Message I get when I try to update: Windows update cannot currently check for updates,because he service is not running, you may need to restart your computer which i have done. I tried with super anti spyware, housecall, avg to clean it up but it seems I still have an infection.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Diane (administrator) on DIANE-PC on 15-03-2015 09:29:06
Running from C:\Users\Diane\Desktop
Loaded Profiles: Diane (Available profiles: Diane)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-09-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [311296 2007-01-08] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2008-06-02] (Hewlett-Packard)
HKLM\...\Run: [avast5] => C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
HKLM\...\Run: [Conime] => C:\Windows\system32\conime.exe [69120 2009-04-11] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SecurDisc] => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2503704 2015-03-08] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1783136 2007-10-01] (Hewlett-Packard)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-02-25] (SUPERAntiSpyware)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-14] (Google Inc.)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [Facebook Update] => C:\Users\Diane\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-25] (Facebook Inc.)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [18643560 2013-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\RunOnce: [Application Restart #6] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-07] (Google Inc.)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\MountPoints2: {08d2c301-0fc9-11e0-8d5b-001e688b986c} - F:\AutoLaunch.exe
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\MountPoints2: {cecb2ed0-0e67-11de-8b1c-001e688b986c} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [221184 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
Startup: C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\invicta fc Full.lnk
ShortcutTarget: invicta fc Full.lnk -> C:\ProgramData\{338bb8f2-9762-ada7-338b-bb8f2976e3ca}\invicta fc Full.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://theloop.ca/
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
URLSearchHook: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 - (No Name) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - No File
URLSearchHook: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 - (No Name) - {f29557fd-78aa-40e6-aba8-9fa219764018} - No File
URLSearchHook: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 - (No Name) - {ecce0073-a837-45a2-95b9-600420505f7e} - No File
SearchScopes: HKLM -> DefaultScope {5C6F3810-F400-4E83-9D4A-5E7BAAF9E6F2} URL =
SearchScopes: HKLM -> {39391820-B754-408E-B344-2D7850F1747F} URL = http://www.ask.com/w...}&l=dis&o=cahpd
SearchScopes: HKLM -> {A75FA426-5E4E-4A28-904C-77C7BEFF7179} URL = http://ca.search.yah...ing}&fr=hp-pvdt
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2856416
SearchScopes: HKLM -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...429AA4DD3&SSPV=
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...429AA4DD3&SSPV=
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...60-12D7F7EC9C5C
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {39391820-B754-408E-B344-2D7850F1747F} URL = http://www.ask.com/w...}&l=dis&o=cahpd
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {5C6F3810-F400-4E83-9D4A-5E7BAAF9E6F2} URL = http://search.condui...2026674694&UM=2
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {A75FA426-5E4E-4A28-904C-77C7BEFF7179} URL = http://ca.search.yah...ing}&fr=hp-pvdt
SearchScopes: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebs...r={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14] (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-24] (Oracle Corporation)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {DA21BD13-CA22-42E3-A071-98F08F1CA1E7} - No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {F29557FD-78AA-40E6-ABA8-9FA219764018} - No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {ECCE0073-A837-45A2-95B9-600420505F7E} - No File
Toolbar: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File []
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File []
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-03-08] (AVG Secure Search)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C74D33C5-5410-4BFB-8A69-7DD8061F99B6}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{E43C4754-1E0F-49A4-96FB-DE611413E9DE}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{E77AB3BF-46AA-4AF1-8B13-43CC40265057}: [NameServer] 208.69.150.252,208.69.150.250
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-02-21] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2014-02-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-02-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-01] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin HKU\S-1-5-21-1274701103-3661093621-3273732352-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Diane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Extension: TopArcadeHits - C:\Users\Diane\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-09-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-20]
Chrome:
=======
CHR Profile: C:\Users\Diane\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Diane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-14]
CHR Extension: (MixiDJ V45) - C:\Users\Diane\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehjklkgijkjfcfmmjmjlmcccholamaf [2013-09-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Diane\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (AVG Security Toolbar) - C:\Users\Diane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-10-16]
CHR Extension: (Google Wallet) - C:\Users\Diane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR HKLM\...\Chrome\Extension: [hndppnmigdlfmdegjjdmjoeinbbceihi] - C:\Users\Diane\AppData\Local\CRE\hndppnmigdlfmdegjjdmjoeinbbceihi.crx [2013-09-08]
CHR HKLM\...\Chrome\Extension: [iehjklkgijkjfcfmmjmjlmcccholamaf] - C:\Users\Diane\AppData\Local\CRE\iehjklkgijkjfcfmmjmjlmcccholamaf.crx [2013-09-04]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-02-25]
CHR HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hndppnmigdlfmdegjjdmjoeinbbceihi] - C:\Users\Diane\AppData\Local\CRE\hndppnmigdlfmdegjjdmjoeinbbceihi.crx [2013-09-08]
CHR HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iehjklkgijkjfcfmmjmjlmcccholamaf] - C:\Users\Diane\AppData\Local\CRE\iehjklkgijkjfcfmmjmjlmcccholamaf.crx [2013-09-04]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-10] (SUPERAntiSpyware.com) [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-22] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2011-09-28] (Ulead Systems, Inc.) [File not signed]
R2 vToolbarUpdater18.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-03-08] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
S3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [176640 2007-09-09] (Conexant Systems Inc.)
R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\Windows\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [38440 2007-11-26] (Nero AG)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows ® Codename Longhorn DDK provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SMIUSBAVCALL; C:\Windows\System32\Drivers\SmiUsbGrabber3F.sys [129664 2011-09-27] (Windows ® Win 7 DDK provider)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [42496 2011-08-02] (Apple, Inc.) [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 09:29 - 2015-03-15 09:29 - 00028064 _____ () C:\Users\Diane\Desktop\FRST.txt
2015-03-15 09:28 - 2015-03-15 09:29 - 00000000 ____D () C:\FRST
2015-03-15 09:27 - 2015-03-15 09:27 - 01135104 _____ (Farbar) C:\Users\Diane\Desktop\FRST.exe
2015-03-14 22:56 - 2015-03-14 22:56 - 00021496 _____ () C:\Users\Diane\Downloads\Result.txt
2015-03-14 22:55 - 2015-03-14 22:55 - 00402944 _____ (Farbar) C:\Users\Diane\Downloads\MiniToolBox.exe
2015-03-14 22:43 - 2015-03-14 22:43 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-14 22:43 - 2015-03-14 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-14 22:34 - 2015-03-14 22:34 - 00000000 _____ () C:\Users\Diane\Downloads\ChromeSetup.exe
2015-03-14 22:24 - 2015-03-14 22:24 - 00000000 ____D () C:\SUPERDelete
2015-03-13 20:10 - 2015-03-14 21:43 - 00000000 ____D () C:\Program Files\UNiDeaLssi
2015-03-13 20:10 - 2015-03-14 21:35 - 00000000 ____D () C:\Program Files\UniDeals
2015-03-13 20:10 - 2015-03-13 20:10 - 00000000 ____D () C:\ProgramData\cgfofmgjbbhbjgjebphjpbindjocghpa
2015-03-13 20:10 - 2015-03-13 20:10 - 00000000 ____D () C:\ProgramData\14275318535638780703
2015-03-13 20:09 - 2015-03-14 21:17 - 00000000 ____D () C:\ProgramData\{338bb8f2-9762-ada7-338b-bb8f2976e3ca}
2015-03-13 20:09 - 2015-03-13 20:09 - 00289418 _____ () C:\Users\Diane\Downloads\B0B736F1D1B5ECDF6738F9CD950FA7792875B42C.torrent
2015-03-13 20:07 - 2015-03-13 20:07 - 00840704 _____ () C:\Users\Diane\Downloads\invicta fc Full.exe
2015-03-13 20:01 - 2015-03-13 20:01 - 00367409 _____ () C:\Users\Diane\AppData\Local\census.cache
2015-03-13 20:01 - 2015-03-13 20:01 - 00220222 _____ () C:\Users\Diane\AppData\Local\ars.cache
2015-03-13 19:57 - 2015-03-13 19:57 - 00000010 _____ () C:\Users\Diane\AppData\Local\sponge.last.runtime.cache
2015-03-13 19:45 - 2013-09-27 22:56 - 00289352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-03-13 19:43 - 2015-03-13 19:44 - 02073112 _____ (Trend Micro Inc.) C:\Users\Diane\Downloads\HousecallLauncher.exe
2015-03-12 11:38 - 2015-03-12 11:38 - 00001726 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-03-12 11:38 - 2015-03-12 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-12 11:36 - 2015-03-12 11:39 - 00000000 ____D () C:\Program Files\QuickTime
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 09:23 - 2006-11-02 08:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 09:23 - 2006-11-02 08:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-15 09:15 - 2008-06-27 03:52 - 01166510 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 09:15 - 2006-11-02 06:33 - 01495948 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-15 09:14 - 2013-09-07 22:56 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-15 09:11 - 2009-02-16 11:26 - 00048175 _____ () C:\ProgramData\nvModes.dat
2015-03-15 09:11 - 2009-02-16 11:26 - 00048175 _____ () C:\ProgramData\nvModes.001
2015-03-15 09:09 - 2010-02-15 19:07 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 09:09 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-14 23:18 - 2006-11-02 09:01 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-14 22:58 - 2013-09-07 22:56 - 00000264 _____ () C:\Windows\Tasks\TopArcadeHits.job
2015-03-14 22:47 - 2013-09-07 22:56 - 00000000 ____D () C:\Program Files\Conduit
2015-03-14 22:47 - 2008-01-20 22:47 - 00241166 _____ () C:\Windows\PFRO.log
2015-03-14 22:43 - 2009-03-14 12:28 - 00000000 ____D () C:\Program Files\Google
2015-03-14 22:34 - 2012-07-14 16:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-14 22:32 - 2010-02-15 19:07 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-14 22:24 - 2008-04-24 21:57 - 00000000 ____D () C:\Program Files\AWS
2015-03-14 21:11 - 2010-07-20 13:12 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Skype
2015-03-14 21:06 - 2006-11-02 08:52 - 00144178 _____ () C:\Windows\setupact.log
2015-03-13 20:38 - 2012-07-25 20:33 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274701103-3661093621-3273732352-1000UA.job
2015-03-13 20:38 - 2012-07-25 20:33 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274701103-3661093621-3273732352-1000Core.job
2015-03-13 14:41 - 2013-09-08 11:34 - 00000000 ____D () C:\Users\Diane\AppData\Local\Avg2014
2015-03-12 11:36 - 2012-03-01 19:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-09 15:08 - 2008-10-17 13:01 - 00000000 ____D () C:\Users\Diane
2015-03-09 15:03 - 2011-08-27 14:58 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\HpUpdate
2015-03-08 14:13 - 2013-09-08 11:40 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2015-03-08 14:11 - 2013-09-08 12:06 - 00000000 ____D () C:\ProgramData\IBUpdaterService
2015-03-08 14:09 - 2013-09-08 11:40 - 00000000 ____D () C:\Program Files\AVG Secure Search
2015-03-02 15:02 - 2014-02-24 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-02 15:02 - 2013-09-08 11:40 - 00000842 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2015-03-01 22:36 - 2012-07-14 16:02 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-01 22:36 - 2011-09-26 10:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-01 22:32 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
==================== Files in the root of some directories =======
2009-06-20 11:28 - 2009-06-20 11:28 - 0000235 _____ () C:\Users\Diane\AppData\Roaming\devices.xml
2008-10-20 17:40 - 2013-09-08 12:05 - 0087608 _____ () C:\Users\Diane\AppData\Roaming\inst.exe
2012-06-02 09:54 - 2012-06-02 09:54 - 0000055 _____ () C:\Users\Diane\AppData\Roaming\mbam.context.scan
2008-10-20 17:43 - 2009-02-15 22:32 - 0027335 _____ () C:\Users\Diane\AppData\Roaming\nvModes.001
2008-10-20 16:24 - 2009-01-18 01:50 - 0027335 _____ () C:\Users\Diane\AppData\Roaming\nvModes.dat
2008-10-20 17:40 - 2013-09-08 12:05 - 0007887 _____ () C:\Users\Diane\AppData\Roaming\pcouffin.cat
2008-10-20 17:40 - 2013-09-08 12:05 - 0001144 _____ () C:\Users\Diane\AppData\Roaming\pcouffin.inf
2008-10-20 17:41 - 2013-09-08 12:06 - 0000034 _____ () C:\Users\Diane\AppData\Roaming\pcouffin.log
2008-10-20 17:40 - 2013-09-08 12:05 - 0047360 _____ (VSO Software) C:\Users\Diane\AppData\Roaming\pcouffin.sys
2012-05-30 16:15 - 2012-05-30 17:13 - 0002597 _____ () C:\Users\Diane\AppData\Roaming\result.db
2009-06-20 11:28 - 2009-06-20 11:28 - 0000012 _____ () C:\Users\Diane\AppData\Roaming\settings.xml
2015-03-13 20:01 - 2015-03-13 20:01 - 0220222 _____ () C:\Users\Diane\AppData\Local\ars.cache
2008-10-17 13:32 - 2008-10-17 13:32 - 0000000 _____ () C:\Users\Diane\AppData\Local\AtStart.txt
2015-03-13 20:01 - 2015-03-13 20:01 - 0367409 _____ () C:\Users\Diane\AppData\Local\census.cache
2009-01-18 01:50 - 2011-01-14 22:40 - 0000680 _____ () C:\Users\Diane\AppData\Local\d3d9caps.dat
2008-12-21 14:11 - 2013-08-10 19:53 - 0013312 _____ () C:\Users\Diane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-10-17 13:32 - 2008-10-17 13:32 - 0000000 _____ () C:\Users\Diane\AppData\Local\DSwitch.txt
2009-03-15 08:57 - 2009-03-15 08:57 - 0000000 _____ () C:\Users\Diane\AppData\Local\FnF4.txt
2012-05-31 09:45 - 2012-05-31 09:45 - 0000036 _____ () C:\Users\Diane\AppData\Local\housecall.guid.cache
2010-10-17 14:45 - 2010-10-17 15:07 - 0000230 _____ () C:\Users\Diane\AppData\Local\LaunchHomeCenter.log
2008-10-17 13:32 - 2008-10-17 13:32 - 0000000 _____ () C:\Users\Diane\AppData\Local\QSwitch.txt
2015-03-13 19:57 - 2015-03-13 19:57 - 0000010 _____ () C:\Users\Diane\AppData\Local\sponge.last.runtime.cache
2014-02-15 12:09 - 2014-02-15 12:09 - 0000399 ____H () C:\ProgramData\hpothb07.dat
2014-02-15 12:09 - 2014-02-15 12:09 - 0000000 ____H () C:\ProgramData\hpothb07.tif
2008-10-17 13:05 - 2010-10-17 13:37 - 0015805 _____ () C:\ProgramData\hpzinstall.log
2009-02-16 11:26 - 2015-03-15 09:11 - 0048175 _____ () C:\ProgramData\nvModes.001
2009-02-16 11:26 - 2015-03-15 09:11 - 0048175 _____ () C:\ProgramData\nvModes.dat
Files to move or delete:
====================
C:\ProgramData\hpothb07.dat
Some content of TEMP:
====================
C:\Users\Diane\AppData\Local\Temp\4110.exe
C:\Users\Diane\AppData\Local\Temp\checktbexist.exe
C:\Users\Diane\AppData\Local\Temp\ConduitEngine.dll
C:\Users\Diane\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Diane\AppData\Local\Temp\nsh41C4.exe
C:\Users\Diane\AppData\Local\Temp\nsi1547.tmp.tbBegi.dll
C:\Users\Diane\AppData\Local\Temp\nsn6FE7.exe
C:\Users\Diane\AppData\Local\Temp\nso50C1.exe
C:\Users\Diane\AppData\Local\Temp\nss5D24.exe
C:\Users\Diane\AppData\Local\Temp\nst3B00.exe
C:\Users\Diane\AppData\Local\Temp\nst5D13.exe
C:\Users\Diane\AppData\Local\Temp\nst8DC3.exe
C:\Users\Diane\AppData\Local\Temp\nsxAD14.exe
C:\Users\Diane\AppData\Local\Temp\nsxC307.exe
C:\Users\Diane\AppData\Local\Temp\oi_{095728C2-FD25-4F44-9980-CDD482A193A9}.exe
C:\Users\Diane\AppData\Local\Temp\ose00000.exe
C:\Users\Diane\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\Diane\AppData\Local\Temp\Setup.exe
C:\Users\Diane\AppData\Local\Temp\SPStub.exe
C:\Users\Diane\AppData\Local\Temp\tbappb.dll
C:\Users\Diane\AppData\Local\Temp\tbMixi.dll
C:\Users\Diane\AppData\Local\Temp\tbPee2.dll
C:\Users\Diane\AppData\Local\Temp\tbRadi.dll
C:\Users\Diane\AppData\Local\Temp\tbWise.dll
C:\Users\Diane\AppData\Local\Temp\ToolbarHelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 09:15
==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Diane at 2015-03-15 09:30:19
Running from C:\Users\Diane\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
aioprnt (Version: 5.1.6.0 - Eastman Kodak Company) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.1 - Atheros)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.3.0.885 - AVG Technologies)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.60 - Conexant)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
DVDFab 8.0.0.5 (25/08/2010) (HKLM\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
Elevated Installer (Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Garmin Express (HKLM\...\{bd9bc494-8cd2-4ae2-92fe-6a3dda9c3ee9}) (Version: 2.2.17 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.2.17 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.64.0 - HP) Hidden
HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )
HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
InstallVC90Support (Version: 1.01.0000 - Novatel Wireless) Hidden
Java 7 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51033}) (Version: 7.03.0920 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - )
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SMI USB Grabber (HKLM\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.02 - Somagic Inc)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1150 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)
TopArcadeHits (HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\...\{C1C3E833-420E-4D78-9BA7-86AEBB272384}) (Version: - TopArcadeHits)
Ulead VideoStudio SE DVD (HKLM\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
UniDeals (HKLM\...\{11F6D5AB-263F-388E-74DE-E3DECD390E3F}) (Version: - ) <==== ATTENTION
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Updater Service (HKLM\...\Updater Service) (Version: 15,9,28,27 - ) <==== ATTENTION
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
WildTangent Games App (HP Games) (Version: 4.0.5.31 - WildTangent) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Diane\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Diane\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Diane\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Diane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1274701103-3661093621-3273732352-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Diane\AppData\Local\Temp\6180\temp\invicta fc Full.exe ()
==================== Restore Points =========================
25-02-2014 18:34:29 Windows Update
01-03-2015 21:41:21 Language Pack Removal
02-03-2015 15:03:41 Language Pack Removal
09-03-2015 15:05:48 Language Pack Removal
12-03-2015 11:39:19 Language Pack Removal
13-03-2015 15:01:09 Language Pack Removal
13-03-2015 18:58:24 Language Pack Removal
14-03-2015 23:04:06 Language Pack Removal
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1BA75329-336A-4326-8116-BBE19D3904DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {47AD658A-66CD-4212-9ACB-7A20684627F5} - System32\Tasks\{FEE34187-93C8-47E0-832B-5475C0BA759E} => C:\Program Files\Skype\Phone\Skype.exe [2013-03-01] (Skype Technologies S.A.)
Task: {4CBA6B85-8957-42D7-B7C8-045FD658A5EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-01] (Adobe Systems Incorporated)
Task: {553BEBD6-98DA-4A11-89DE-480ADC07D24F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)
Task: {6CD1AA9A-B741-4C46-8475-3B4232CDD90D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {817B9E32-D122-4033-B86C-DB1204C334FD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1274701103-3661093621-3273732352-1000Core => C:\Users\Diane\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {8E93693B-534D-4920-9849-86EDD820BB4B} - System32\Tasks\Microsoft\Windows\RestartManager\{7E9EF9CD-F2F8-4ac7-8126-3C3373275D97} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {92DABD6A-3DF5-42C8-A6F1-502653494177} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)
Task: {AB5E0FD6-382B-4482-BEBE-8833A0A2BF6B} - System32\Tasks\HPCeeScheduleForDiane => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-09-28] (Hewlett-Packard)
Task: {B572BE70-ACB8-40F4-B732-572C785FAAB1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1274701103-3661093621-3273732352-1000UA => C:\Users\Diane\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {CD6D6453-204C-4671-B74A-531608138B3E} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {D63CDCD5-4A3B-4B17-8358-1B70D252B5F2} - System32\Tasks\{20098AFA-5271-4D3C-9D6B-B7A7C8B35147} => pcalua.exe -a E:\setup.exe -d E:\
Task: {D6C4DBEB-5627-4D16-858C-F01E4154143A} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Diane => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {E343E3DF-A33B-4773-8441-97D5D89D5816} - System32\Tasks\TopArcadeHits => C:\Users\Diane\AppData\Local\TopArcadeHits\updater.exe [2013-09-07] ()
Task: {ECB7ABB7-2E3C-4F2D-8E1E-7DD54258C505} - System32\Tasks\{7E04013E-D203-4B80-9F52-2829D16BC5EA} => Iexplore.exe http://ui.skype.com/...led;madedefault
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274701103-3661093621-3273732352-1000Core.job => C:\Users\Diane\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274701103-3661093621-3273732352-1000UA.job => C:\Users\Diane\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDiane.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Diane\AppData\Local\TopArcadeHits\updater.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-08 14:13 - 2015-03-08 14:08 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
2015-03-08 14:13 - 2015-03-08 14:08 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2009-03-11 20:33 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2014-02-25 18:27 - 2015-03-08 14:08 - 01638424 _____ () C:\Program Files\AVG Secure Search\TBAPI.dll
2013-09-08 11:40 - 2015-03-08 14:08 - 02503704 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2007-05-16 13:43 - 2007-05-16 13:43 - 00677432 ____R () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2015-03-14 22:43 - 2015-03-07 02:13 - 09279304 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.89\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1274701103-3661093621-3273732352-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\Wallpaper\img24.jpg
DNS Servers: 208.69.150.252 - 208.69.150.250
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1274701103-3661093621-3273732352-500 - Administrator - Disabled)
Diane (S-1-5-21-1274701103-3661093621-3273732352-1000 - Administrator - Enabled) => C:\Users\Diane
Guest (S-1-5-21-1274701103-3661093621-3273732352-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/15/2015 09:09:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/14/2015 10:48:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/14/2015 09:05:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/13/2015 08:35:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/13/2015 08:35:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module NVSVC.DLL, version 7.15.11.7991, time stamp 0x4a422f8b, exception code 0xc0000005, fault offset 0x00002c0b,
process id 0xdbc, application start time 0xrundll32.exe0.
Error: (03/13/2015 08:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Diane-PC.local already in use; will try Diane-PC-2.local instead
Error: (03/13/2015 08:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Diane-PC.local. Addr 192.168.2.21
Error: (03/13/2015 08:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.26:5353 4 Diane-PC.local. Addr 192.168.2.26
Error: (03/13/2015 08:31:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module NVSVC.DLL, version 7.15.11.7991, time stamp 0x4a422f8b, exception code 0xc0000005, fault offset 0x00002c0b,
process id 0x16c8, application start time 0xrundll32.exe0.
Error: (03/13/2015 08:12:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module NVSVC.DLL, version 7.15.11.7991, time stamp 0x4a422f8b, exception code 0xc0000005, fault offset 0x00002c0b,
process id 0x270, application start time 0xrundll32.exe0.
System errors:
=============
Error: (03/15/2015 09:09:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/14/2015 11:04:42 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1003) (User: NT AUTHORITY)
Description: 0x800f0825fr-FR
Error: (03/14/2015 10:48:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/14/2015 10:39:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
Error: (03/14/2015 09:10:57 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.2.21 for the Network Card with network address 001FE2AAD358 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
Error: (03/14/2015 09:05:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/13/2015 08:35:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/13/2015 08:34:57 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "DIANE-PC :20" could not be registered on the interface with IP address 192.168.2.21.
The computer with the IP address 192.168.2.26 did not allow the name to be claimed by
this computer.
Error: (03/13/2015 08:34:57 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "DIANE-PC :0" could not be registered on the interface with IP address 192.168.2.21.
The computer with the IP address 192.168.2.26 did not allow the name to be claimed by
this computer.
Error: (03/13/2015 08:34:57 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "DIANE-PC :0" could not be registered on the interface with IP address 192.168.2.21.
The computer with the IP address 192.168.2.17 did not allow the name to be claimed by
this computer.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-03-15 09:29:38.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 09:29:37.526
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 09:29:36.840
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 09:29:36.075
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-14 21:29:56.950
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-14 21:29:55.590
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-14 21:29:54.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-14 21:29:52.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-13 19:55:23.345
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-13 19:55:22.529
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Turion 64 X2 Mobile Technology TL-60
Percentage of memory in use: 52%
Total physical RAM: 3006.18 MB
Available physical RAM: 1437.18 MB
Total Pagefile: 6244.77 MB
Available Pagefile: 4530.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100.11 GB) (Free:30.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.68 GB) (Free:2.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 0F4A0F49)
Partition 1: (Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================