Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Sent here from Tech Dept

Started by shajoe44 , May 04 2014 05:40 PM

  • Please log in to reply

#1
shajoe44
Posted 04 May 2014 - 05:40 PM

shajoe44

    Member

  • Member
  • PipPipPip
  • 262 posts

I have attached original error message that I sent to tech dept. They say I probably have malware.

 

OTL logfile created on: 5/4/2014 7:12:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Miriam Moody\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1013.02 Mb Total Physical Memory | 299.70 Mb Available Physical Memory | 29.58% Memory free
2.38 Gb Paging File | 0.48 Gb Available in Paging File | 20.10% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 138.05 Gb Total Space | 107.96 Gb Free Space | 78.21% Space Free | Partition Type: NTFS
 
Computer Name: MIRIAM | User Name: Miriam Moody | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/04 19:11:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Miriam Moody\My Documents\Downloads\OTL (1).exe
PRC - [2014/04/28 05:38:12 | 003,582,992 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\systemk\systemku.exe
PRC - [2014/04/28 05:38:05 | 003,543,056 | ---- | M] (Aztec Media Inc) -- C:\Program Files\Settings Manager\systemk\SystemkService.exe
PRC - [2014/04/23 20:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/11/28 17:45:43 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/28 17:45:43 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2010/06/22 02:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe
PRC - [2010/06/01 18:27:50 | 002,057,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2010/03/11 01:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec IPS\PmmUpdate.exe
PRC - [2010/02/12 19:11:46 | 000,030,080 | ---- | M] () -- C:\WINDOWS\snuvcdsm.exe
PRC - [2010/02/12 19:11:42 | 000,099,712 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\WINDOWS\PLFSetL.exe
PRC - [2010/02/09 14:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/01/29 19:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/10/13 13:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/04 13:58:52 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14050401\algo.dll
MOD - [2014/05/03 12:50:28 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14050301\algo.dll
MOD - [2014/05/02 02:43:13 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14050200\algo.dll
MOD - [2014/04/30 09:13:25 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\14b0b026e92e72651cc47862de85e5d7\System.ni.dll
MOD - [2014/04/30 09:12:45 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a2767e13886a4a94c9c849c0e052c3d7\mscorlib.ni.dll
MOD - [2014/04/30 04:35:25 | 002,252,800 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14043000\algo.dll
MOD - [2014/04/28 05:38:18 | 000,490,000 | ---- | M] () -- C:\Program Files\Settings Manager\systemk\sysapcrt.dll
MOD - [2014/04/28 05:38:09 | 000,020,496 | ---- | M] () -- C:\Program Files\Settings Manager\systemk\syskldr.dll
MOD - [2014/04/23 20:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014/04/23 20:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014/04/23 20:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014/04/23 20:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2013/11/28 17:45:47 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010/02/12 19:11:46 | 000,030,080 | ---- | M] () -- C:\WINDOWS\snuvcdsm.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/04/28 05:38:05 | 003,543,056 | ---- | M] (Aztec Media Inc) [Auto | Running] -- C:\Program Files\Settings Manager\systemk\SystemkService.exe -- (SystemkService)
SRV - [2013/11/28 17:45:43 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/01 16:34:34 | 001,987,588 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)
SRV - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/06/22 02:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/01 18:27:50 | 002,057,560 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/26 22:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/01/29 19:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/10/13 13:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/04/28 05:38:06 | 000,031,120 | ---- | M] (Aztec Media Inc) [Kernel | System | Stopped] -- C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A91196222)
DRV - [2014/04/28 05:38:06 | 000,031,120 | ---- | M] (Aztec Media Inc) [Kernel | Disabled | Running] -- C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A9119622)
DRV - [2014/02/13 22:36:58 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/02/13 22:35:55 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/02/13 22:35:55 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/02/13 22:35:55 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/02/13 22:35:55 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/02/13 22:35:54 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/11/28 17:45:50 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2010/06/17 02:50:02 | 000,082,384 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2010/05/30 23:58:36 | 006,608,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2010/05/19 23:20:26 | 000,061,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2010/03/12 17:41:22 | 005,867,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/02/12 19:11:44 | 001,766,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/12/30 10:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/11/17 19:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 19:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/07/13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/12/02 14:52:00 | 000,058,800 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008/12/02 14:52:00 | 000,017,840 | ---- | M] (Egis Incorporated.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008/12/02 14:52:00 | 000,015,280 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...14wu45w4882u238
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.default-s...&tm=325&src=hmp
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_enUS412US412
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/28 01:09:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/28 01:09:27 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: default-search.net (Enabled)
CHR - default_search_provider: search_url = http://www.default-s...p={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (Sonix Technology Co., Ltd.)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O4 - HKLM..\Run: [snuvcdsm] C:\WINDOWS\snuvcdsm.exe ()
O4 - HKLM..\Run: [SuiteTray] C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk =  File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{839A1957-E156-40E8-B812-9D68D5E08C5B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O27 - HKLM IFEO\bitguard.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\bprotect.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\bpsvc.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\browserdefender.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\browserprotect.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\jumpflip: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\protectedsearch.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\searchinstaller.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\searchprotection.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\searchprotector.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\searchsettings.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\searchsettings64.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\snapdo.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\stinst32.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\stinst64.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\umbrella.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\volaro: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\vonteera: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\websteroids.exe: Debugger - tasklist.exe File not found
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - tasklist.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/22 03:04:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802}\Shell - "" = AutoRun
O33 - MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL jsNeQ.exE
O33 - MountPoints2\{ac5696a8-5171-11e0-8dbc-0026c798e802}\Shell - "" = AutoRun
O33 - MountPoints2\{ac5696a8-5171-11e0-8dbc-0026c798e802}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ac5696a8-5171-11e0-8dbc-0026c798e802}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\settings manager\systemk\x64\sysapcrt.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files\Settings Manager\systemk\sysapcrt.dll) - C:\Program Files\Settings Manager\systemk\sysapcrt.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/02 11:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\systemk
[2014/05/02 08:49:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2014/05/01 08:57:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2014/04/30 09:43:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2014/04/30 09:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
[2014/04/30 09:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2014/04/30 00:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Desktop\autorun
[2014/04/29 09:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Desktop\SDR
[2014/04/26 14:02:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\usb_driver
[2014/04/25 13:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group
[2014/04/25 13:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2014/04/25 13:22:26 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2014/04/25 13:22:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2014/04/25 13:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/04/22 18:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Linkey
[2014/04/22 18:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Settings Manager
[2014/04/15 09:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/04 19:11:29 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/03 19:37:27 | 000,107,019 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdrexe.JPG
[2014/05/03 16:56:46 | 000,175,853 | ---- | M] () -- C:\WINDOWS\hpoins35.dat
[2014/05/03 16:41:45 | 000,070,116 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\HP Install.JPG
[2014/05/02 11:12:50 | 000,483,592 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/05/02 11:12:50 | 000,080,830 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/05/02 09:11:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/02 08:50:37 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/05/02 08:48:43 | 000,096,602 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\error message.JPG
[2014/05/01 13:03:55 | 000,115,759 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Disk Mgmt.JPG
[2014/05/01 08:59:32 | 000,100,412 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Storage.JPG
[2014/05/01 00:25:18 | 000,090,267 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Device Mgmt.JPG
[2014/04/30 09:43:16 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk
[2014/04/30 09:36:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/30 09:34:17 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/04/30 09:34:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/30 09:34:06 | 1062,301,696 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/29 13:56:54 | 000,099,748 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdr screenshot.JPG
[2014/04/28 00:51:06 | 000,038,941 | ---- | M] () -- C:\Documents and Settings\Miriam Moody\Desktop\screenshot.JPG
[2014/04/26 00:41:09 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2014/04/24 19:16:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/04/15 09:40:47 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2013.lnk
 
========== Files Created - No Company Name ==========
 
[2014/05/03 19:37:27 | 000,107,019 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdrexe.JPG
[2014/05/03 16:56:39 | 000,220,831 | ---- | C] () -- C:\WINDOWS\hpoins35.dat.temp
[2014/05/03 16:56:39 | 000,000,778 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat.temp
[2014/05/03 16:40:52 | 000,070,116 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\HP Install.JPG
[2014/05/02 08:48:43 | 000,096,602 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\error message.JPG
[2014/05/01 13:03:55 | 000,115,759 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Disk Mgmt.JPG
[2014/05/01 08:59:32 | 000,100,412 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Storage.JPG
[2014/05/01 00:25:18 | 000,090,267 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Device Mgmt.JPG
[2014/04/30 09:43:15 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk
[2014/04/29 13:56:53 | 000,099,748 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\sdr screenshot.JPG
[2014/04/28 00:51:06 | 000,038,941 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Desktop\screenshot.JPG
[2014/04/26 00:45:41 | 1062,301,696 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/25 13:22:31 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2014/03/05 10:55:38 | 001,268,856 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2587936551-156640315-1538417202-1006-0.dat
[2014/03/05 10:55:30 | 000,243,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/01/29 13:33:07 | 000,000,286 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2013/11/28 17:45:53 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/28 17:45:53 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/10/15 11:23:44 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/10 10:30:39 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\dt.dat
[2010/12/28 00:04:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Miriam Moody\Application Data\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2010/07/22 03:08:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 08:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/07/22 04:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer
[2014/04/30 09:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2013/11/28 17:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/11/28 17:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2014/01/10 09:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/03/02 09:46:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/07/22 05:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EgisTec IPS
[2010/07/22 04:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2011/03/04 21:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\myitlab
[2011/01/29 15:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Partner
[2014/05/04 18:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\systemk
[2014/04/25 13:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2010/10/15 13:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2013/11/28 17:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\AVAST Software
[2014/04/15 09:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/10/22 20:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\TuneUp Software
[2014/04/22 18:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Miriam Moody\Application Data\uTorrent
 
========== Purity Check ==========
 
 
 
< End of report >
 

Attached Thumbnails

  • error message.JPG

  • 0

Advertisements

#2
RKinner
Posted 04 May 2014 - 07:02 PM

RKinner

    Malware Expert

  • Expert
  • 24,734 posts
  • MVP
The error is caused by an HP printer file.  Not sure why it is involved but let's see if we can get it to cooperate:
 
Please download GrantPerms.zip 
and save it to your desktop.
Unzip the file and  run GrantPerms.exe 
Copy and paste the following in the edit box:
 
 
 
"C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL"
 
 
Click Unlock. When it is done click "OK".
Click List Permissions and post the result (Perms.txt) that pops up. A copy of Perms.txt will be saved in the same directory the tool is run. 

  • 0

#3
shajoe44
Posted 04 May 2014 - 07:21 PM

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
GrantPerms by Farbar 
Ran by Miriam Moody (administrator) at 2014-05-04 21:20:34
 
===============================================
\\?\C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
 
   Owner: BUILTIN\Administrators
 
   DACL(NP)(AI):
            BUILTIN\Users   READ/EXECUTE   ALLOW   (I)
   BUILTIN\Administrators   FULL   ALLOW   (I)
   NT AUTHORITY\SYSTEM   FULL   ALLOW   (I)

  • 0

#4
RKinner
Posted 04 May 2014 - 07:23 PM

RKinner

    Malware Expert

  • Expert
  • 24,734 posts
  • MVP

OK.  Do you still get the Access Denied error?


  • 0

#5
shajoe44
Posted 04 May 2014 - 07:27 PM

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts

let me reboot............i was supposed to send you this link also...........http://www.geekstogo...-newer-version/


  • 0

#6
RKinner
Posted 04 May 2014 - 07:35 PM

RKinner

    Malware Expert

  • Expert
  • 24,734 posts
  • MVP
We can remove your adware and check for malware:
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
    •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 0

    #7
    shajoe44
    Posted 04 May 2014 - 07:36 PM

    shajoe44

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 262 posts

    yes i am

    Attached Thumbnails

    • rundll.JPG

    • 0

    #8
    shajoe44
    Posted 04 May 2014 - 07:49 PM

    shajoe44

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 262 posts
    # AdwCleaner v3.207 - Report created 04/05/2014 at 21:42:05
    # Updated 05/05/2014 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : Miriam Moody - MIRIAM
    # Running from : C:\Documents and Settings\Miriam Moody\My Documents\Downloads\AdwCleaner.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
    [#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
    [#] Service Deleted : SystemkService
    [#] Service Deleted : vToolbarUpdater17.1.2
     
    ***** [ Files / Folders ] *****
     
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Partner
    [!] Folder Deleted : C:\Documents and Settings\All Users\Application Data\systemk
    Folder Deleted : C:\Program Files\Linkey
    Folder Deleted : C:\Program Files\SelectRebates
    [!] Folder Deleted : C:\Program Files\Settings Manager
    Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
    Folder Deleted : C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\AVG Secure Search
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
    Key Deleted : HKLM\SOFTWARE\CLASSES\Linkey.Linkey
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
    Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
    Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
    Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
    Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\Linkey
    Key Deleted : HKCU\Software\SystemK
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\Linkey
    Key Deleted : HKLM\Software\SystemK
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Linkey
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Settings Manager
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v8.0.6001.18702
     
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
     
    -\\ Google Chrome v34.0.1847.131
     
    [ File : C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
     
    Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
    Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12521&tm=325&src=ds&p={searchTerms}
    Deleted [Startup_urls] : hxxp://www.default-search.net?sid=492&aid=100&itype=n&ver=12283&tm=325&src=hmp
    Deleted [Homepage] : hxxp://www.default-search.net?sid=492&aid=100&itype=n&ver=12283&tm=325&src=hmp
     
    *************************
     
    AdwCleaner[R0].txt - [10844 octets] - [04/05/2014 21:40:12]
    AdwCleaner[S0].txt - [10744 octets] - [04/05/2014 21:42:05]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10805 octets] ##########
     

    Attached Thumbnails

    • rundll.JPG

    • 0

    #9
    shajoe44
    Posted 04 May 2014 - 08:08 PM

    shajoe44

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 262 posts

    got a new error message popped up during the running of junkware removal

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Microsoft Windows XP x86
    Ran by Miriam Moody on Sun 05/04/2014 at 21:53:45.21
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
     
     
     
    ~~~ Registry Keys
     
     
     
    ~~~ Files
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\boost_interprocess"
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 05/04/2014 at 22:05:53.64
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     

    Attached Thumbnails

    • new error.JPG

    • 0

    #10
    shajoe44
    Posted 04 May 2014 - 08:15 PM

    shajoe44

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 262 posts
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2014
    Ran by Miriam Moody (administrator) on MIRIAM on 04-05-2014 22:11:43
    Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads
    Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
    Internet Explorer Version 8
    Boot Mode: Normal
     
    The only official download link for FRST:
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
     
    ==================== Processes (Whitelisted) =================
     
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
    (Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    (Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
    (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
    (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
    (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe
    (Sonix Technology Co., Ltd.) C:\WINDOWS\PLFSetL.exe
    () C:\WINDOWS\snuvcdsm.exe
    (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
    (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    (Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
    HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [59936 2009-12-11] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [SuiteTray] => C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
    HKLM\...\Run: [EgisUpdate] => C:\Program Files\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
    HKLM\...\Run: [EgisTecPMMUpdate] => C:\Program Files\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
    HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
    HKLM\...\Run: [Norton Online Backup] => C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [966488 2010-06-01] (Symantec Corporation)
    HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)
    HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()
    HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
    HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
    HKLM\...\Run: [PLFSetL] => C:\WINDOWS\PLFSetL.exe [99712 2010-02-12] (Sonix Technology Co., Ltd.)
    HKLM\...\Run: [snp2uvc] => C:\WINDOWS\system32\csnp2uvc.dll [202112 2010-02-12] ( )
    HKLM\...\Run: [snuvcdsm] => C:\WINDOWS\snuvcdsm.exe [30080 2010-02-12] ()
    HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1692968 2010-02-05] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19521056 2010-03-12] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-28] (AVAST Software)
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-22] (Google Inc.)
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {3fc21e58-3ae3-11e0-8db6-0026c798e802} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL jsNeQ.exE
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {ac5696a8-5171-11e0-8dbc-0026c798e802} - D:\LaunchU3.exe -a
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
    HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll
     
    ==================== Internet (Whitelisted) ====================
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...14wu45w4882u238
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
    SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...AW_enUS412US412
    SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
    BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
    BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
    BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab
    DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx
    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
     
    FireFox:
    ========
    FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
    FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]
    FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]
     
    Chrome: 
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR Extension: (Google Docs) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]
    CHR Extension: (Google Drive) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]
    CHR Extension: (YouTube) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]
    CHR Extension: (Google Search) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]
    CHR Extension: (avast! Online Security) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-10]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
    CHR Extension: (Gmail) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-28]
     
    ========================== Services (Whitelisted) =================
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-28] (AVAST Software)
    S3 ExpressInvoiceService; C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe [1987588 2013-11-01] (NCH Software)
    S3 GameConsoleService; C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)
    R3 MWLService; C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
    R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2057560 2010-06-01] (Symantec Corporation)
    R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
    R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
     
    ==================== Drivers (Whitelisted) ====================
     
    S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation)
    S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
    R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-13] (AVAST Software)
    R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-02-13] (AVAST Software)
    R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-11-28] ()
    R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-02-13] (AVAST Software)
    R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-02-13] (AVAST Software)
    R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-02-13] (AVAST Software)
    R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-02-13] ()
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
    S3 EUCR; C:\WINDOWS\System32\DRIVERS\EUCR6SK.SYS [82384 2010-06-17] (ENE Technology Inc.)
    R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [61552 2010-05-19] (Atheros Communications, Inc.)
    S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
    R1 mwlPSDFilter; C:\WINDOWS\System32\DRIVERS\mwlPSDFilter.sys [17840 2008-12-02] (Egis Incorporated.)
    R1 mwlPSDNServ; C:\WINDOWS\System32\DRIVERS\mwlPSDNServ.sys [15280 2008-12-02] (Egis Incorporated.)
    R1 mwlPSDVDisk; C:\WINDOWS\System32\DRIVERS\mwlPSDVDisk.sys [58800 2008-12-02] (Egis Incorporated.)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
    R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [6608512 2010-05-30] (Intel Corporation)
    R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1766784 2010-02-12] ()
    U1 WS2IFSL; 
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    ==================== One Month Created Files and Folders ========
     
    2014-05-04 22:11 - 2014-05-04 22:11 - 00000000 ____D () C:\FRST
    2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt
    2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-05-04 21:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
    2014-05-04 21:39 - 2014-05-04 21:42 - 00000000 ____D () C:\AdwCleaner
    2014-05-04 21:17 - 2014-05-04 21:20 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms
    2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant
    2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt
    2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt
    2014-05-02 11:06 - 2014-05-04 21:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk
    2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics
    2014-04-30 00:39 - 2014-04-30 09:12 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun
    2014-04-29 09:45 - 2014-04-30 10:25 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR
    2014-04-26 14:02 - 2014-04-29 13:38 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
    2014-04-26 14:02 - 2014-04-29 13:38 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver
    2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$
    2014-04-25 13:22 - 2014-04-26 00:41 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
    2014-04-25 13:22 - 2014-04-26 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group
    2014-04-25 13:22 - 2009-12-30 10:20 - 00027064 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
    2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2014-04-14 16:07 - 2014-04-21 10:33 - 00004594 _____ () C:\WINDOWS\KB2922229.log
     
    ==================== One Month Modified Files and Folders =======
     
    2014-05-04 22:11 - 2014-05-04 22:11 - 00000000 ____D () C:\FRST
    2014-05-04 22:11 - 2010-12-27 23:36 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt
    2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-05-04 21:49 - 2013-11-28 17:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
    2014-05-04 21:46 - 2010-07-22 03:03 - 01563544 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-05-04 21:44 - 2014-05-02 11:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk
    2014-05-04 21:44 - 2013-05-31 13:19 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    2014-05-04 21:44 - 2010-12-27 23:36 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-05-04 21:44 - 2010-07-22 03:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-05-04 21:44 - 2010-07-21 20:01 - 00000159 _____ () C:\WINDOWS\wiadebug.log
    2014-05-04 21:44 - 2010-07-21 20:01 - 00000048 _____ () C:\WINDOWS\wiaservc.log
    2014-05-04 21:43 - 2010-12-28 10:15 - 00000178 ___SH () C:\Documents and Settings\Miriam Moody\ntuser.ini
    2014-05-04 21:43 - 2010-07-22 03:07 - 00032504 _____ () C:\WINDOWS\SchedLgU.Txt
    2014-05-04 21:42 - 2014-05-04 21:39 - 00000000 ____D () C:\AdwCleaner
    2014-05-04 21:20 - 2014-05-04 21:17 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms
    2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant
    2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt
    2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt
    2014-05-04 18:56 - 2010-07-21 19:59 - 00936043 _____ () C:\WINDOWS\setupapi.log
    2014-05-04 06:30 - 2014-03-22 12:44 - 00022659 _____ () C:\WINDOWS\KB2929961.log
    2014-05-03 16:57 - 2010-12-28 01:03 - 00001138 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
    2014-05-03 16:56 - 2010-12-28 01:03 - 00175853 _____ () C:\WINDOWS\hpoins35.dat
    2014-05-02 11:12 - 2010-07-21 19:59 - 00573334 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-05-02 08:50 - 2014-01-10 12:11 - 00001817 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
    2014-04-30 10:35 - 2010-07-22 03:08 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
    2014-04-30 10:25 - 2014-04-29 09:45 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics
    2014-04-30 09:12 - 2014-04-30 00:39 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun
    2014-04-29 13:38 - 2014-04-26 14:02 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
    2014-04-29 13:38 - 2014-04-26 14:02 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver
    2014-04-29 13:38 - 2010-10-15 13:30 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
    2014-04-29 13:38 - 2010-07-22 04:21 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
    2014-04-29 09:51 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody
    2014-04-26 14:03 - 2010-07-21 19:59 - 02052726 _____ () C:\WINDOWS\FaxSetup.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00984293 _____ () C:\WINDOWS\ocgen.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00785182 _____ () C:\WINDOWS\tsoc.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00688028 _____ () C:\WINDOWS\comsetup.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00415603 _____ () C:\WINDOWS\ntdtcsetup.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00326400 _____ () C:\WINDOWS\iis6.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00213964 _____ () C:\WINDOWS\setupact.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00113061 _____ () C:\WINDOWS\ocmsn.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00102223 _____ () C:\WINDOWS\msgsocm.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00001374 _____ () C:\WINDOWS\imsins.log
    2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$
    2014-04-26 01:00 - 2013-10-29 20:37 - 00000000 ____D () C:\Program Files\WinZip
    2014-04-26 00:41 - 2014-04-25 13:22 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
    2014-04-26 00:41 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group
    2014-04-24 19:16 - 2010-07-22 03:37 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
    2014-04-22 18:11 - 2013-10-29 11:23 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\uTorrent
    2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Program Files\NCH Software
    2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NCH Software
    2014-04-21 11:25 - 2014-03-05 10:55 - 01268856 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2587936551-156640315-1538417202-1006-0.dat
    2014-04-21 11:25 - 2014-03-05 10:55 - 00243338 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
    2014-04-21 10:33 - 2014-04-14 16:07 - 00004594 _____ () C:\WINDOWS\KB2922229.log
    2014-04-15 09:45 - 2014-01-29 13:26 - 00000000 ____D () C:\Program Files\TurboTax
    2014-04-15 09:44 - 2014-01-29 13:33 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\My Documents\TurboTax
    2014-04-15 09:40 - 2014-01-29 13:28 - 00002393 _____ () C:\Documents and Settings\All Users\Desktop\TurboTax 2013.lnk
    2014-04-15 09:38 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Adobe
    2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2014-04-15 09:06 - 2010-12-30 16:16 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
     
    Some content of TEMP:
    ====================
    C:\Documents and Settings\Miriam Moody\Local Settings\Temp\Quarantine.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    C:\WINDOWS\explorer.exe => MD5 is legit
    C:\WINDOWS\system32\winlogon.exe => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    C:\WINDOWS\system32\User32.dll => MD5 is legit
    C:\WINDOWS\system32\userinit.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
     
    ==================== End Of Log ============================
     
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:04-05-2014
    Ran by Miriam Moody at 2014-05-04 22:13:12
    Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
     
    ==================== Installed Programs ======================
     
    µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
    32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
    Acer Crystal Eye webcam Ver:1.1.184.610 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.184.610 - Chicony Electronics Co.,Ltd.)
    Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
    Acer Game Console (Version:  - WildTangent) Hidden
    Acer Games (HKLM\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0624.2010 - Acer Incorporated)
    Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
    Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
    Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
    Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
    Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
    Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.40 - Atheros Communications Inc.)
    Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
    avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
    Bejeweled 2 Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Blackhawk Striker 2 (Version: 2.2.0.95 - WildTangent) Hidden
    BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    C309a (Version: 140.0.690.000 - Hewlett-Packard) Hidden
    Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95 - WildTangent) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dora's Carnival Adventure (Version: 2.2.0.95 - WildTangent) Hidden
    eBay Worldwide (HKLM\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
    ENE USB Card Reader Driver (HKLM\...\36E252B904CCA457EEA4810BC637F015E21FD79F) (Version: 5.89.0.70 - ENE)
    eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
    eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
    Express Invoice (HKLM\...\ExpressInvoice) (Version:  - NCH Software)
    Farm Frenzy (Version: 2.2.0.95 - WildTangent) Hidden
    Fax (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Final Drive Nitro (Version: 2.2.0.95 - WildTangent) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
    GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{71C4F928-136A-4222-A191-310E081FB96B}) (Version: 14.0 - HP)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
    HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
    hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
    Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
    Insaniquarium Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 6.14.10.5260 - Intel Corporation)
    Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
    Jewel Quest - Heritage (Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest (Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    Launch Manager (HKLM\...\LManager) (Version: 4.0.12 - Acer Inc.)
    MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
    Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)
    Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
    Mplayer 0.6.9 (HKLM\...\Mplayer) (Version: 0.6.9 - )
    MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyWinLocker (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
    MyWinLocker Suite (HKLM\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
    MyWinLocker Suite (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
    Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
    Norton Online Backup (HKLM\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    Plants vs. Zombies (Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (Version: 2.2.0.95 - WildTangent) Hidden
    PS_AIO_05_C309_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
    QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6066 - Realtek Semiconductor Corp.)
    Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
    Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
    Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    ShopAtHome.com Toolbar (HKLM\...\SelectRebatesUninstall) (Version:  - )
    Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
    SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
    SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
    Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.7.0 - Synaptics Incorporated)
    Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
    TurboTax 2013 WinPerFedFormset (Version: 013.000.1548 - Intuit Inc.) Hidden
    TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0437 - Intuit Inc.) Hidden
    TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162 - Intuit Inc.) Hidden
    TurboTax 2013 wrapper (Version: 013.000.0135 - Intuit Inc.) Hidden
    TurboTax 2013 wsciper (Version: 013.000.0984 - Intuit Inc.) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Windows Internet Explorer 8 (KB971180) (HKLM\...\KB971180-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB972636) (HKLM\...\KB972636-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB978506) (HKLM\...\KB978506-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
    Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    WebCam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54.008 - Sonix)
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
    Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
    Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
    Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
    Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
    Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
    Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
    Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
    Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
    Windows Rights Management Client Backwards Compatibility SP2 (HKLM\...\{EC905264-BCFE-423B-9C42-C3A106266790}) (Version: 5.2.95 - Microsoft)
    Windows Rights Management Client with Service Pack 2 (HKLM\...\{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}) (Version: 5.2.95 - Microsoft)
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
    Zuma Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Zuma's Revenge (Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Restore Points  =========================
     
    14-02-2014 02:32:46 avast! antivirus system restore point
    14-02-2014 13:31:04 Software Distribution Service 3.0
    22-03-2014 16:50:16 Software Distribution Service 3.0
    14-04-2014 20:01:39 Software Distribution Service 3.0
    15-04-2014 13:05:44 Software Distribution Service 3.0
    21-04-2014 14:27:53 Software Distribution Service 3.0
    22-04-2014 21:43:47 Software Distribution Service 3.0
    22-04-2014 22:26:26 Removed WinZip 17.5
    24-04-2014 23:18:16 Software Distribution Service 3.0
    25-04-2014 12:54:14 Software Distribution Service 3.0
    26-04-2014 04:49:19 Revo Uninstaller Pro's restore point - WinZip 17.5
    26-04-2014 07:19:32 Software Distribution Service 3.0
    26-04-2014 17:58:55 Unsigned driver install
    26-04-2014 18:03:03 Installed Windows XP winusb0200.
    27-04-2014 13:18:42 Software Distribution Service 3.0
    29-04-2014 04:55:06 Software Distribution Service 3.0
    29-04-2014 13:28:38 Software Distribution Service 3.0
    30-04-2014 12:58:55 Software Distribution Service 3.0
    01-05-2014 12:51:48 Software Distribution Service 3.0
    02-05-2014 12:45:15 Software Distribution Service 3.0
    02-05-2014 15:07:09 Software Distribution Service 3.0
    03-05-2014 10:18:17 Software Distribution Service 3.0
    03-05-2014 20:38:18 Installed HP Support Solutions Framework
    03-05-2014 20:41:51 Installed HP Support Solutions Framework
    04-05-2014 10:22:13 Software Distribution Service 3.0
     
    ==================== Hosts content: ==========================
     
    2010-07-22 03:37 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
    Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-05-04 18:56 - 2014-05-04 13:58 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050401\algo.dll
    2010-10-15 13:19 - 2010-02-12 19:11 - 00030080 _____ () C:\WINDOWS\snuvcdsm.exe
    2010-07-19 04:11 - 2009-05-20 02:02 - 00072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll
    2013-11-28 17:45 - 2013-11-28 17:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
    2010-07-22 03:37 - 2008-04-14 08:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
    2010-07-22 03:37 - 2008-04-14 08:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
     
    ==================== Disabled items from MSCONFIG ==============
     
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Photosmart C309a series
    Description: Photosmart C309a series
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service: 
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (05/04/2014 10:11:02 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/04/2014 09:11:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/04/2014 08:11:12 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/04/2014 07:11:17 PM) (Source: Application Error) (User: )
    Description: Faulting application otl.exe, version 3.2.69.0, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x00012fd3.
    Processing media-specific event for [otl.exe!ws!]
     
    Error: (05/04/2014 07:11:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/04/2014 06:27:11 AM) (Source: VSSetup) (User: )
    Description: EventType vssetup, P1 kb2729449, P2 10.0.30319, P3 10.0.30319.296, P4 1, P5 ndp40-kb2729449.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.
     
    Error: (05/04/2014 06:27:10 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2729449' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2729449_20140504_062551578-Microsoft .NET Framework 4 Client Profile-MSP0.txt.
     
    Error: (05/04/2014 06:27:10 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/04/2014 06:25:39 AM) (Source: VSSetup) (User: )
    Description: EventType vssetup, P1 kb2898855v2, P2 10.0.30319, P3 10.0.30319.1022, P4 1, P5 ndp40-kb2898855.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.
     
    Error: (05/04/2014 06:25:38 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2898855v2' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2898855v2_20140504_062251046-Microsoft .NET Framework 4 Client Profile-MSP0.txt.
     
     
    System errors:
    =============
    Error: (05/04/2014 09:42:05 PM) (Source: Service Control Manager) (User: )
    Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The MyWinLocker Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Intel® Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Raw Socket Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Updater Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Intuit Update Service v4 service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Norton Online Backup service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Dritek WMI Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:30:24 PM) (Source: Service Control Manager) (User: )
    Description: The vToolbarUpdater17.1.2 service failed to start due to the following error: 
    %%2
     
     
    Microsoft Office Sessions:
    =========================
     
    ==================== Memory info =========================== 
     
    Percentage of memory in use: 66%
    Total physical RAM: 1013.02 MB
    Available physical RAM: 342.04 MB
    Total Pagefile: 2439.23 MB
    Available Pagefile: 1772.51 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1960.36 MB
     
    ==================== Drives ================================
     
    Drive c: (ACER) (Fixed) (Total:138.05 GB) (Free:107.97 GB) NTFS ==>[Drive with boot components (Windows XP)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 1C8B2F0A)
    Partition 1: (Not Active) - (Size=11 GB) - (Type=12)
    Partition 2: (Active) - (Size=138 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    • 0

    Advertisements

    #11
    RKinner
    Posted 04 May 2014 - 08:40 PM

    RKinner

      Malware Expert

    • Expert
    • 24,734 posts
    • MVP
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that then you should be able to boot into regular mode.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
     
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
     
    Looks like you may also have a hung install but if you can I would uninstall HP Imaging Device Functions 14.0 as I expect it is the source of your error.

    • 0

    #12
    shajoe44
    Posted 05 May 2014 - 05:12 AM

    shajoe44

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 262 posts
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:04-05-2014
    Ran by Miriam Moody at 2014-05-05 07:11:36 Run:1
    Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads
    Boot Mode: Normal
     
    ==============================================
     
    Content of fixlist:
    *****************
    SRV - [2014/04/28 05:38:05 | 003,543,056 | ---- | M] (Aztec Media Inc) [Auto | Running] -- C:\Program Files\Settings Manager\systemk\SystemkService.exe -- (SystemkService)
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {3fc21e58-3ae3-11e0-8db6-0026c798e802} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL jsNeQ.exE
    HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
    HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll
    c:\program files\settings manager
    SearchScopes: HKLM - DefaultScope value is missing.
    BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
    U1 WS2IFSL; 
    C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 
    Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe
    C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Common Files\AVG Secure Search 
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    vToolbarUpdater17.1.2
    F06DEFF2-5B9C-490D-910F-35D3A91196222
    C:\Program Files\SelectRebates
    SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
    *****************
     
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fc21e58-3ae3-11e0-8db6-0026c798e802} => Key deleted successfully.
    HKCR\CLSID\{3fc21e58-3ae3-11e0-8db6-0026c798e802} => Key not found.
    HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
    HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
    "c:\program files\settings manager" => File/Directory not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
    HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
    WS2IFSL => Service deleted successfully.
    C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
    C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job not found.
    "C:\WINDOWS\TEMP\{D6001FCE-12DF-4834-8BF1-602022FDFB2E}.exe" => File/Directory not found.
    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
    "C:\Program Files\Common Files\AVG Secure Search" => File/Directory not found.
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk => Moved successfully.
    "C:\Program Files\SelectRebates" => File/Directory not found.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key not found.
     
    ==== End of Fixlog ====

    • 0

    #13
    shajoe44
    Posted 05 May 2014 - 05:22 AM

    shajoe44

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 262 posts
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2014
    Ran by Miriam Moody (administrator) on MIRIAM on 05-05-2014 07:18:37
    Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads
    Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
    Internet Explorer Version 8
    Boot Mode: Normal
     
    The only official download link for FRST:
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
     
    ==================== Processes (Whitelisted) =================
     
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
    (Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    (Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
    (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
    (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
    (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    (Sonix Technology Co., Ltd.) C:\WINDOWS\PLFSetL.exe
    () C:\WINDOWS\snuvcdsm.exe
    (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
    (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Microsoft Corporation) C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
    (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
    (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    (Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
    (Egis Technology Inc.) C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe
    (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
    HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [59936 2009-12-11] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [SuiteTray] => C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
    HKLM\...\Run: [EgisUpdate] => C:\Program Files\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
    HKLM\...\Run: [EgisTecPMMUpdate] => C:\Program Files\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
    HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
    HKLM\...\Run: [Norton Online Backup] => C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [966488 2010-06-01] (Symantec Corporation)
    HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)
    HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()
    HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
    HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
    HKLM\...\Run: [PLFSetL] => C:\WINDOWS\PLFSetL.exe [99712 2010-02-12] (Sonix Technology Co., Ltd.)
    HKLM\...\Run: [snp2uvc] => C:\WINDOWS\system32\csnp2uvc.dll [202112 2010-02-12] ( )
    HKLM\...\Run: [snuvcdsm] => C:\WINDOWS\snuvcdsm.exe [30080 2010-02-12] ()
    HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1692968 2010-02-05] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19521056 2010-03-12] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-28] (AVAST Software)
    HKLM\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-22] (Google Inc.)
    HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\MountPoints2: {ac5696a8-5171-11e0-8dbc-0026c798e802} - D:\LaunchU3.exe -a
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
     
    ==================== Internet (Whitelisted) ====================
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14wu45w4882u238
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...14wu45w4882u238
    SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
    SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...AW_enUS412US412
    BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
    BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab
    DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx
    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
     
    FireFox:
    ========
    FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
    FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]
    FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-28]
     
    Chrome: 
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR Extension: (Google Docs) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]
    CHR Extension: (Google Drive) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]
    CHR Extension: (YouTube) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]
    CHR Extension: (Google Search) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]
    CHR Extension: (avast! Online Security) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-10]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
    CHR Extension: (Gmail) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-28]
     
    ========================== Services (Whitelisted) =================
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-28] (AVAST Software)
    S3 ExpressInvoiceService; C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe [1987588 2013-11-01] (NCH Software)
    S3 GameConsoleService; C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)
    R3 MWLService; C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
    R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2057560 2010-06-01] (Symantec Corporation)
    R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
    R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
     
    ==================== Drivers (Whitelisted) ====================
     
    S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation)
    S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
    R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-13] (AVAST Software)
    R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-02-13] (AVAST Software)
    R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-11-28] ()
    R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-02-13] (AVAST Software)
    R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-02-13] (AVAST Software)
    R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-02-13] (AVAST Software)
    R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-02-13] ()
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
    S3 EUCR; C:\WINDOWS\System32\DRIVERS\EUCR6SK.SYS [82384 2010-06-17] (ENE Technology Inc.)
    R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [61552 2010-05-19] (Atheros Communications, Inc.)
    S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
    R1 mwlPSDFilter; C:\WINDOWS\System32\DRIVERS\mwlPSDFilter.sys [17840 2008-12-02] (Egis Incorporated.)
    R1 mwlPSDNServ; C:\WINDOWS\System32\DRIVERS\mwlPSDNServ.sys [15280 2008-12-02] (Egis Incorporated.)
    R1 mwlPSDVDisk; C:\WINDOWS\System32\DRIVERS\mwlPSDVDisk.sys [58800 2008-12-02] (Egis Incorporated.)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
    R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [6608512 2010-05-30] (Intel Corporation)
    R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1766784 2010-02-12] ()
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    ==================== One Month Created Files and Folders ========
     
    2014-05-04 22:11 - 2014-05-05 07:18 - 00000000 ____D () C:\FRST
    2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt
    2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-05-04 21:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
    2014-05-04 21:39 - 2014-05-04 21:42 - 00000000 ____D () C:\AdwCleaner
    2014-05-04 21:17 - 2014-05-04 21:20 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms
    2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant
    2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt
    2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt
    2014-05-02 11:06 - 2014-05-04 21:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk
    2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics
    2014-04-30 00:39 - 2014-04-30 09:12 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun
    2014-04-29 09:45 - 2014-04-30 10:25 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR
    2014-04-26 14:02 - 2014-04-29 13:38 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
    2014-04-26 14:02 - 2014-04-29 13:38 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver
    2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$
    2014-04-25 13:22 - 2014-04-26 00:41 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
    2014-04-25 13:22 - 2014-04-26 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group
    2014-04-25 13:22 - 2009-12-30 10:20 - 00027064 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
    2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2014-04-14 16:07 - 2014-04-21 10:33 - 00004594 _____ () C:\WINDOWS\KB2922229.log
     
    ==================== One Month Modified Files and Folders =======
     
    2014-05-05 07:18 - 2014-05-04 22:11 - 00000000 ____D () C:\FRST
    2014-05-05 07:16 - 2013-11-28 17:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
    2014-05-05 07:16 - 2010-07-22 03:03 - 01651246 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-05-05 07:15 - 2010-07-22 03:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-05-05 07:15 - 2010-07-21 20:01 - 00000159 _____ () C:\WINDOWS\wiadebug.log
    2014-05-05 07:15 - 2010-07-21 20:01 - 00000048 _____ () C:\WINDOWS\wiaservc.log
    2014-05-05 07:14 - 2010-12-28 10:15 - 00000178 ___SH () C:\Documents and Settings\Miriam Moody\ntuser.ini
    2014-05-05 07:14 - 2010-07-22 03:07 - 00032504 _____ () C:\WINDOWS\SchedLgU.Txt
    2014-05-05 07:02 - 2010-07-21 19:59 - 00938515 _____ () C:\WINDOWS\setupapi.log
    2014-05-04 22:05 - 2014-05-04 22:05 - 00001020 _____ () C:\Documents and Settings\Miriam Moody\Desktop\JRT.txt
    2014-05-04 21:53 - 2014-05-04 21:53 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-05-04 21:44 - 2014-05-02 11:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\systemk
    2014-05-04 21:42 - 2014-05-04 21:39 - 00000000 ____D () C:\AdwCleaner
    2014-05-04 21:20 - 2014-05-04 21:17 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\GrantPerms
    2014-05-04 21:16 - 2014-05-04 21:16 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\grant
    2014-05-04 19:37 - 2014-05-04 19:37 - 00069436 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Extras.Txt
    2014-05-04 19:31 - 2014-05-04 19:31 - 00071502 _____ () C:\Documents and Settings\Miriam Moody\Desktop\OTL.Txt
    2014-05-04 06:30 - 2014-03-22 12:44 - 00022659 _____ () C:\WINDOWS\KB2929961.log
    2014-05-03 16:57 - 2010-12-28 01:03 - 00001138 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
    2014-05-03 16:56 - 2010-12-28 01:03 - 00175853 _____ () C:\WINDOWS\hpoins35.dat
    2014-05-02 11:12 - 2010-07-21 19:59 - 00573334 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-05-02 08:50 - 2014-01-10 12:11 - 00001817 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    2014-05-01 08:57 - 2014-05-01 08:57 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
    2014-04-30 10:35 - 2010-07-22 03:08 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
    2014-04-30 10:25 - 2014-04-29 09:45 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\SDR
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000826 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Auslogics DiskDefrag.lnk
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Program Files\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
    2014-04-30 09:43 - 2014-04-30 09:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Auslogics
    2014-04-30 09:12 - 2014-04-30 00:39 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Desktop\autorun
    2014-04-29 13:38 - 2014-04-26 14:02 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
    2014-04-29 13:38 - 2014-04-26 14:02 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\usb_driver
    2014-04-29 13:38 - 2010-10-15 13:30 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
    2014-04-29 13:38 - 2010-07-22 04:21 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
    2014-04-29 09:51 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody
    2014-04-26 14:03 - 2010-07-21 19:59 - 02052726 _____ () C:\WINDOWS\FaxSetup.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00984293 _____ () C:\WINDOWS\ocgen.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00785182 _____ () C:\WINDOWS\tsoc.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00688028 _____ () C:\WINDOWS\comsetup.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00415603 _____ () C:\WINDOWS\ntdtcsetup.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00326400 _____ () C:\WINDOWS\iis6.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00213964 _____ () C:\WINDOWS\setupact.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00113061 _____ () C:\WINDOWS\ocmsn.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00102223 _____ () C:\WINDOWS\msgsocm.log
    2014-04-26 14:03 - 2010-07-21 19:59 - 00001374 _____ () C:\WINDOWS\imsins.log
    2014-04-26 14:02 - 2014-04-26 14:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$
    2014-04-26 01:00 - 2013-10-29 20:37 - 00000000 ____D () C:\Program Files\WinZip
    2014-04-26 00:41 - 2014-04-25 13:22 - 00000929 _____ () C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
    2014-04-26 00:41 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Program Files\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\VS Revo Group
    2014-04-25 13:22 - 2014-04-25 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\VS Revo Group
    2014-04-24 19:16 - 2010-07-22 03:37 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
    2014-04-22 18:11 - 2013-10-29 11:23 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\uTorrent
    2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Program Files\NCH Software
    2014-04-22 18:08 - 2013-11-01 16:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NCH Software
    2014-04-21 11:25 - 2014-03-05 10:55 - 01268856 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2587936551-156640315-1538417202-1006-0.dat
    2014-04-21 11:25 - 2014-03-05 10:55 - 00243338 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
    2014-04-21 10:33 - 2014-04-14 16:07 - 00004594 _____ () C:\WINDOWS\KB2922229.log
    2014-04-15 09:45 - 2014-01-29 13:26 - 00000000 ____D () C:\Program Files\TurboTax
    2014-04-15 09:44 - 2014-01-29 13:33 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\My Documents\TurboTax
    2014-04-15 09:40 - 2014-01-29 13:28 - 00002393 _____ () C:\Documents and Settings\All Users\Desktop\TurboTax 2013.lnk
    2014-04-15 09:38 - 2010-12-28 10:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Adobe
    2014-04-15 09:08 - 2014-04-15 09:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2014-04-15 09:06 - 2010-12-30 16:16 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
     
    Some content of TEMP:
    ====================
    C:\Documents and Settings\Miriam Moody\Local Settings\Temp\Quarantine.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    C:\WINDOWS\explorer.exe => MD5 is legit
    C:\WINDOWS\system32\winlogon.exe => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    C:\WINDOWS\system32\User32.dll => MD5 is legit
    C:\WINDOWS\system32\userinit.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
     
    ==================== End Of Log ============================
     
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:04-05-2014
    Ran by Miriam Moody at 2014-05-05 07:20:06
    Running from C:\Documents and Settings\Miriam Moody\My Documents\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
     
    ==================== Installed Programs ======================
     
    µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
    32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
    Acer Crystal Eye webcam Ver:1.1.184.610 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.184.610 - Chicony Electronics Co.,Ltd.)
    Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
    Acer Game Console (Version:  - WildTangent) Hidden
    Acer Games (HKLM\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0624.2010 - Acer Incorporated)
    Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
    Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
    Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
    Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
    Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
    Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.40 - Atheros Communications Inc.)
    Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
    avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
    Bejeweled 2 Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Blackhawk Striker 2 (Version: 2.2.0.95 - WildTangent) Hidden
    BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    C309a (Version: 140.0.690.000 - Hewlett-Packard) Hidden
    Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95 - WildTangent) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dora's Carnival Adventure (Version: 2.2.0.95 - WildTangent) Hidden
    eBay Worldwide (HKLM\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
    ENE USB Card Reader Driver (HKLM\...\36E252B904CCA457EEA4810BC637F015E21FD79F) (Version: 5.89.0.70 - ENE)
    eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
    eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
    Express Invoice (HKLM\...\ExpressInvoice) (Version:  - NCH Software)
    Farm Frenzy (Version: 2.2.0.95 - WildTangent) Hidden
    Fax (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Final Drive Nitro (Version: 2.2.0.95 - WildTangent) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
    GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{71C4F928-136A-4222-A191-310E081FB96B}) (Version: 14.0 - HP)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
    HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
    hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
    Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
    Insaniquarium Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 6.14.10.5260 - Intel Corporation)
    Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
    Jewel Quest - Heritage (Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest (Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    Launch Manager (HKLM\...\LManager) (Version: 4.0.12 - Acer Inc.)
    MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
    Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)
    Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
    Mplayer 0.6.9 (HKLM\...\Mplayer) (Version: 0.6.9 - )
    MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyWinLocker (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
    MyWinLocker Suite (HKLM\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
    MyWinLocker Suite (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
    Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
    Norton Online Backup (HKLM\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    Plants vs. Zombies (Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (Version: 2.2.0.95 - WildTangent) Hidden
    PS_AIO_05_C309_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
    QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6066 - Realtek Semiconductor Corp.)
    Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
    Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
    Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    ShopAtHome.com Toolbar (HKLM\...\SelectRebatesUninstall) (Version:  - )
    Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
    SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
    SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
    Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.7.0 - Synaptics Incorporated)
    Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
    TurboTax 2013 WinPerFedFormset (Version: 013.000.1548 - Intuit Inc.) Hidden
    TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0437 - Intuit Inc.) Hidden
    TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162 - Intuit Inc.) Hidden
    TurboTax 2013 wrapper (Version: 013.000.0135 - Intuit Inc.) Hidden
    TurboTax 2013 wsciper (Version: 013.000.0984 - Intuit Inc.) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Windows Internet Explorer 8 (KB971180) (HKLM\...\KB971180-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB972636) (HKLM\...\KB972636-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB978506) (HKLM\...\KB978506-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
    Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    WebCam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54.008 - Sonix)
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
    Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
    Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
    Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
    Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
    Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
    Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
    Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
    Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
    Windows Rights Management Client Backwards Compatibility SP2 (HKLM\...\{EC905264-BCFE-423B-9C42-C3A106266790}) (Version: 5.2.95 - Microsoft)
    Windows Rights Management Client with Service Pack 2 (HKLM\...\{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}) (Version: 5.2.95 - Microsoft)
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
    Zuma Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
    Zuma's Revenge (Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Restore Points  =========================
     
    14-02-2014 02:32:46 avast! antivirus system restore point
    14-02-2014 13:31:04 Software Distribution Service 3.0
    22-03-2014 16:50:16 Software Distribution Service 3.0
    14-04-2014 20:01:39 Software Distribution Service 3.0
    15-04-2014 13:05:44 Software Distribution Service 3.0
    21-04-2014 14:27:53 Software Distribution Service 3.0
    22-04-2014 21:43:47 Software Distribution Service 3.0
    22-04-2014 22:26:26 Removed WinZip 17.5
    24-04-2014 23:18:16 Software Distribution Service 3.0
    25-04-2014 12:54:14 Software Distribution Service 3.0
    26-04-2014 04:49:19 Revo Uninstaller Pro's restore point - WinZip 17.5
    26-04-2014 07:19:32 Software Distribution Service 3.0
    26-04-2014 17:58:55 Unsigned driver install
    26-04-2014 18:03:03 Installed Windows XP winusb0200.
    27-04-2014 13:18:42 Software Distribution Service 3.0
    29-04-2014 04:55:06 Software Distribution Service 3.0
    29-04-2014 13:28:38 Software Distribution Service 3.0
    30-04-2014 12:58:55 Software Distribution Service 3.0
    01-05-2014 12:51:48 Software Distribution Service 3.0
    02-05-2014 12:45:15 Software Distribution Service 3.0
    02-05-2014 15:07:09 Software Distribution Service 3.0
    03-05-2014 10:18:17 Software Distribution Service 3.0
    03-05-2014 20:38:18 Installed HP Support Solutions Framework
    03-05-2014 20:41:51 Installed HP Support Solutions Framework
    04-05-2014 10:22:13 Software Distribution Service 3.0
    05-05-2014 11:02:38 Software Distribution Service 3.0
     
    ==================== Hosts content: ==========================
     
    2010-07-22 03:37 - 2008-04-14 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-05-05 07:03 - 2014-05-05 03:41 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050500\algo.dll
    2010-10-15 13:19 - 2010-02-12 19:11 - 00030080 _____ () C:\WINDOWS\snuvcdsm.exe
    2010-07-19 04:11 - 2009-05-20 02:02 - 00072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll
    2013-11-28 17:45 - 2013-11-28 17:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
    2014-05-02 08:50 - 2014-04-23 20:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
     
    ==================== Disabled items from MSCONFIG ==============
     
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Photosmart C309a series
    Description: Photosmart C309a series
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service: 
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (05/05/2014 07:16:17 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/05/2014 07:11:01 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/05/2014 07:06:45 AM) (Source: VSSetup) (User: )
    Description: EventType vssetup, P1 kb2729449, P2 10.0.30319, P3 10.0.30319.296, P4 1, P5 ndp40-kb2729449.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.
     
    Error: (05/05/2014 07:06:45 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2729449' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2729449_20140505_070524968-Microsoft .NET Framework 4 Client Profile-MSP0.txt.
     
    Error: (05/05/2014 07:06:44 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/05/2014 07:05:13 AM) (Source: VSSetup) (User: )
    Description: EventType vssetup, P1 kb2898855v2, P2 10.0.30319, P3 10.0.30319.1022, P4 1, P5 ndp40-kb2898855.msp, P6 install_i_silent_error, P7 1603, P8 2503, P9 vssetup0, P10 vssetup1.
     
    Error: (05/05/2014 07:05:12 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2898855v2' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\KB2898855v2_20140505_070313234-Microsoft .NET Framework 4 Client Profile-MSP0.txt.
     
    Error: (05/05/2014 07:05:11 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/04/2014 10:11:02 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
    Error: (05/04/2014 09:11:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2503. The arguments are: , ,
     
     
    System errors:
    =============
    Error: (05/05/2014 07:08:04 AM) (Source: Windows Update Agent) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Internet Explorer 8 for Windows XP (KB2964358).
     
    Error: (05/05/2014 07:08:04 AM) (Source: Windows Update Agent) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2729449).
     
    Error: (05/05/2014 07:05:20 AM) (Source: Windows Update Agent) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows XP (KB2929961).
     
    Error: (05/05/2014 07:05:20 AM) (Source: Windows Update Agent) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2898855).
     
    Error: (05/05/2014 07:02:58 AM) (Source: Windows Update Agent) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Windows XP End of Support Notification (KB2934207).
     
    Error: (05/05/2014 07:02:50 AM) (Source: Windows Update Agent) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2936068).
     
    Error: (05/04/2014 09:42:05 PM) (Source: Service Control Manager) (User: )
    Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The MyWinLocker Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Intel® Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (05/04/2014 09:42:04 PM) (Source: Service Control Manager) (User: )
    Description: The Raw Socket Service service terminated unexpectedly.  It has done this 1 time(s).
     
     
    Microsoft Office Sessions:
    =========================
     
    ==================== Memory info =========================== 
     
    Percentage of memory in use: 58%
    Total physical RAM: 1013.02 MB
    Available physical RAM: 417.17 MB
    Total Pagefile: 2439.23 MB
    Available Pagefile: 1801.52 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1956.36 MB
     
    ==================== Drives ================================
     
    Drive c: (ACER) (Fixed) (Total:138.05 GB) (Free:107.86 GB) NTFS ==>[Drive with boot components (Windows XP)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 1C8B2F0A)
    Partition 1: (Not Active) - (Size=11 GB) - (Type=12)
    Partition 2: (Active) - (Size=138 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    • 0

    #14
    RKinner
    Posted 05 May 2014 - 09:48 AM

    RKinner

      Malware Expert

    • Expert
    • 24,734 posts
    • MVP

    Go to Control Panel
    Programs and Features
    Microsoft .Net Framework 4.5.1
    <Click 'Change/Remove'>
    <Select 'Repair'>
    Wait 
    (it takes awhile)

    restart

     

    Use IE and go to:  http://support.micro...uninstall/en-us

     

    and click on Run Now and follow the prompts.

     

     

     
    Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
     
    Reboot. 
     
    Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
    sfc  /scannow
     
    This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then do the stuff in the box before doing the vew step:
     
    Copy the next two lines:


findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.

    • 0

    #15
    shajoe44
    Posted 05 May 2014 - 07:39 PM

    shajoe44

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 262 posts

    this is error i get when trying to uninstall/repair microsoft net 4

    Attached Thumbnails

    • microsoft 4.5.JPG

    • 0
    Back to Virus, Spyware, Malware Removal · Next Unread Topic →




    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    1. Geeks to Go Community
    2. Security
    3. Virus, Spyware, Malware Removal

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP