

[!] Folder Deleted : C:\Program Files\Settings Manager

Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

Folder Deleted : C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\AVG Secure Search

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL

Key Deleted : HKLM\SOFTWARE\CLASSES\Linkey.Linkey

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe

Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]

Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]

Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]

Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\Linkey

Key Deleted : HKCU\Software\SystemK

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\Software\Linkey

Key Deleted : HKLM\Software\SystemK

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Linkey

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Settings Manager

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

 

-\\ Google Chrome v34.0.1847.131

 

[ File : C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12521&tm=325&src=ds&p={searchTerms}

Deleted [Startup_urls] : hxxp://www.default-search.net?sid=492&aid=100&itype=n&ver=12283&tm=325&src=hmp

Deleted [Homepage] : hxxp://www.default-search.net?sid=492&aid=100&itype=n&ver=12283&tm=325&src=hmp

 

*************************

 

AdwCleaner[R0].txt - [10844 octets] - [04/05/2014 21:40:12]

AdwCleaner[S0].txt - [10744 octets] - [04/05/2014 21:42:05]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10805 octets] ##########

 

Attached Thumbnails

• 

[shajoe44]

got a new error message popped up during the running of junkware removal

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Microsoft Windows XP x86

Ran by Miriam Moody on Sun 05/04/2014 at 21:53:45.21

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\boost_interprocess"

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 05/04/2014 at 22:05:53.64

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Attached Thumbnails

• 

[shajoe44]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2014

Ran by Miriam Moody (administrator) on MIRIAM on 04-05-2014 22:11:43

Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads

Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)

Internet Explorer Version 8

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe

(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe

(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe

(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe

(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

(Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe

(Sonix Technology Co., Ltd.) C:\WINDOWS\PLFSetL.exe

() C:\WINDOWS\snuvcdsm.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE

(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe

(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe

(Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe

(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)

HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [59936 2009-12-11] (Realtek Semiconductor Corp.)

HKLM\...\Run: [SuiteTray] => C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)

HKLM\...\Run: [EgisUpdate] => C:\Program Files\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)

HKLM\...\Run: [EgisTecPMMUpdate] => C:\Program Files\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)

HKLM\...\Run: [Norton Online Backup] => C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [966488 2010-06-01] (Symantec Corporation)

HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)

HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()

HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)

HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)

HKLM\...\Run: [PLFSetL] => C:\WINDOWS\PLFSetL.exe [99712 2010-02-12] (Sonix Technology Co., Ltd.)

HKLM\...\Run: [snp2uvc] => C:\WINDOWS\system32\csnp2uvc.dll [202112 2010-02-12] ( )

HKLM\...\Run: [snuvcdsm] => C:\WINDOWS\snuvcdsm.exe [30080 2010-02-12] ()

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1692968 2010-02-05] (Synaptics Incorporated)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19521056 2010-03-12] (Realtek Semiconductor Corp.)

HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)

HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-28] (AVAST Software)

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-22] (Google Inc.)

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {3fc21e58-3ae3-11e0-8db6-0026c798e802} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL jsNeQ.exE

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {ac5696a8-5171-11e0-8dbc-0026c798e802} - D:\LaunchU3.exe -a

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll

HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...14wu45w4882u238

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search

SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...AW_enUS412US412

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}

BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File

BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)

BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab

DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]

FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR Extension: (Google Docs) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]

CHR Extension: (Google Drive) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]

CHR Extension: (YouTube) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]

CHR Extension: (Google Search) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]

CHR Extension: (avast! Online Security) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-10]

CHR Extension: (Google Wallet) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]

CHR Extension: (Gmail) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-28]

 

========================== Services (Whitelisted) =================

 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-28] (AVAST Software)

S3 ExpressInvoiceService; C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe [1987588 2013-11-01] (NCH Software)

S3 GameConsoleService; C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)

R3 MWLService; C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)

R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2057560 2010-06-01] (Symantec Corporation)

R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)

R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)

 

==================== Drivers (Whitelisted) ====================

 

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-13] (AVAST Software)

R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-02-13] (AVAST Software)

R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-11-28] ()

R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-02-13] (AVAST Software)

R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-02-13] (AVAST Software)

R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-02-13] (AVAST Software)

R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-02-13] ()

S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)

S3 EUCR; C:\WINDOWS\System32\DRIVERS\EUCR6SK.SYS [82384 2010-06-17] (ENE Technology Inc.)

R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [61552 2010-05-19] (Atheros Communications, Inc.)

S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)

R1 mwlPSDFilter; C:\WINDOWS\System32\DRIVERS\mwlPSDFilter.sys [17840 2008-12-02] (Egis Incorporated.)

R1 mwlPSDNServ; C:\WINDOWS\System32\DRIVERS\mwlPSDNServ.sys [15280 2008-12-02] (Egis Incorporated.)

R1 mwlPSDVDisk; C:\WINDOWS\System32\DRIVERS\mwlPSDVDisk.sys [58800 2008-12-02] (Egis Incorporated.)

S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)

R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [6608512 2010-05-30] (Intel Corporation)

R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1766784 2010-02-12] ()

U1 WS2IFSL; 

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-05-04 22:11 - 2014-05-04 22:11 - 00000000 ____D () C:\FRST

2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt

2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-05-04 21:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll

2014-05-04 21:39 - 2014-05-04 21:42 - 00000000 ____D () C:\AdwCleaner

2014-05-04 21:17 - 2014-05-04 21:20 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms

2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant

2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt

2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt

2014-05-02 11:06 - 2014-05-04 21:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk

2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics

2014-04-30 00:39 - 2014-04-30 09:12 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun

2014-04-29 09:45 - 2014-04-30 10:25 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR

2014-04-26 14:02 - 2014-04-29 13:38 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll

2014-04-26 14:02 - 2014-04-29 13:38 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver

2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$

2014-04-25 13:22 - 2014-04-26 00:41 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

2014-04-25 13:22 - 2014-04-26 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group

2014-04-25 13:22 - 2009-12-30 10:20 - 00027064 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys

2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2014-04-14 16:07 - 2014-04-21 10:33 - 00004594 _____ () C:\WINDOWS\KB2922229.log

 

==================== One Month Modified Files and Folders =======

 

2014-05-04 22:11 - 2014-05-04 22:11 - 00000000 ____D () C:\FRST

2014-05-04 22:11 - 2010-12-27 23:36 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt

2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-05-04 21:49 - 2013-11-28 17:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job

2014-05-04 21:46 - 2010-07-22 03:03 - 01563544 _____ () C:\WINDOWS\WindowsUpdate.log

2014-05-04 21:44 - 2014-05-02 11:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk

2014-05-04 21:44 - 2013-05-31 13:19 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

2014-05-04 21:44 - 2010-12-27 23:36 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-04 21:44 - 2010-07-22 03:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-05-04 21:44 - 2010-07-21 20:01 - 00000159 _____ () C:\WINDOWS\wiadebug.log

2014-05-04 21:44 - 2010-07-21 20:01 - 00000048 _____ () C:\WINDOWS\wiaservc.log

2014-05-04 21:43 - 2010-12-28 10:15 - 00000178 ___SH () C:\Documents and Settings\Miriam Moody\ntuser.ini

2014-05-04 21:43 - 2010-07-22 03:07 - 00032504 _____ () C:\WINDOWS\SchedLgU.Txt

2014-05-04 21:42 - 2014-05-04 21:39 - 00000000 ____D () C:\AdwCleaner

2014-05-04 21:20 - 2014-05-04 21:17 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms

2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant

2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt

2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt

2014-05-04 18:56 - 2010-07-21 19:59 - 00936043 _____ () C:\WINDOWS\setupapi.log

2014-05-04 06:30 - 2014-03-22 12:44 - 00022659 _____ () C:\WINDOWS\KB2929961.log

2014-05-03 16:57 - 2010-12-28 01:03 - 00001138 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log

2014-05-03 16:56 - 2010-12-28 01:03 - 00175853 _____ () C:\WINDOWS\hpoins35.dat

2014-05-02 11:12 - 2010-07-21 19:59 - 00573334 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-05-02 08:50 - 2014-01-10 12:11 - 00001817 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2014-04-30 10:35 - 2010-07-22 03:08 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2014-04-30 10:25 - 2014-04-29 09:45 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR

2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics

2014-04-30 09:12 - 2014-04-30 00:39 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun

2014-04-29 13:38 - 2014-04-26 14:02 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll

2014-04-29 13:38 - 2014-04-26 14:02 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver

2014-04-29 13:38 - 2010-10-15 13:30 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll

2014-04-29 13:38 - 2010-07-22 04:21 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups

2014-04-29 09:51 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody

2014-04-26 14:03 - 2010-07-21 19:59 - 02052726 _____ () C:\WINDOWS\FaxSetup.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00984293 _____ () C:\WINDOWS\ocgen.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00785182 _____ () C:\WINDOWS\tsoc.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00688028 _____ () C:\WINDOWS\comsetup.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00415603 _____ () C:\WINDOWS\ntdtcsetup.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00326400 _____ () C:\WINDOWS\iis6.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00213964 _____ () C:\WINDOWS\setupact.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00113061 _____ () C:\WINDOWS\ocmsn.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00102223 _____ () C:\WINDOWS\msgsocm.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00001374 _____ () C:\WINDOWS\imsins.log

2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$

2014-04-26 01:00 - 2013-10-29 20:37 - 00000000 ____D () C:\Program Files\WinZip

2014-04-26 00:41 - 2014-04-25 13:22 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

2014-04-26 00:41 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group

2014-04-24 19:16 - 2010-07-22 03:37 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl

2014-04-22 18:11 - 2013-10-29 11:23 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\uTorrent

2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Program Files\NCH Software

2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NCH Software

2014-04-21 11:25 - 2014-03-05 10:55 - 01268856 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2587936551-156640315-1538417202-1006-0.dat

2014-04-21 11:25 - 2014-03-05 10:55 - 00243338 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

2014-04-21 10:33 - 2014-04-14 16:07 - 00004594 _____ () C:\WINDOWS\KB2922229.log

2014-04-15 09:45 - 2014-01-29 13:26 - 00000000 ____D () C:\Program Files\TurboTax

2014-04-15 09:44 - 2014-01-29 13:33 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\My Documents\TurboTax

2014-04-15 09:40 - 2014-01-29 13:28 - 00002393 _____ () C:\Documents and Settings\All Users\Desktop\TurboTax 2013.lnk

2014-04-15 09:38 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Adobe

2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2014-04-15 09:06 - 2010-12-30 16:16 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

 

Some content of TEMP:

====================

C:\Documents and Settings\Miriam Moody\Local Settings\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\WINDOWS\explorer.exe => MD5 is legit

C:\WINDOWS\system32\winlogon.exe => MD5 is legit

C:\WINDOWS\system32\svchost.exe => MD5 is legit

C:\WINDOWS\system32\services.exe => MD5 is legit

C:\WINDOWS\system32\User32.dll => MD5 is legit

C:\WINDOWS\system32\userinit.exe => MD5 is legit

C:\WINDOWS\system32\rpcss.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

 

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:04-05-2014

Ran by Miriam Moody at 2014-05-04 22:13:12

Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

 

==================== Installed Programs ======================

 

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden

Acer Crystal Eye webcam Ver:1.1.184.610 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.184.610 - Chicony Electronics Co.,Ltd.)

Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)

Acer Game Console (Version:  - WildTangent) Hidden

Acer Games (HKLM\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)

Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0624.2010 - Acer Incorporated)

Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)

Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)

Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden

Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.40 - Atheros Communications Inc.)

Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)

avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)

Bejeweled 2 Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Blackhawk Striker 2 (Version: 2.2.0.95 - WildTangent) Hidden

BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden

C309a (Version: 140.0.690.000 - Hewlett-Packard) Hidden

Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95 - WildTangent) Hidden

DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden

Dora's Carnival Adventure (Version: 2.2.0.95 - WildTangent) Hidden

eBay Worldwide (HKLM\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)

ENE USB Card Reader Driver (HKLM\...\36E252B904CCA457EEA4810BC637F015E21FD79F) (Version: 5.89.0.70 - ENE)

eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)

eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden

Express Invoice (HKLM\...\ExpressInvoice) (Version:  - NCH Software)

Farm Frenzy (Version: 2.2.0.95 - WildTangent) Hidden

Fax (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Final Drive Nitro (Version: 2.2.0.95 - WildTangent) Hidden

Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)

Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden

GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{71C4F928-136A-4222-A191-310E081FB96B}) (Version: 14.0 - HP)

HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)

HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)

HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)

HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden

HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden

hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden

HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden

Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)

Insaniquarium Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 6.14.10.5260 - Intel Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

Jewel Quest - Heritage (Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest (Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest Solitaire 2 (Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Launch Manager (HKLM\...\LManager) (Version: 4.0.12 - Acer Inc.)

MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)

Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)

Mplayer 0.6.9 (HKLM\...\Mplayer) (Version: 0.6.9 - )

MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MyWinLocker (Version: 3.1.212.0 - Egis Technology Inc.) Hidden

MyWinLocker Suite (HKLM\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)

MyWinLocker Suite (Version: 3.1.212.0 - Egis Technology Inc.) Hidden

Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden

Norton Online Backup (HKLM\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

Plants vs. Zombies (Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (Version: 2.2.0.95 - WildTangent) Hidden

PS_AIO_05_C309_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden

QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6066 - Realtek Semiconductor Corp.)

Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)

Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden

Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

ShopAtHome.com Toolbar (HKLM\...\SelectRebatesUninstall) (Version:  - )

Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden

SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden

SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden

Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.7.0 - Synaptics Incorporated)

Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden

TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden

TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)

TurboTax 2013 WinPerFedFormset (Version: 013.000.1548 - Intuit Inc.) Hidden

TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0437 - Intuit Inc.) Hidden

TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162 - Intuit Inc.) Hidden

TurboTax 2013 wrapper (Version: 013.000.0135 - Intuit Inc.) Hidden

TurboTax 2013 wsciper (Version: 013.000.0984 - Intuit Inc.) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Windows Internet Explorer 8 (KB971180) (HKLM\...\KB971180-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB972636) (HKLM\...\KB972636-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB978506) (HKLM\...\KB978506-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95 - WildTangent) Hidden

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WebCam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54.008 - Sonix)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden

Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)

Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 14.0.8081.709 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden

Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )

Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden

Windows Rights Management Client Backwards Compatibility SP2 (HKLM\...\{EC905264-BCFE-423B-9C42-C3A106266790}) (Version: 5.2.95 - Microsoft)

Windows Rights Management Client with Service Pack 2 (HKLM\...\{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}) (Version: 5.2.95 - Microsoft)

Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )

Zuma Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Zuma's Revenge (Version: 2.2.0.95 - WildTangent) Hidden

 

==================== Restore Points  =========================

 

14-02-2014 02:32:46 avast! antivirus system restore point

14-02-2014 13:31:04 Software Distribution Service 3.0

22-03-2014 16:50:16 Software Distribution Service 3.0

14-04-2014 20:01:39 Software Distribution Service 3.0

15-04-2014 13:05:44 Software Distribution Service 3.0

21-04-2014 14:27:53 Software Distribution Service 3.0

22-04-2014 21:43:47 Software Distribution Service 3.0

22-04-2014 22:26:26 Removed WinZip 17.5

24-04-2014 23:18:16 Software Distribution Service 3.0

25-04-2014 12:54:14 Software Distribution Service 3.0

26-04-2014 04:49:19 Revo Uninstaller Pro's restore point - WinZip 17.5

26-04-2014 07:19:32 Software Distribution Service 3.0

26-04-2014 17:58:55 Unsigned driver install

26-04-2014 18:03:03 Installed Windows XP winusb0200.

27-04-2014 13:18:42 Software Distribution Service 3.0

29-04-2014 04:55:06 Software Distribution Service 3.0

29-04-2014 13:28:38 Software Distribution Service 3.0

30-04-2014 12:58:55 Software Distribution Service 3.0

01-05-2014 12:51:48 Software Distribution Service 3.0

02-05-2014 12:45:15 Software Distribution Service 3.0

02-05-2014 15:07:09 Software Distribution Service 3.0

03-05-2014 10:18:17 Software Distribution Service 3.0

03-05-2014 20:38:18 Installed HP Support Solutions Framework

03-05-2014 20:41:51 Installed HP Support Solutions Framework

04-05-2014 10:22:13 Software Distribution Service 3.0

 

==================== Hosts content: ==========================

 

2010-07-22 03:37 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-05-04 18:56 - 2014-05-04 13:58 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050401\algo.dll

2010-10-15 13:19 - 2010-02-12 19:11 - 00030080 _____ () C:\WINDOWS\snuvcdsm.exe

2010-07-19 04:11 - 2009-05-20 02:02 - 00072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll

2013-11-28 17:45 - 2013-11-28 17:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll

2010-07-22 03:37 - 2008-04-14 08:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll

2010-07-22 03:37 - 2008-04-14 08:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== Disabled items from MSCONFIG ==============

 

 

==================== Faulty Device Manager Devices =============

 

Name: Photosmart C309a series

Description: Photosmart C309a series

Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (05/04/2014 10:11:02 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/04/2014 09:11:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/04/2014 08:11:12 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/04/2014 07:11:17 PM) (Source: Application Error) (User: )

Description: Faulting application otl.exe, version 3.2.69.0, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x00012fd3.

Processing media-specific event for [otl.exe!ws!]

 

Error: (05/04/2014 07:11:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/04/2014 06:27:11 AM) (Source: VSSetup) (User: )

Description: EventType vssetup, P1 kb2729449, P2 10.0.30319, P3 10.0.30319.296, P4 1, P5 ndp40-kb2729449.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.

 

Error: (05/04/2014 06:27:10 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2729449' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2729449_20140504_062551578-Microsoft .NET Framework 4 Client Profile-MSP0.txt.

 

Error: (05/04/2014 06:27:10 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/04/2014 06:25:39 AM) (Source: VSSetup) (User: )

Description: EventType vssetup, P1 kb2898855v2, P2 10.0.30319, P3 10.0.30319.1022, P4 1, P5 ndp40-kb2898855.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.

 

Error: (05/04/2014 06:25:38 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2898855v2' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2898855v2_20140504_062251046-Microsoft .NET Framework 4 Client Profile-MSP0.txt.

 

 

System errors:

=============

Error: (05/04/2014 09:42:05 PM) (Source: Service Control Manager) (User: )

Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The MyWinLocker Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Intel® Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Raw Socket Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Updater Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Intuit Update Service v4 service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Norton Online Backup service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Dritek WMI Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:30:24 PM) (Source: Service Control Manager) (User: )

Description: The vToolbarUpdater17.1.2 service failed to start due to the following error: 

%%2

 

 

Microsoft Office Sessions:

=========================

 

==================== Memory info =========================== 

 

Percentage of memory in use: 66%

Total physical RAM: 1013.02 MB

Available physical RAM: 342.04 MB

Total Pagefile: 2439.23 MB

Available Pagefile: 1772.51 MB

Total Virtual: 2047.88 MB

Available Virtual: 1960.36 MB

 

==================== Drives ================================

 

Drive c: (ACER) (Fixed) (Total:138.05 GB) (Free:107.97 GB) NTFS ==>[Drive with boot components (Windows XP)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 1C8B2F0A)

Partition 1: (Not Active) - (Size=11 GB) - (Type=12)

Partition 2: (Active) - (Size=138 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[RKinner]

Download the attached fixlist.txt to the same location as FRST

Run FRST and press Fix

A fix log will be generated please post that then you should be able to boot into regular mode.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

 

Download the attached fixlist.txt to the same location as FRST

Run FRST and press Fix

A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

 

Looks like you may also have a hung install but if you can I would uninstall HP Imaging Device Functions 14.0 as I expect it is the source of your error.

[shajoe44]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:04-05-2014

Ran by Miriam Moody at 2014-05-05 07:11:36 Run:1

Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads

Boot Mode: Normal

 

==============================================

 

Content of fixlist:

*****************

SRV - [2014/04/28 05:38:05 | 003,543,056 | ---- | M] (Aztec Media Inc) [Auto | Running] -- C:\Program Files\Settings Manager\systemk\SystemkService.exe -- (SystemkService)

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {3fc21e58-3ae3-11e0-8db6-0026c798e802} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL jsNeQ.exE

HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll

HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll

c:\program files\settings manager

SearchScopes: HKLM - DefaultScope value is missing.

BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File

U1 WS2IFSL; 

C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 

Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe

C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Common Files\AVG Secure Search 

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

vToolbarUpdater17.1.2

F06DEFF2-5B9C-490D-910F-35D3A91196222

C:\Program Files\SelectRebates

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}

*****************

 

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802} => Key deleted successfully.

HKCR\CLSID\{3fc21e58-3ae3-11e0-8db6-0026c798e802} => Key not found.

HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.

HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.

"c:\program files\settings manager" => File/Directory not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.

HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.

WS2IFSL => Service deleted successfully.

C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.

C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job not found.

"C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe" => File/Directory not found.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

"C:\Program Files\Common Files\AVG Secure Search" => File/Directory not found.

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk => Moved successfully.

"C:\Program Files\SelectRebates" => File/Directory not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key not found.

 

==== End of Fixlog ====

[shajoe44]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2014

Ran by Miriam Moody (administrator) on MIRIAM on 05-05-2014 07:18:37

Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads

Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)

Internet Explorer Version 8

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe

(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe

(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe

(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe

(Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe

(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Sonix Technology Co., Ltd.) C:\WINDOWS\PLFSetL.exe

() C:\WINDOWS\snuvcdsm.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE

(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe

(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Microsoft Corporation) C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE

(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe

(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe

(Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe

(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe

(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)

HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [59936 2009-12-11] (Realtek Semiconductor Corp.)

HKLM\...\Run: [SuiteTray] => C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)

HKLM\...\Run: [EgisUpdate] => C:\Program Files\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)

HKLM\...\Run: [EgisTecPMMUpdate] => C:\Program Files\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)

HKLM\...\Run: [Norton Online Backup] => C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [966488 2010-06-01] (Symantec Corporation)

HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)

HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()

HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)

HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)

HKLM\...\Run: [PLFSetL] => C:\WINDOWS\PLFSetL.exe [99712 2010-02-12] (Sonix Technology Co., Ltd.)

HKLM\...\Run: [snp2uvc] => C:\WINDOWS\system32\csnp2uvc.dll [202112 2010-02-12] ( )

HKLM\...\Run: [snuvcdsm] => C:\WINDOWS\snuvcdsm.exe [30080 2010-02-12] ()

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1692968 2010-02-05] (Synaptics Incorporated)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19521056 2010-03-12] (Realtek Semiconductor Corp.)

HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)

HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-28] (AVAST Software)

HKLM\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-22] (Google Inc.)

HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {ac5696a8-5171-11e0-8dbc-0026c798e802} - D:\LaunchU3.exe -a

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...14wu45w4882u238

SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search

SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...AW_enUS412US412

BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)

BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab

DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]

FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR Extension: (Google Docs) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]

CHR Extension: (Google Drive) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]

CHR Extension: (YouTube) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]

CHR Extension: (Google Search) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]

CHR Extension: (avast! Online Security) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-10]

CHR Extension: (Google Wallet) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]

CHR Extension: (Gmail) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-28]

 

========================== Services (Whitelisted) =================

 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-28] (AVAST Software)

S3 ExpressInvoiceService; C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe [1987588 2013-11-01] (NCH Software)

S3 GameConsoleService; C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)

R3 MWLService; C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)

R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2057560 2010-06-01] (Symantec Corporation)

R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)

R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)

 

==================== Drivers (Whitelisted) ====================

 

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-13] (AVAST Software)

R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-02-13] (AVAST Software)

R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-11-28] ()

R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-02-13] (AVAST Software)

R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-02-13] (AVAST Software)

R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-02-13] (AVAST Software)

R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-02-13] ()

S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)

S3 EUCR; C:\WINDOWS\System32\DRIVERS\EUCR6SK.SYS [82384 2010-06-17] (ENE Technology Inc.)

R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [61552 2010-05-19] (Atheros Communications, Inc.)

S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)

R1 mwlPSDFilter; C:\WINDOWS\System32\DRIVERS\mwlPSDFilter.sys [17840 2008-12-02] (Egis Incorporated.)

R1 mwlPSDNServ; C:\WINDOWS\System32\DRIVERS\mwlPSDNServ.sys [15280 2008-12-02] (Egis Incorporated.)

R1 mwlPSDVDisk; C:\WINDOWS\System32\DRIVERS\mwlPSDVDisk.sys [58800 2008-12-02] (Egis Incorporated.)

S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)

R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [6608512 2010-05-30] (Intel Corporation)

R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1766784 2010-02-12] ()

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-05-04 22:11 - 2014-05-05 07:18 - 00000000 ____D () C:\FRST

2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt

2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-05-04 21:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll

2014-05-04 21:39 - 2014-05-04 21:42 - 00000000 ____D () C:\AdwCleaner

2014-05-04 21:17 - 2014-05-04 21:20 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms

2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant

2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt

2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt

2014-05-02 11:06 - 2014-05-04 21:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk

2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics

2014-04-30 00:39 - 2014-04-30 09:12 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun

2014-04-29 09:45 - 2014-04-30 10:25 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR

2014-04-26 14:02 - 2014-04-29 13:38 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll

2014-04-26 14:02 - 2014-04-29 13:38 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver

2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$

2014-04-25 13:22 - 2014-04-26 00:41 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

2014-04-25 13:22 - 2014-04-26 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group

2014-04-25 13:22 - 2009-12-30 10:20 - 00027064 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys

2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2014-04-14 16:07 - 2014-04-21 10:33 - 00004594 _____ () C:\WINDOWS\KB2922229.log

 

==================== One Month Modified Files and Folders =======

 

2014-05-05 07:18 - 2014-05-04 22:11 - 00000000 ____D () C:\FRST

2014-05-05 07:16 - 2013-11-28 17:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job

2014-05-05 07:16 - 2010-07-22 03:03 - 01651246 _____ () C:\WINDOWS\WindowsUpdate.log

2014-05-05 07:15 - 2010-07-22 03:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-05-05 07:15 - 2010-07-21 20:01 - 00000159 _____ () C:\WINDOWS\wiadebug.log

2014-05-05 07:15 - 2010-07-21 20:01 - 00000048 _____ () C:\WINDOWS\wiaservc.log

2014-05-05 07:14 - 2010-12-28 10:15 - 00000178 ___SH () C:\Documents and Settings\Miriam Moody\ntuser.ini

2014-05-05 07:14 - 2010-07-22 03:07 - 00032504 _____ () C:\WINDOWS\SchedLgU.Txt

2014-05-05 07:02 - 2010-07-21 19:59 - 00938515 _____ () C:\WINDOWS\setupapi.log

2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt

2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-05-04 21:44 - 2014-05-02 11:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk

2014-05-04 21:42 - 2014-05-04 21:39 - 00000000 ____D () C:\AdwCleaner

2014-05-04 21:20 - 2014-05-04 21:17 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms

2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant

2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt

2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt

2014-05-04 06:30 - 2014-03-22 12:44 - 00022659 _____ () C:\WINDOWS\KB2929961.log

2014-05-03 16:57 - 2010-12-28 01:03 - 00001138 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log

2014-05-03 16:56 - 2010-12-28 01:03 - 00175853 _____ () C:\WINDOWS\hpoins35.dat

2014-05-02 11:12 - 2010-07-21 19:59 - 00573334 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-05-02 08:50 - 2014-01-10 12:11 - 00001817 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2014-04-30 10:35 - 2010-07-22 03:08 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2014-04-30 10:25 - 2014-04-29 09:45 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR

2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics

2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics

2014-04-30 09:12 - 2014-04-30 00:39 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun

2014-04-29 13:38 - 2014-04-26 14:02 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll

2014-04-29 13:38 - 2014-04-26 14:02 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver

2014-04-29 13:38 - 2010-10-15 13:30 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll

2014-04-29 13:38 - 2010-07-22 04:21 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups

2014-04-29 09:51 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody

2014-04-26 14:03 - 2010-07-21 19:59 - 02052726 _____ () C:\WINDOWS\FaxSetup.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00984293 _____ () C:\WINDOWS\ocgen.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00785182 _____ () C:\WINDOWS\tsoc.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00688028 _____ () C:\WINDOWS\comsetup.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00415603 _____ () C:\WINDOWS\ntdtcsetup.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00326400 _____ () C:\WINDOWS\iis6.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00213964 _____ () C:\WINDOWS\setupact.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00113061 _____ () C:\WINDOWS\ocmsn.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00102223 _____ () C:\WINDOWS\msgsocm.log

2014-04-26 14:03 - 2010-07-21 19:59 - 00001374 _____ () C:\WINDOWS\imsins.log

2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$

2014-04-26 01:00 - 2013-10-29 20:37 - 00000000 ____D () C:\Program Files\WinZip

2014-04-26 00:41 - 2014-04-25 13:22 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

2014-04-26 00:41 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group

2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group

2014-04-24 19:16 - 2010-07-22 03:37 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl

2014-04-22 18:11 - 2013-10-29 11:23 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\uTorrent

2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Program Files\NCH Software

2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NCH Software

2014-04-21 11:25 - 2014-03-05 10:55 - 01268856 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2587936551-156640315-1538417202-1006-0.dat

2014-04-21 11:25 - 2014-03-05 10:55 - 00243338 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

2014-04-21 10:33 - 2014-04-14 16:07 - 00004594 _____ () C:\WINDOWS\KB2922229.log

2014-04-15 09:45 - 2014-01-29 13:26 - 00000000 ____D () C:\Program Files\TurboTax

2014-04-15 09:44 - 2014-01-29 13:33 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\My Documents\TurboTax

2014-04-15 09:40 - 2014-01-29 13:28 - 00002393 _____ () C:\Documents and Settings\All Users\Desktop\TurboTax 2013.lnk

2014-04-15 09:38 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Adobe

2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2014-04-15 09:06 - 2010-12-30 16:16 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

 

Some content of TEMP:

====================

C:\Documents and Settings\Miriam Moody\Local Settings\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\WINDOWS\explorer.exe => MD5 is legit

C:\WINDOWS\system32\winlogon.exe => MD5 is legit

C:\WINDOWS\system32\svchost.exe => MD5 is legit

C:\WINDOWS\system32\services.exe => MD5 is legit

C:\WINDOWS\system32\User32.dll => MD5 is legit

C:\WINDOWS\system32\userinit.exe => MD5 is legit

C:\WINDOWS\system32\rpcss.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

 

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:04-05-2014

Ran by Miriam Moody at 2014-05-05 07:20:06

Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

 

==================== Installed Programs ======================

 

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden

Acer Crystal Eye webcam Ver:1.1.184.610 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.184.610 - Chicony Electronics Co.,Ltd.)

Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)

Acer Game Console (Version:  - WildTangent) Hidden

Acer Games (HKLM\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)

Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0624.2010 - Acer Incorporated)

Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)

Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)

Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden

Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.40 - Atheros Communications Inc.)

Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)

avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)

Bejeweled 2 Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Blackhawk Striker 2 (Version: 2.2.0.95 - WildTangent) Hidden

BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden

C309a (Version: 140.0.690.000 - Hewlett-Packard) Hidden

Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95 - WildTangent) Hidden

DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden

Dora's Carnival Adventure (Version: 2.2.0.95 - WildTangent) Hidden

eBay Worldwide (HKLM\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)

ENE USB Card Reader Driver (HKLM\...\36E252B904CCA457EEA4810BC637F015E21FD79F) (Version: 5.89.0.70 - ENE)

eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)

eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden

Express Invoice (HKLM\...\ExpressInvoice) (Version:  - NCH Software)

Farm Frenzy (Version: 2.2.0.95 - WildTangent) Hidden

Fax (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Final Drive Nitro (Version: 2.2.0.95 - WildTangent) Hidden

Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)

Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden

GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{71C4F928-136A-4222-A191-310E081FB96B}) (Version: 14.0 - HP)

HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)

HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)

HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)

HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden

HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden

hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden

HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden

Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)

Insaniquarium Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 6.14.10.5260 - Intel Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

Jewel Quest - Heritage (Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest (Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest Solitaire 2 (Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Launch Manager (HKLM\...\LManager) (Version: 4.0.12 - Acer Inc.)

MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)

Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)

Mplayer 0.6.9 (HKLM\...\Mplayer) (Version: 0.6.9 - )

MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MyWinLocker (Version: 3.1.212.0 - Egis Technology Inc.) Hidden

MyWinLocker Suite (HKLM\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)

MyWinLocker Suite (Version: 3.1.212.0 - Egis Technology Inc.) Hidden

Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden

Norton Online Backup (HKLM\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

Plants vs. Zombies (Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (Version: 2.2.0.95 - WildTangent) Hidden

PS_AIO_05_C309_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden

QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6066 - Realtek Semiconductor Corp.)

Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)

Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden

Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

ShopAtHome.com Toolbar (HKLM\...\SelectRebatesUninstall) (Version:  - )

Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden

SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden

SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden

Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.7.0 - Synaptics Incorporated)

Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden

TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden

TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)

TurboTax 2013 WinPerFedFormset (Version: 013.000.1548 - Intuit Inc.) Hidden

TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0437 - Intuit Inc.) Hidden

TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162 - Intuit Inc.) Hidden

TurboTax 2013 wrapper (Version: 013.000.0135 - Intuit Inc.) Hidden

TurboTax 2013 wsciper (Version: 013.000.0984 - Intuit Inc.) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Windows Internet Explorer 8 (KB971180) (HKLM\...\KB971180-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB972636) (HKLM\...\KB972636-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB978506) (HKLM\...\KB978506-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95 - WildTangent) Hidden

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WebCam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54.008 - Sonix)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden

Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)

Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 14.0.8081.709 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden

Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )

Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden

Windows Rights Management Client Backwards Compatibility SP2 (HKLM\...\{EC905264-BCFE-423B-9C42-C3A106266790}) (Version: 5.2.95 - Microsoft)

Windows Rights Management Client with Service Pack 2 (HKLM\...\{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}) (Version: 5.2.95 - Microsoft)

Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )

Zuma Deluxe (Version: 2.2.0.95 - WildTangent) Hidden

Zuma's Revenge (Version: 2.2.0.95 - WildTangent) Hidden

 

==================== Restore Points  =========================

 

14-02-2014 02:32:46 avast! antivirus system restore point

14-02-2014 13:31:04 Software Distribution Service 3.0

22-03-2014 16:50:16 Software Distribution Service 3.0

14-04-2014 20:01:39 Software Distribution Service 3.0

15-04-2014 13:05:44 Software Distribution Service 3.0

21-04-2014 14:27:53 Software Distribution Service 3.0

22-04-2014 21:43:47 Software Distribution Service 3.0

22-04-2014 22:26:26 Removed WinZip 17.5

24-04-2014 23:18:16 Software Distribution Service 3.0

25-04-2014 12:54:14 Software Distribution Service 3.0

26-04-2014 04:49:19 Revo Uninstaller Pro's restore point - WinZip 17.5

26-04-2014 07:19:32 Software Distribution Service 3.0

26-04-2014 17:58:55 Unsigned driver install

26-04-2014 18:03:03 Installed Windows XP winusb0200.

27-04-2014 13:18:42 Software Distribution Service 3.0

29-04-2014 04:55:06 Software Distribution Service 3.0

29-04-2014 13:28:38 Software Distribution Service 3.0

30-04-2014 12:58:55 Software Distribution Service 3.0

01-05-2014 12:51:48 Software Distribution Service 3.0

02-05-2014 12:45:15 Software Distribution Service 3.0

02-05-2014 15:07:09 Software Distribution Service 3.0

03-05-2014 10:18:17 Software Distribution Service 3.0

03-05-2014 20:38:18 Installed HP Support Solutions Framework

03-05-2014 20:41:51 Installed HP Support Solutions Framework

04-05-2014 10:22:13 Software Distribution Service 3.0

05-05-2014 11:02:38 Software Distribution Service 3.0

 

==================== Hosts content: ==========================

 

2010-07-22 03:37 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-05-05 07:03 - 2014-05-05 03:41 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050500\algo.dll

2010-10-15 13:19 - 2010-02-12 19:11 - 00030080 _____ () C:\WINDOWS\snuvcdsm.exe

2010-07-19 04:11 - 2009-05-20 02:02 - 00072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll

2013-11-28 17:45 - 2013-11-28 17:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll

2014-05-02 08:50 - 2014-04-23 20:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== Disabled items from MSCONFIG ==============

 

 

==================== Faulty Device Manager Devices =============

 

Name: Photosmart C309a series

Description: Photosmart C309a series

Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (05/05/2014 07:16:17 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/05/2014 07:11:01 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/05/2014 07:06:45 AM) (Source: VSSetup) (User: )

Description: EventType vssetup, P1 kb2729449, P2 10.0.30319, P3 10.0.30319.296, P4 1, P5 ndp40-kb2729449.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.

 

Error: (05/05/2014 07:06:45 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2729449' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2729449_20140505_070524968-Microsoft .NET Framework 4 Client Profile-MSP0.txt.

 

Error: (05/05/2014 07:06:44 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/05/2014 07:05:13 AM) (Source: VSSetup) (User: )

Description: EventType vssetup, P1 kb2898855v2, P2 10.0.30319, P3 10.0.30319.1022, P4 1, P5 ndp40-kb2898855.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.

 

Error: (05/05/2014 07:05:12 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2898855v2' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2898855v2_20140505_070313234-Microsoft .NET Framework 4 Client Profile-MSP0.txt.

 

Error: (05/05/2014 07:05:11 AM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/04/2014 10:11:02 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

Error: (05/04/2014 09:11:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,

 

 

System errors:

=============

Error: (05/05/2014 07:08:04 AM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Internet Explorer 8 for Windows XP (KB2964358).

 

Error: (05/05/2014 07:08:04 AM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2729449).

 

Error: (05/05/2014 07:05:20 AM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows XP (KB2929961).

 

Error: (05/05/2014 07:05:20 AM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2898855).

 

Error: (05/05/2014 07:02:58 AM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Windows XP End of Support Notification (KB2934207).

 

Error: (05/05/2014 07:02:50 AM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2936068).

 

Error: (05/04/2014 09:42:05 PM) (Source: Service Control Manager) (User: )

Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The MyWinLocker Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Intel® Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )

Description: The Raw Socket Service service terminated unexpectedly.  It has done this 1 time(s).

 

 

Microsoft Office Sessions:

=========================

 

==================== Memory info =========================== 

 

Percentage of memory in use: 58%

Total physical RAM: 1013.02 MB

Available physical RAM: 417.17 MB

Total Pagefile: 2439.23 MB

Available Pagefile: 1801.52 MB

Total Virtual: 2047.88 MB

Available Virtual: 1956.36 MB

 

==================== Drives ================================

 

Drive c: (ACER) (Fixed) (Total:138.05 GB) (Free:107.86 GB) NTFS ==>[Drive with boot components (Windows XP)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 1C8B2F0A)

Partition 1: (Not Active) - (Size=11 GB) - (Type=12)

Partition 2: (Active) - (Size=138 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[RKinner]

Go to Control Panel
Programs and Features
Microsoft .Net Framework 4.5.1
<Click 'Change/Remove'>
<Select 'Repair'>
Wait 
(it takes awhile)

restart

 

Use IE and go to:  http://support.micro...uninstall/en-us

 

and click on Run Now and follow the prompts.

 

 

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

 

Reboot. 

 

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

 

This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then do the stuff in the box before doing the vew step:

 

Copy the next two lines:


findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

 

* System

4. Under 'Select type to list', select:

* Error

* Warning

 

 

Then use the 'Number of events' as follows:

 

 

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

[shajoe44]

this is error i get when trying to uninstall/repair microsoft net 4

Attached Thumbnails

•