TechSpot

Internet connected but unable to run online programs (including browsers)

By Joshua Davidson
Mar 12, 2015
  1. None of my internet based programs are able to get online. I've ran network diagnostic tests and malwarebytes but no real issue has been determined.
     
  2. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
    NOTE 1. Use another working computer to download Farbar Recovery Scan Tool. Use USB flash drive to transfer it from good computer to the bad one.
    NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  3. Joshua Davidson

    Joshua Davidson TS Rookie Topic Starter

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
    Ran by Joshua (administrator) on BOB-PC on 16-03-2015 15:04:41
    Running from F:\
    Loaded Profiles: Joshua & Guest (Available profiles: Joshua & Guest)
    Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English (United States)
    Internet Explorer Version 9 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\stacsv64.exe
    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Agere Systems) C:\Windows\System32\agr64svc.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    ( ) C:\Windows\System32\lxdncoms.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    () C:\Windows\SMINST\BLService.exe
    () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    (Viewpoint Corporation) C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    () C:\Program Files\Smart PDF Converter Pro\SmartSoft PDF Printer Agent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Spotify Ltd) C:\Users\Joshua\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Spotify Ltd) C:\Users\Joshua\AppData\Roaming\Spotify\spotify.exe
    (ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
    (CyberLink Corp.) C:\Program Files (x86)\HP\QuickPlay\QPService.exe
    ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    () C:\Users\Joshua\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    () C:\Users\Joshua\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    () C:\Users\Joshua\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    () C:\Users\Joshua\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    Failed to access process -> FRST64.exe
    (Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [442368 2009-06-03] (IDT, Inc.)
    HKLM\...\Run: [SmartSoft PDF Printer Agent] => C:\Program Files\Smart PDF Converter Pro\SmartSoft PDF Printer Agent.exe [50576 2011-08-12] ()
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
    HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
    HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-03-30] (RealNetworks, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
    HKLM-x32\...\Run: [QPService] => C:\Program Files (x86)\HP\QuickPlay\QPService.exe [468264 2008-04-24] (CyberLink Corp.)
    HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-03-14] ( Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
    HKLM-x32\...\Run: [hpWirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
    HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard)
    HKLM-x32\...\Run: [FaxCenterServer] => C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe [320168 2010-02-03] ()
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1164584 2010-09-01] ()
    HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)
    HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [1804 2009-11-19] ()
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1126416 2014-10-10] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
    HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Run: [Spotify Web Helper] => C:\Users\Joshua\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-12] (Spotify Ltd)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Run: [Spotify] => C:\Users\Joshua\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-12] (Spotify Ltd)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Run: [ooVoo.exe] => C:\program files (x86)\oovoo\oovoo.exe [35253312 2013-09-10] (ooVoo LLC)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Run: [Only-search] => C:\Users\Joshua\AppData\Local\onlysearch\onlysearch\1.3.12.9\onlysearch.exe
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Run: [DW7] => C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe [13103104 2013-10-01] (The Weather Channel)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Run: [DW6] => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\MountPoints2: {cbef60fc-6ef3-11de-8085-db9dbab7dd04} - F:\
    HKU\S-1-5-21-2032778173-3768824236-4078890220-501\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-02-26] (Hewlett-Packard Company)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-501\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-06-16] (Google Inc.)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-501\...\Run: [Facebook Update] => C:\Users\Guest\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-23] (Facebook Inc.)
    HKU\S-1-5-21-2032778173-3768824236-4078890220-501\...\Run: [DW7] => C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe [13103104 2013-10-01] (The Weather Channel)
    AppInit_DLLs: C:\PROGRA~3\PERFOR~1\PERFOR~2.DLL => C:\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll [4303360 2014-10-12] ()
    AppInit_DLLs-x32: c:\progra~3\perfor~1\perfor~1.dll => "c:\progra~3\perfor~1\perfor~1.dll" File Not Found
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyServer: [S-1-5-21-2032778173-3768824236-4078890220-1000] => http=127.0.0.1:49298;https=127.0.0.1:49298
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
    HKU\S-1-5-21-2032778173-3768824236-4078890220-501\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
    HKU\S-1-5-21-2032778173-3768824236-4078890220-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
    URLSearchHook: HKLM-x32 - ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooV0.dll (Conduit Ltd.)
    URLSearchHook: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    URLSearchHook: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    SearchScopes: HKLM-x32 -> {6F983AA9-79B7-4D5A-9B46-3E116BC60304} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvnb
    SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1572363
    SearchScopes: HKLM-x32 -> {D36439C9-37CD-47CA-97D6-93DB9EADB688} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co.kr/search?q={s...={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co.kr/search?q={s...={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> {6F983AA9-79B7-4D5A-9B46-3E116BC60304} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvnb
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=SWL&chn=&geo=US&ver=1
    SearchScopes: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> {D36439C9-37CD-47CA-97D6-93DB9EADB688} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27] (Google Inc.)
    BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    BHO: PricEDownloaDer -> {D347FD08-AAF8-5CB0-F035-7052500E2EA6} -> C:\ProgramData\PricEDownloaDer\VK_.x64.dll No File
    BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll [2010-03-23] (Yahoo! Inc.)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
    BHO-x32: Show Naturalreader Bar -> {127AD70F-B2B7-4f6a-ACD9-C7B1FE48C8C0} -> C:\Windows\syswow64\MsiExec.exe [2009-04-11] (Microsoft Corporation)
    BHO-x32: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-03-06] (RealDownloader)
    BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-01] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
    BHO-x32: FacePaint.Plugin -> {A15C7D2D-9A4C-4c9a-9BD4-CC4815B28EBC} -> C:\Windows\SysWOW64\mscoree.dll [2009-11-07] (Microsoft Corporation)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27] (Google Inc.)
    BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11] (Skype Technologies S.A.)
    BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    BHO-x32: PricEDownloaDer -> {D347FD08-AAF8-5CB0-F035-7052500E2EA6} -> C:\ProgramData\PricEDownloaDer\VK_.dll No File
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-01] (Oracle Corporation)
    BHO-x32: ooVoo Video Chat Toolbar -> {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} -> C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooV0.dll [2011-01-17] (Conduit Ltd.)
    BHO-x32: kikin Plugin -> {E601996F-E400-41CA-804B-CD6373A7EEE2} -> C:\Program Files (x86)\kikin\ie_kikin.dll [2011-02-25] (kikin)
    BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll [2010-03-23] (Yahoo! Inc)
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-14] (Hewlett-Packard Co.)
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27] (Google Inc.)
    Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll [2010-03-23] (Yahoo! Inc.)
    Toolbar: HKLM-x32 - No Name - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
    Toolbar: HKLM-x32 - ooVoo Video Chat Toolbar - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooV0.dll [2011-01-17] (Conduit Ltd.)
    Toolbar: HKLM-x32 - FacePaint Toolbar - {CCCC7D2D-9A4C-4C9A-9BD4-CC4815B28CCC} - C:\Windows\SysWOW64\mscoree.dll [2009-11-07] (Microsoft Corporation)
    Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27] (Google Inc.)
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-1000 -> No Name - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No File
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-1000 -> No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27] (Google Inc.)
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> No Name - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No File
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> No Name - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
    Toolbar: HKU\S-1-5-21-2032778173-3768824236-4078890220-501 -> No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
    DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
    DPF: HKLM-x32 {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
    DPF: HKLM-x32 {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab
    DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: HKLM-x32 {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11] (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
    Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
    Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll File Not found ()
    Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll File Not found ()
    Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll File Not found ()
    Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll File Not found ()
    Winsock: Catalog9 18 C:\Windows\system32\MyOSProtect.dll File Not found ()
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{1B0842AF-9E82-4408-A1C3-F31526CF519D}: [NameServer] 50.7.75.4,76.73.6.28

    FireFox:
    ========
    FF ProfilePath: C:\Users\Joshua\AppData\Roaming\Mozilla\Firefox\Profiles\gklft62r.default-1415374856249
    FF DefaultSearchEngine: Google
    FF SelectedSearchEngine: Google
    FF Homepage: https://www.startpage.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll [2014-11-12] ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, LLC.)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [2014-11-12] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
    FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2011-12-22] (Citrix Systems, Inc.)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, LLC.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2012-03-22] (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-01] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-01] (Oracle Corporation)
    FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2008-11-05] (Yahoo! Inc.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=16.0.1.18 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-03-30] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-03-06] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-03-06] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-03-06] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-11-16] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-11-16] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-03-30] (RealPlayer)
    FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-03-06] (RealDownloader)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll [2007-04-16] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2032778173-3768824236-4078890220-1000: @fuzebox.com/Fuze Meeting NPAPI Plugin,version=1.0.0.1 -> C:\Users\Joshua\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll [2014-01-03] ( )
    FF Plugin HKU\S-1-5-21-2032778173-3768824236-4078890220-1000: @startmeeting.com/launcher -> C:\Users\Joshua\AppData\Local\SMPlugins\npsmlauncher.dll [2014-02-18] (Start Meeting)
    FF Plugin HKU\S-1-5-21-2032778173-3768824236-4078890220-1000: @yahoo.com/BrowserPlus,version=2.7.1 -> C:\Users\Joshua\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll [2010-04-19] (Yahoo! Inc.)
    FF Plugin HKU\S-1-5-21-2032778173-3768824236-4078890220-501: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Guest\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Limited)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-10-02]
    FF Extension: savinshop - C:\Users\Joshua\AppData\Roaming\Mozilla\Firefox\Profiles\gklft62r.default-1415374856249\Extensions\Yq@KinRz.org [2014-11-12]
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008-08-04]
    FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-23]
    FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
    FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2010-10-29]
    FF HKLM-x32\...\Firefox\Extensions: [{31F37877-0076-4d26-8FD4-D9A7223FFC06}] - C:\Program Files (x86)\FacePaint\FacePaintFF\{31F37877-0076-4d26-8FD4-D9A7223FFC06}
    FF Extension: FacePaint - C:\Program Files (x86)\FacePaint\FacePaintFF\{31F37877-0076-4d26-8FD4-D9A7223FFC06} [2011-04-11]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-08-13]
    FF HKLM-x32\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-30]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
     
  4. Joshua Davidson

    Joshua Davidson TS Rookie Topic Starter

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
    CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
    CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
    CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll No File
    CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
    CHR Plugin: (Gamevance Textlinks Plugin) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhgoncokajlafhnhjmccgcmgggiehjm\npgvtl.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
    CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File
    CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
    CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (BrowserPlus (from Yahoo!) v2.7.1) - C:\Users\Joshua\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.)
    CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR Profile: C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-18]
    CHR Extension: (Google Cast) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-08-17]
    CHR Extension: (cosstminn) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhpeodaehcgiflelabikmjdabjbcmcp [2014-09-16]
    CHR Extension: (SiteAdvisor) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-09-29]
    CHR Extension: (PriceDownloader) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\flkldcfmkdhcpjppbceamcfecagnhbpf [2014-10-27]
    CHR Extension: (RightTasks for Gmail) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgniockidojcaaolfcbbkaaakbjdebpe [2014-10-26]
    CHR Extension: (Video Bookmarks) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpgpmmooejhfhojndincjeonokodggj [2014-10-16]
    CHR Extension: (RealDownloader) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-29]
    CHR Extension: (Semantic inspector) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\jobakbebljifplmcapcooffdbdmfdbjh [2014-11-12]
    CHR Extension: (Skype Click to Call) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-08-29]
    CHR Extension: (Google Wallet) - C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-08-13]
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-08-13]
    CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-07-11]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-27] () [File not signed]
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [857616 2014-10-10] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.)
    R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
    R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
    R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-02-26] (Hewlett-Packard Company) [File not signed]
    S2 lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
    R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
    R2 lxdn_device; C:\Windows\SysWOW64\lxdncoms.exe [589824 2007-11-28] ( )
    R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-02-19] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
    R2 QPCapSvc; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292232 2008-04-24] ()
    R2 QPSched; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [112008 2008-04-24] ()
    R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
    R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-25] ()
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
    R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [239104 2009-06-03] (IDT, Inc.)
    R2 Viewpoint Manager Service; C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [24652 2007-01-04] (Viewpoint Corporation) [File not signed]
    S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [262424 2014-10-07] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-14] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
    R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
    S3 NVENETFD; C:\Windows\System32\DRIVERS\nvm60x64.sys [742696 2006-10-09] (NVIDIA Corporation)
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
    S1 ctpaoggs; \??\C:\Windows\system32\drivers\ctpaoggs.sys [X]
    U1 eabfiltr; No ImagePath
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-03-16 15:02 - 2015-03-16 15:02 - 00003042 _____ () C:\Windows\System32\Tasks\PandaUSBVaccine
    2015-03-16 15:02 - 2015-03-16 15:02 - 00000000 ____D () C:\ProgramData\Panda Security
    2015-03-16 15:02 - 2015-03-16 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
    2015-03-16 15:02 - 2015-03-16 15:02 - 00000000 ____D () C:\Program Files (x86)\Panda USB Vaccine
    2015-03-16 14:53 - 2015-03-16 15:04 - 00000000 ____D () C:\FRST
    2015-03-10 17:58 - 2015-03-11 18:07 - 00000000 ____D () C:\Users\Joshua\Desktop\RMTL
    2015-03-09 15:27 - 2015-03-09 15:43 - 00000000 ____D () C:\Users\Joshua\Desktop\CHAR
    2015-03-09 15:00 - 2015-03-09 15:26 - 00000000 ____D () C:\Users\Joshua\Desktop\CHC
    2015-03-09 14:52 - 2015-03-10 17:58 - 00000000 ____D () C:\Users\Joshua\Desktop\TLACH
    2015-03-09 12:20 - 2015-03-10 17:59 - 00000000 ____D () C:\Users\Joshua\Documents\Revivial
    2015-02-16 01:54 - 2015-01-22 23:07 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-02-16 01:54 - 2015-01-22 22:59 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-02-16 01:54 - 2015-01-22 22:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-02-16 01:54 - 2015-01-22 21:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-03-16 14:54 - 2008-09-10 00:07 - 01124239 _____ () C:\Windows\WindowsUpdate.log
    2015-03-16 14:53 - 2013-02-10 23:39 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\Spotify
    2015-03-16 14:53 - 2012-06-16 10:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-03-16 14:52 - 2010-11-07 02:56 - 00000000 ____D () C:\Users\Joshua\AppData\Local\CrashDumps
    2015-03-16 14:28 - 2014-11-12 12:37 - 00000000 ____D () C:\ProgramData\MFAData
    2015-03-16 14:28 - 2008-09-10 00:55 - 00000290 _____ () C:\Users\Public\Documents\hpqp.ini
    2015-03-16 14:26 - 2009-06-06 21:49 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
    2015-03-16 14:24 - 2010-01-30 23:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-03-16 14:24 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-03-16 14:24 - 2006-11-02 10:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2015-03-16 14:24 - 2006-11-02 10:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2015-03-16 13:55 - 2008-08-04 03:29 - 00000012 _____ () C:\Windows\bthservsdp.dat
    2015-03-16 13:55 - 2006-11-02 10:42 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-03-16 13:09 - 2010-01-30 23:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-03-13 13:32 - 2012-11-10 21:12 - 00000000 ____D () C:\Users\Joshua\AppData\Roaming\HpUpdate
    2015-03-10 18:03 - 2006-11-02 07:46 - 00776038 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-03-09 02:43 - 2010-11-08 12:14 - 00003682 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{77C1F637-0A2A-4D8A-A5EA-D60818E3EF25}
    2015-03-03 08:17 - 2010-06-06 03:24 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2015-03-02 23:02 - 2012-08-13 09:36 - 00000000 ____D () C:\Program Files (x86)\McAfee
    2015-03-02 23:02 - 2008-01-20 22:26 - 00978804 _____ () C:\Windows\PFRO.log
    2015-02-27 07:17 - 2012-05-20 22:28 - 00000454 ____H () C:\Windows\Tasks\Norton Security Scan for Joshua.job

    ==================== Files in the root of some directories =======

    2014-10-19 21:32 - 2014-11-02 17:44 - 0000004 _____ () C:\Users\Joshua\AppData\Roaming\appdataFr2.bin
    2014-09-19 01:31 - 2014-11-02 19:31 - 0000099 _____ () C:\Users\Joshua\AppData\Roaming\WB.CFG
    2013-10-01 17:38 - 2014-02-20 23:52 - 0000130 _____ () C:\Users\Joshua\AppData\Roaming\wklnhst.dat
    2008-12-25 07:00 - 2008-12-25 07:00 - 0000000 _____ () C:\Users\Joshua\AppData\Local\AtStart.txt
    2014-09-18 09:35 - 2014-10-06 08:28 - 0696320 _____ () C:\Users\Joshua\AppData\Local\ChromeHitoryDB
    2008-12-27 23:49 - 2013-09-29 09:08 - 0006648 _____ () C:\Users\Joshua\AppData\Local\d3d9caps.dat
    2013-09-27 16:43 - 2013-09-27 16:47 - 0000732 _____ () C:\Users\Joshua\AppData\Local\d3d9caps64.dat
    2008-12-27 03:27 - 2011-09-05 15:29 - 0081408 _____ () C:\Users\Joshua\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-09-16 11:54 - 2014-09-16 11:58 - 0441494 _____ () C:\Users\Joshua\AppData\Local\dd_vcredistMSI425E.txt
    2010-12-18 23:51 - 2010-12-18 23:54 - 0423438 _____ () C:\Users\Joshua\AppData\Local\dd_vcredistMSI6052.txt
    2014-09-16 11:54 - 2014-09-16 11:58 - 0016496 _____ () C:\Users\Joshua\AppData\Local\dd_vcredistUI425E.txt
    2010-12-18 23:50 - 2010-12-18 23:54 - 0011618 _____ () C:\Users\Joshua\AppData\Local\dd_vcredistUI6052.txt
    2008-12-25 07:00 - 2008-12-25 07:00 - 0000000 _____ () C:\Users\Joshua\AppData\Local\DSwitch.txt
    2008-12-25 07:00 - 2008-12-25 07:00 - 0000000 _____ () C:\Users\Joshua\AppData\Local\QSwitch.txt
    2014-09-04 12:08 - 2014-09-04 12:11 - 0000000 _____ () C:\Users\Joshua\AppData\Local\{13A59E65-59AA-4047-8ADC-84942586E8C2}
    2010-10-05 17:16 - 2010-10-24 16:47 - 0001940 _____ () C:\Users\Joshua\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
    2008-12-25 08:21 - 2008-12-25 08:21 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
    2008-08-04 04:57 - 2008-08-04 04:58 - 0000372 _____ () C:\ProgramData\hpzinstall.log
    2010-12-17 15:03 - 2010-12-17 15:03 - 4434771 _____ () C:\ProgramData\SPL35CE.tmp
    2010-12-17 14:58 - 2010-12-17 14:58 - 4434771 _____ () C:\ProgramData\SPLFD77.tmp

    Files to move or delete:
    ====================
    C:\Users\Guest\jagex_runescape_preferences.dat
    C:\Users\Guest\jagex_runescape_preferences2.dat


    Some content of TEMP:
    ====================
    C:\Users\Guest\AppData\Local\Temp\drm_dialogs.dll
    C:\Users\Guest\AppData\Local\Temp\symlcsv1.exe
    C:\Users\Joshua\AppData\Local\Temp\BXGoAglFC6.exe
    C:\Users\Joshua\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
    C:\Users\Joshua\AppData\Local\Temp\offercast.exe
    C:\Users\Joshua\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Joshua\AppData\Local\Temp\smplayer-0.6.9-win32.exe
    C:\Users\Joshua\AppData\Local\Temp\SpOrder.dll
    C:\Users\Joshua\AppData\Local\Temp\SymInstallStub.exe
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite10592.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite10996.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite11218.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite12770.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite14043.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite14387.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite15321.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite15356.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite15955.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite16631.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite17213.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite17387.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite17884.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite18109.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite18817.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite19467.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite19481.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite19578.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite19647.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite21615.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite22169.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite22366.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite23294.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite24496.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite25551.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite26531.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite26599.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite26617.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite27311.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite27724.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite28054.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite28168.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite28568.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite28649.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite28815.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite28831.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite29143.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite29166.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite30304.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite31130.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite31827.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite32146.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite33823.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite34541.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite35142.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite35330.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite35944.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite36023.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite36051.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite36069.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite36078.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite36794.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite36923.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite37963.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite39127.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite39198.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite39300.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite39902.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite40156.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite40493.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite40777.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite40877.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite41071.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite41374.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite41738.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite42738.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite44665.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite44756.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite47093.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite47304.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite47690.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite47823.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite48615.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite48787.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite49042.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite49534.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite49849.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite50231.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite50653.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite51092.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite54525.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite54550.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite54745.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite55105.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite55615.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite56427.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite56572.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite57385.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite57827.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite59424.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite59632.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite60313.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite60363.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite60414.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite60581.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite60743.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite61552.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite61571.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite65015.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite65447.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite65470.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite65498.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite66268.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite67474.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite67478.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite67497.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite67514.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite68133.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite68863.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite69120.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite69788.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite69922.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite70066.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite71692.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite71847.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite72017.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite72861.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite72912.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite73952.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite74682.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite75477.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite77151.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite77233.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite77418.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite77901.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite78024.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite78362.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite78561.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite78971.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite79806.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite79860.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite80181.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite80512.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite80959.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite82702.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite82827.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite84400.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite84541.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite85928.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite86116.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite86999.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite88052.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite88333.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite89722.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite90175.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite90905.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite91502.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite91572.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite91631.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite91804.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite92332.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite92346.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite92621.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite93163.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite93257.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite94338.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite94374.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite94976.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite95271.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite95379.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite96074.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite96882.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite97163.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite97384.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite98156.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite98323.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite99010.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite99796.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite99887.dll
    C:\Users\Joshua\AppData\Local\Temp\System.Data.SQLite99953.dll
    C:\Users\Joshua\AppData\Local\Temp\The_Weather_Channel_Application.exe
    C:\Users\Joshua\AppData\Local\Temp\UK3VZMmgFP.exe
    C:\Users\Joshua\AppData\Local\Temp\vcredist_x64.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-03-16 14:33

    ==================== End Of Log ============================
     
  5. Joshua Davidson

    Joshua Davidson TS Rookie Topic Starter

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
    Ran by Joshua at 2015-03-16 15:06:30
    Running from F:\
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition 2015 (Enabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2015 (Enabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
    ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
    Acoustica Effects Pack (HKLM-x32\...\Acoustica Effects Pack) (Version: 3.0 - Acoustica, Inc)
    Acoustica Mixcraft 5 (HKLM-x32\...\Acoustica Mixcraft 5) (Version: - Acoustica)
    Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
    Acrobat.com (x32 Version: 2.1.0 - Adobe Systems Incorporated) Hidden
    Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
    Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
    Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
    AIM 6 (HKLM-x32\...\AIM_6) (Version: - )
    Amazon Kindle (HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Amazon Kindle) (Version: - Amazon)
    Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: - )
    Avant Media Player (HKLM-x32\...\Avant Media Player_is1) (Version: - Excellent Technology Exchange)
    AvantMediaPlayer (HKLM-x32\...\AvantMediaPlayer_is1) (Version: - Excellent Technology Exchange)
    AVG (HKLM\...\AvgZen) (Version: 1.0.387 - AVG Technologies)
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5557 - AVG Technologies)
    AVG 2015 (Version: 15.0.4213 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.5557 - AVG Technologies) Hidden
    AVG Zen (Version: 1.0.387 - AVG Technologies) Hidden
    AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
    AVS Video Converter 6 (HKLM-x32\...\AVS4YOU Video Converter 6_is1) (Version: - Online Media Technologies Ltd.)
    AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
    Boingo Wi-Fi (HKLM-x32\...\{235C31BC-BBAE-4932-9F17-15395C65907B}) (Version: 1.7.0020 - Boingo Wireless, Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.3 - Broadcom Corporation)
    Cards_Calendar_OrderGift_DoMorePlugout (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
    Click to Call with Skype (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.8013 - Skype Technologies S.A.)
    Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 23.4.1.0 - COMODO)
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Conduit Engine (HKLM-x32\...\conduitEngine) (Version: - Conduit Ltd.) <==== ATTENTION
    CouponSupport (HKLM-x32\...\S-649636217) (Version: 1.2.0.1583 - CouponSupport) <==== ATTENTION
    CyberLink DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2029 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.1.2.2 - DivX, Inc. )
    Drumaxx (HKLM-x32\...\Drumaxx) (Version: - Image-Line)
    EasyBits GO (HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Game Organizer) (Version: - EasyBits Media)
    ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
    FacePaint Plugin (HKLM-x32\...\{C864C994-2957-4FE3-A72B-36C5E507B4AA}) (Version: 1.0.0 - W3i, LLC)
    Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
    Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
    FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version: - Image-Line)
    FMW 1 (Version: 1.0.259 - AVG Technologies) Hidden
    Free NaturalReader (HKLM-x32\...\{1F2DF2C6-08F7-40BD-8E85-D16CB436E7F0}) (Version: 9.0 - NaturalSoft Limited)
    Fuze Meeting (HKLM-x32\...\{88F800EE-C2E3-49F1-9A61-DB1EE6DD4245}) (Version: 14.1.3326 - Fuze Box, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line)
    Hewlett-Packard Active Check for Health Check (x32 Version: 1.1.15.2 - Hewlett-Packard) Hidden
    Hewlett-Packard Asset Agent for Health Check (x32 Version: 2.0.64.0 - HP) Hidden
    HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
    HP Doc Viewer (HKLM-x32\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
    HP Help and Support (HKLM-x32\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
    HP MULTIPLE MODEM INSTALLER for VISTA (HKLM-x32\...\{45A136EC-88BF-4B95-99F5-C45D3930E1CC}) (Version: 1.0.0.30 - Hewlett Packard)
    HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
    HP Quick Launch Buttons 6.40 D3 (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 D3 - Hewlett-Packard)
    HP QuickPlay 3.7 (HKLM-x32\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
    HP QuickTouch 1.00 D2 (HKLM\...\{1AD2F8FE-A357-4728-BDF8-B92D794CE793}) (Version: 1.0.9 - Hewlett-Packard)
    HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 109.9.19158 - Hewlett-Packard)
    HP Total Care Advisor (HKLM-x32\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3359.2635 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HP User Guides 0101 (HKLM-x32\...\{22712FAD-DE04-4D50-82A6-3C7AC5D55AA2}) (Version: 1.01.0000 - Hewlett-Packard)
    HP Wireless Assistant (HKLM-x32\...\{340F521E-3576-4E1A-B75C-EB0ACF751379}) (Version: 3.00 J1 - Hewlett-Packard)
    HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabel_Tattoo (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabelContent1 (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
    hpphotosmartdisclabelplugin (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartPhotobookHolidayPack1 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartPhotobookModernPack1 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartPhotobookPlayfulPack1 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartPhotobookScrapbookPack1 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    HPPhotoSmartPhotobookWebPack1 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    HPTCSSetup (HKLM-x32\...\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}) (Version: 1.0.964.2626 - Hewlett-Packard Company)
    iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.5934.0 - IDT)
    InstallIQ Updater (HKLM-x32\...\{8E0E6383-9754-4471-939E-E4ABE02E3440}) (Version: 1.4.0.0 - W3i, LLC)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
    iPhone Configuration Utility (HKLM-x32\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
    iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
    Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
    Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.260 - Sun Microsystems, Inc.)
    Java(TM) 6 Update 5 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
    Java(TM) SE Development Kit 6 Update 14 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160140}) (Version: 1.6.0.140 - Sun Microsystems, Inc.)
    Java(TM) SE Development Kit 6 Update 18 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160180}) (Version: 1.6.0.180 - Sun Microsystems, Inc.)
    JavaFX(TM) 1.2 SDK (HKLM-x32\...\{5aa47dba-b584-4d47-a626-76e53fc2987d}) (Version: 1.2.0 - Sun Microsystems, Inc.)
    JMicron JMB38X Flash Media Controller (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.11.02 - JMicron Technology Corp.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    KateVoice (HKLM-x32\...\{3ACA2514-480B-4774-B986-AE4546B00381}) (Version: 1.00.0000 - naturalsoft)
    kikin plugin 2.8 (HKLM-x32\...\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}) (Version: 2.8 - kikin)
    LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2719 - CyberLink Corp.)
    Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version: - )
    Lexmark 2600 Series (HKLM\...\Lexmark 2600 Series) (Version: - Lexmark International, Inc.)
    Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version: - )
    LightScribe System Software 1.12.33.2 (HKLM-x32\...\{582287DA-0806-4AC0-BF19-C15E3A466034}) (Version: 1.12.33.2 - LightScribe)
    LimeWire 5.5.16 (HKLM-x32\...\LimeWire) (Version: 5.5.16 - Lime Wire, LLC)
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
    Mozilla Firefox 16.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0.1 (x86 en-US)) (Version: 16.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    muvee autoProducer 6.1 (HKLM-x32\...\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}) (Version: 6.10.050 - muvee Technologies)
    Natural Voice Crystal16 (HKLM-x32\...\{5B1C8D6A-0968-45BA-8D22-F002A94EC278}) (Version: 1.4 - NaturalReaders.com)
    Natural Voice Mike16 (HKLM-x32\...\{BA733C73-C917-4BEA-8285-1F6F077671FA}) (Version: 2.6.0 - Natural voices reader)
    NaturalReader10 (HKLM-x32\...\{A97657A7-A685-4EC4-AB91-534819E88EF9}) (Version: 10 - NaturalSoft)
    Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
    OfficeSharedAddInSetup (HKLM-x32\...\{3D316CFB-1825-4030-A13A-29D18DC6B177}) (Version: 1.0.0 - Smart Soft)
    Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
    ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)
    Oovoo Toolbar (HKLM-x32\...\{4F564F32-5637-006A-76A7-A758B70C0300}) (Version: 12.3.0.1000 - APN, LLC)
    ooVoo Video Chat Toolbar (HKLM-x32\...\ooVoo_Video_Chat Toolbar) (Version: 6.2.7.3 - ooVoo Video Chat)
    Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
    PaulVoice (HKLM-x32\...\{12F88D4F-B525-4F01-BD5E-522D81F049AF}) (Version: 1.00.0000 - naturalsoft)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
    PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
    Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3919 - CyberLink Corp.)
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2719 - CyberLink Corp.)
    PowerDirector (x32 Version: 6.5.2719 - CyberLink Corp.) Hidden
    ProtectSmart Hard Drive Protection (HKLM\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
    PSSWCORE (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
    QuickPlay SlingPlayer 0.4.6 (HKLM-x32\...\SlingMedia.QPSlingPlayer_is1) (Version: 0.4.6 - SlingMedia)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    QuickTime Alternative 1.90 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 1.90 - )
    Real Alternative 1.9.0 (HKLM-x32\...\RealAlt_is1) (Version: 1.9.0 - )
    RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
    Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
    Sakura (HKLM-x32\...\Sakura) (Version: - Image-Line)
    SaverAddon (HKLM-x32\...\{10A0E600-D246-BD63-F465-4C849C688998}) (Version: - SaverAddon) <==== ATTENTION
    Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line)
    Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    Shockwave (HKLM-x32\...\Shockwave) (Version: - )
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    Slingbox Flash Tour (HKLM-x32\...\{38EAC694-0D90-445F-8C17-8B50ADFE3162}) (Version: 1.0.0 - Sling Media)
    SlingPlayer (HKLM-x32\...\InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}) (Version: 1.04.0206 - Sling Media)
    SlingPlayer (x32 Version: 1.04.0206 - Sling Media) Hidden
    Smart PDF Converter Pro 6.1.0.442 (HKLM\...\Smart PDF Converter Pro_is1) (Version: 6.1.0.442 - Smart Soft)
    Spotify (HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
    SSH Secure Shell (HKLM-x32\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
    StartMeeting (HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\StartMeeting) (Version: 1.3.3245.1001 - Start Meeting LLC)
    The Matrix - Path of Neo (HKLM-x32\...\{E571E8B1-9771-465D-9DE0-3BA2D1BDAE99}) (Version: 1.00.0000 - Atari, Inc.)
    The Weather Channel App (HKLM-x32\...\The Weather Channel App) (Version: - )
    The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version: - )
    Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
    Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
    VideoToolkit01 (x32 Version: 100.0.128.000 - Hewlett-Packard) Hidden
    Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - )
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
    WorldWideCoupon (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - WorldWideCoupon) <==== ATTENTION
    Xvid 1.2.1 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
    Yahoo! BrowserPlus 2.7.1 (HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
    Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version: - )
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
    Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
    Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
    Yontoo Layers Client 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - Yontoo Technology, Inc.) <==== ATTENTION

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2032778173-3768824236-4078890220-1000_Classes\CLSID\{79E8FD71-F54B-42d4-A4F5-E7565DB58441}\localserver32 -> C:\Program Files (x86)\kikin\KikinBroker.exe (kikin)
    CustomCLSID: HKU\S-1-5-21-2032778173-3768824236-4078890220-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Joshua\AppData\Local\Temp\5FE7c6Fa.exe No File

    ==================== Restore Points =========================

    20-01-2015 00:50:35 Scheduled Checkpoint
    21-01-2015 04:57:45 Scheduled Checkpoint
    21-01-2015 21:06:29 Scheduled Checkpoint
    23-01-2015 01:21:12 Scheduled Checkpoint
    25-01-2015 17:29:51 Windows Update
    25-01-2015 20:12:39 Windows Update
    29-01-2015 02:10:57 Windows Update
    03-02-2015 03:04:46 Windows Update
    07-02-2015 14:25:33 Windows Update
    12-02-2015 16:47:47 Windows Update
    13-02-2015 04:01:03 Windows Update
    16-02-2015 04:00:12 Windows Update
    19-02-2015 22:19:28 Windows Update
    22-02-2015 23:14:28 Windows Update
    26-02-2015 18:59:06 Windows Update
    02-03-2015 23:20:26 Windows Update
    06-03-2015 03:56:09 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ::1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {12723996-40A7-45E0-B226-D55D4E281626} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
    Task: {144FCC69-BA82-49A5-9A26-FA5FFD27F782} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2032778173-3768824236-4078890220-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
    Task: {2B173B25-A3A2-4D01-802B-D2E91288541D} - \couponsupport-S-649636217 No Task File <==== ATTENTION
    Task: {2E42BF97-81F9-4F8E-B533-2904330D884E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {374A0629-9373-4840-BE96-FA1C647D5EE7} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
    Task: {45A55A17-276E-471C-9A88-8115313EC071} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {48D634D3-71DB-47B6-9600-5C50EA5F784E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {493DA5D1-3A73-4A55-8B2A-8A82590DDC7E} - System32\Tasks\Norton Security Scan for Joshua => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe [2014-01-27] (Symantec Corporation)
    Task: {4CE8530A-F6BC-4E3C-97DE-C521598AD375} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2032778173-3768824236-4078890220-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
    Task: {5610FB22-FDD7-4F58-ADFD-D7ABD6C3CEE6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2032778173-3768824236-4078890220-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
    Task: {5FEC47BC-DFE3-4ADB-A954-9C9E4DC91129} - System32\Tasks\Microsoft\Windows\RestartManager\{BB8703AE-8366-4db8-A9C0-2BA3F371EEE5} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
    Task: {801FBD66-1344-4FC4-91A8-7A5D6F5B4D38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {824D706A-364F-42EE-85FD-05028659669D} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
    Task: {98D559CF-425D-4535-BAD6-6826E59CF055} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
    Task: {C5BBC671-C797-4EA4-A139-1072A686C4AA} - \RocketTab Update Task No Task File <==== ATTENTION
    Task: {C76A3082-93BC-44B7-9A03-FEB91F51ED1B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2032778173-3768824236-4078890220-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
    Task: {D7A3E688-E9E8-4149-AC11-B07BCDA30E39} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
    Task: {D8B9194A-D765-4958-80D6-82134E29D4E6} - \RocketTab No Task File <==== ATTENTION
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\Norton Security Scan for Joshua.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
     
  6. Joshua Davidson

    Joshua Davidson TS Rookie Topic Starter

    ==================== Loaded Modules (whitelisted) ==============

    2010-11-29 12:08 - 2009-08-13 03:06 - 00177152 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
    2012-12-24 06:30 - 2012-12-24 06:30 - 01868432 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
    2008-08-04 04:06 - 2008-04-24 01:51 - 00292232 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    2008-08-04 04:06 - 2008-04-24 01:52 - 00112008 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
    2013-03-06 02:21 - 2013-03-06 02:21 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    2008-08-04 05:17 - 2008-04-25 18:15 - 00361808 _____ () C:\Windows\SMINST\BLService.exe
    2008-08-04 05:08 - 2007-01-09 04:25 - 00272024 _____ () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
    2014-10-12 22:54 - 2014-10-12 22:54 - 04303360 _____ () C:\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll
    2011-10-22 23:08 - 2011-08-12 18:37 - 00050576 _____ () C:\Program Files\Smart PDF Converter Pro\SmartSoft PDF Printer Agent.exe
    2010-09-01 01:39 - 2010-09-01 01:39 - 01164584 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2008-08-04 04:12 - 2008-04-11 11:04 - 00685360 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
    2014-08-19 07:30 - 2014-10-12 00:33 - 00613944 _____ () C:\Users\Joshua\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    2008-08-04 04:06 - 2008-04-24 01:51 - 00259472 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
    2008-08-04 04:06 - 2008-04-24 01:51 - 00038184 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
    2008-08-04 04:06 - 2008-04-24 01:51 - 00120200 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
    2008-08-04 04:06 - 2008-04-24 01:51 - 00345384 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
    2008-08-04 05:17 - 2007-11-14 18:46 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
    2013-02-10 23:40 - 2014-10-12 00:33 - 36966968 _____ () C:\Users\Joshua\AppData\Roaming\Spotify\Data\libcef.dll
    2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2010-09-01 01:39 - 2010-09-01 01:39 - 00095528 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2014-11-12 12:32 - 2014-11-12 12:32 - 31842816 _____ () C:\Program Files (x86)\AVG\Framework\Common\libcef.dll
    2014-08-19 07:30 - 2014-10-12 00:33 - 00867896 _____ () C:\Users\Joshua\AppData\Roaming\Spotify\Data\ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Users\Joshua\Downloads\launch.ica:icasource
    AlternateDataStreams: C:\Users\Joshua\Documents\to: Shelbie.docx

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2032778173-3768824236-4078890220-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joshua\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
    HKU\S-1-5-21-2032778173-3768824236-4078890220-501\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Silhouette.jpg
    DNS Servers: Media is not connected to internet.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2032778173-3768824236-4078890220-500 - Administrator - Disabled)
    Guest (S-1-5-21-2032778173-3768824236-4078890220-501 - Limited - Enabled) => C:\Users\Guest
    Joshua (S-1-5-21-2032778173-3768824236-4078890220-1000 - Administrator - Enabled) => C:\Users\Joshua

    ==================== Faulty Device Manager Devices =============

    Name: isatap.utsarr.net
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (03/16/2015 02:30:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TWCApp.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.Windows.Markup.XamlParseException
    Stack:
    at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
    at System.Windows.Threading.DispatcherOperation.InvokeImpl()
    at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Windows.Threading.DispatcherOperation.Invoke()
    at System.Windows.Threading.Dispatcher.ProcessQueue()
    at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
    at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
    at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
    at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
    at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
    at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
    at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
    at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
    at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
    at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
    at System.Windows.Threading.Dispatcher.Run()
    at System.Windows.Application.RunDispatcher(System.Object)
    at System.Windows.Application.RunInternal(System.Windows.Window)
    at System.Windows.Application.Run(System.Windows.Window)
    at DW.UI.App.Main()

    Error: (03/16/2015 02:28:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application Boingo Wi-Fi.exe, version 1.7.20.0, time stamp 0x4a5563dd, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000001,
    process id 0x1398, application start time 0xBoingo Wi-Fi.exe0.

    Error: (03/16/2015 02:25:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/15/2015 11:41:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TWCApp.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.Windows.Markup.XamlParseException
    Stack:
    at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
    at System.Windows.Threading.DispatcherOperation.InvokeImpl()
    at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Windows.Threading.DispatcherOperation.Invoke()
    at System.Windows.Threading.Dispatcher.ProcessQueue()
    at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
    at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
    at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
    at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
    at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
    at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
    at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
    at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
    at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
    at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
    at System.Windows.Threading.Dispatcher.Run()
    at System.Windows.Application.RunDispatcher(System.Object)
    at System.Windows.Application.RunInternal(System.Windows.Window)
    at System.Windows.Application.Run(System.Windows.Window)
    at DW.UI.App.Main()

    Error: (03/15/2015 11:21:58 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application Boingo Wi-Fi.exe, version 1.7.20.0, time stamp 0x4a5563dd, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000001,
    process id 0x2d8, application start time 0xBoingo Wi-Fi.exe0.

    Error: (03/15/2015 11:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/15/2015 04:22:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TWCApp.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.InvalidOperationException
    Stack:
    at Microsoft.FSharp.Core.LanguagePrimitives+IntrinsicFunctions.FailInit()
    at DW.ViewModels.MainWeatherViewModel.Finalize()

    Error: (03/15/2015 04:21:17 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application Boingo Wi-Fi.exe, version 1.7.20.0, time stamp 0x4a5563dd, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000001,
    process id 0x1540, application start time 0xBoingo Wi-Fi.exe0.

    Error: (03/15/2015 04:12:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/14/2015 01:45:18 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TWCApp.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.InvalidOperationException
    Stack:
    at Microsoft.FSharp.Core.LanguagePrimitives+IntrinsicFunctions.FailInit()
    at DW.ViewModels.MainWeatherViewModel.Finalize()


    System errors:
    =============
    Error: (03/16/2015 02:54:21 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 113.70.0.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:54:21 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.193.2077.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:54:21 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.193.2077.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:54:21 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.193.2077.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:35:43 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 113.70.0.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:35:43 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.193.2077.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:35:43 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.193.2077.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:35:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.193.2077.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/16/2015 02:35:17 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: ScRegSetValueExWFailureCommand%%5

    Error: (03/16/2015 02:34:20 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: ScRegSetValueExWStart%%5


    Microsoft Office Sessions:
    =========================
    Error: (03/10/2015 06:01:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 78 seconds with 60 seconds of active time. This session ended with a crash.

    Error: (01/19/2014 11:46:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 370 seconds with 180 seconds of active time. This session ended with a crash.

    Error: (01/01/2014 09:19:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.

    Error: (12/21/2013 04:50:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash.

    Error: (11/28/2013 05:04:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 137 seconds with 60 seconds of active time. This session ended with a crash.

    Error: (11/23/2013 05:33:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 226 seconds with 120 seconds of active time. This session ended with a crash.

    Error: (09/29/2013 02:48:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 45 seconds with 0 seconds of active time. This session ended with a crash.

    Error: (09/29/2013 02:41:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 49 seconds with 0 seconds of active time. This session ended with a crash.

    Error: (09/29/2013 02:32:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 349 seconds with 240 seconds of active time. This session ended with a crash.

    Error: (07/05/2013 01:36:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2087 seconds with 720 seconds of active time. This session ended with a crash.


    CodeIntegrity Errors:
    ===================================
    Date: 2015-03-16 15:05:27.457
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-03-16 15:05:26.906
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-03-16 15:05:26.404
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-03-16 15:05:26.000
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-12-14 21:04:28.932
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-12-14 21:04:25.969
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-12-14 21:04:22.980
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-12-14 21:04:19.999
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-12-14 21:04:16.424
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-12-14 21:04:13.754
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
    Percentage of memory in use: 50%
    Total physical RAM: 4058.03 MB
    Available physical RAM: 2027.41 MB
    Total Pagefile: 8343.31 MB
    Available Pagefile: 6114.14 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:221.65 GB) (Free:36.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (HP_RECOVERY) (Fixed) (Total:11.24 GB) (Free:1.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive f: (PATRICK) (Removable) (Total:7.34 GB) (Free:6.38 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 232.9 GB) (Disk ID: 19814382)
    Partition 1: (Active) - (Size=221.6 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=11.2 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.4 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================
     
  7. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    There is definitely some infection present so let's see what we can do...

    [​IMG] You're running two AV programs, MSE and AVG.
    You must uninstall one of them.
    If AVG use AVG Remover: http://www.avg.com/us-en/utilities

    [​IMG] Uninstall:

    Conduit Engine
    CouponSupport
    SaverAddon
    WorldWideCoupon
    Yontoo Layers Client


    If any of the above won't uninstall just let me know and continue with next steps which are....

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.

    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
      • Launch Malwarebytes Anti-Malware
      • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.


    If you already have MBAM 2.0 installed:

    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    How to get logs:
    (Export log to save as txt)


    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.


    (Copy to clipboard for pasting into forum replies or tickets)

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  8. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Still with me?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...