Inactive Slow internet connection

Montel2

Posts: 33   +0
Hi,

within a short time of "sharing" a social media website posting, I noticed my browser taking longer and longer to find web sites. A few days later I could no longer stream music from a radio station. what got my attention was when I my laptop off and closed, yet the power and disk drive LED lights indicated activity. I went to my event log, and while researching "blindDial" via google, I came across this web site. I tend to be a "do it yourself" person, but this is over my head and the more I read the posts here, the better I felt about asking for your help.
 
Here is my malwarebytes log.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/8/2014
Scan Time: 3:36:49 PM
Logfile: Mbam-log_201408_1626.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.08.08
Rootkit Database: v2014.12.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Linford

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 510813
Time Elapsed: 48 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.AZLyrics.A, C:\Users\Geoff\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage, , [5c0c69f77507af87735daa9ff1121ee2],
PUP.Optional.AZLyrics.A, C:\Users\Geoff\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal, , [1751a0c00d6fa096a52b4207867dbb45],

Physical Sectors: 0
(No malicious items detected)


(end)
 
DDS Text Log:


DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/11/2011 5:38:59 PM
System Uptime: 12/8/2014 1:34:54 PM (3 hours ago)
.
Motherboard: Hewlett-Packard | | 3627
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz | CPU | 1600/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 32.046 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.943 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: HP Photosmart D110
Device ID: ROOT\IMAGE\0000
Manufacturer: Hewlett-Packard
Name: HP Photosmart D110
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP654: 11/10/2014 7:25:18 PM - Windows Update
RP655: 11/11/2014 10:41:54 PM - Windows Update
RP656: 11/15/2014 5:16:51 PM - Windows Update
RP657: 11/16/2014 9:09:37 AM - Scheduled Checkpoint
RP658: 11/18/2014 7:20:49 PM - Removed SUPERAntiSpyware Free Edition
RP659: 11/18/2014 7:22:29 PM - Windows Update
RP660: 11/18/2014 7:39:08 PM - Windows Update
RP661: 11/18/2014 8:02:44 PM - Device Driver Package Install: BITDEFENDER S.R.L. System devices
RP662: 11/22/2014 10:09:20 PM - Windows Update
RP663: 11/26/2014 2:14:37 PM - Windows Update
RP664: 11/30/2014 12:39:38 PM - Windows Update
RP665: 12/1/2014 12:31:26 PM - Scheduled Checkpoint
RP666: 12/2/2014 10:26:29 AM - Scheduled Checkpoint
RP667: 12/3/2014 1:00:05 AM - Scheduled Checkpoint
RP668: 12/3/2014 6:52:14 PM - Scheduled Checkpoint
RP669: 12/5/2014 1:57:14 AM - Windows Update
RP670: 12/6/2014 1:00:40 AM - Scheduled Checkpoint
RP671: 12/6/2014 9:45:20 PM - Scheduled Checkpoint
RP672: 12/7/2014 5:03:00 PM - Installed HP Support Solutions Framework
RP673: 12/7/2014 8:12:27 PM - 07_Dec_14_2012Hrs
RP674: 12/8/2014 10:16:38 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
ActivClient CAC 6.1 x64
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader X (10.1.12)
Amazing Slow Downer (remove only)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bitdefender Antivirus Free Edition
Bonjour
Broadcom 802.11 Wireless LAN Adapter
BufferChm
CameraHelperMsi
CCleaner
Citrix Online Launcher
Citrix XenApp Web Plugin
ConvertHelper 2.2
D110
D3DX10
Destinations
DeviceDiscovery
erLT
ESET Online Scanner v3
Free M4a to MP3 Converter 7.2
GIMP 2.6.11
Google Chrome
GPBaseService2
Hewlett-Packard ACLM.NET v1.1.0.0
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP MediaSmart Music/Photo/Video
HP MediaSmart Webcam
HP Photo Creations
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Support Assistant
HP Support Solutions Framework
HP Update
HP Wireless Assistant
HPAppStudio
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
IDT Audio
Intel(R) Graphics Media Accelerator Driver
iTunes
Java 8 Update 25
Java Auto Updater
LightScribe System Software
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 2.0.4.1028
MarketResearch
Metro7 version 1.0
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Easy Assist v2
Microsoft Fix it Center
Microsoft Lync Web App Plug-in
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
MotoCast
MotoHelper MergeModules
Motorola Device Manager
Motorola Device Software Update
MOTOROLA MEDIA LINK
Motorola Mobile Drivers Installation 6.3.0
Mozilla Firefox 33.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Network64
PdaNet+ for Android 4.12
ProtectSmart Hard Drive Protection
PS_AIO_07_D110_SW_Min
QuickTime 7
QuickTransfer
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek USB 2.0 Card Reader
Safari
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2899526) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2899527) 32-Bit Edition
Segoe UI
Shop for HP Supplies
Skype Click to Call
Skype™ 6.11
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
Status
Synaptics Pointing Device Driver
TerraExplorer
Toolbox
TrayApp
Tweaking.com - Simple System Tweaker
Tweaking.com - Windows Repair (All in One)
Universal Adb Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899525) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
12/8/2014 9:39:18 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/8/2014 9:29:23 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
12/8/2014 9:29:23 AM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
12/8/2014 8:53:22 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/8/2014 4:27:41 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/8/2014 2:49:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
12/8/2014 2:48:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
12/8/2014 12:08:43 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 11:13:49 AM, Error: Service Control Manager [7022] - The Diagnostic System Host service hung on starting.
12/8/2014 10:45:20 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 bdftdif Beep DfsC gzflt NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx trufos Wanarpv6 ws2ifsl
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The PST Service service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Network Connections service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:44:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/8/2014 10:44:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/8/2014 1:37:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
12/8/2014 1:37:20 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
12/8/2014 1:37:20 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 1:37:20 PM, Error: Service Control Manager [7001] - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/8/2014 1:37:20 PM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/8/2014 1:16:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
12/8/2014 1:13:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 bdftdif Beep gzflt spldr trufos Wanarpv6
12/8/2014 1:13:43 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 1:13:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/8/2014 1:13:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/8/2014 1:13:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/8/2014 1:12:53 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
12/7/2014 8:06:55 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} to the user Linford-PC\Linford SID (S-1-5-21-76335557-1567907971-1813161301-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/7/2014 6:39:04 PM, Error: Service Control Manager [7034] - The UMVPFSrv service terminated unexpectedly. It has done this 1 time(s).
12/7/2014 5:17:58 PM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).
12/4/2014 8:21:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gzserv service.
12/4/2014 8:12:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
12/4/2014 8:12:25 PM, Error: Service Control Manager [7000] - The HP Support Solutions Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/4/2014 8:10:55 PM, Error: EventLog [6008] - The previous system shutdown at 8:09:26 PM on 12/4/2014 was unexpected.
12/4/2014 12:04:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
12/4/2014 12:04:49 AM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/3/2014 2:07:48 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 bdftdif Beep gzflt SASDIFSV SASKUTIL spldr trufos Wanarpv6
12/3/2014 12:45:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 bdftdif Beep DfsC gzflt NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx trufos Wanarpv6 ws2ifsl
12/3/2014 11:30:56 AM, Error: EventLog [6008] - The previous system shutdown at 11:28:38 AM on 12/3/2014 was unexpected.
12/3/2014 11:28:38 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
12/2/2014 11:50:00 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
12/2/2014 11:18:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
12/2/2014 11:18:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Motorola Device Manager service.
12/2/2014 11:15:44 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpsrv service.
.
==== End Of File ===========================
 
DDS Attach file:

DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/11/2011 5:38:59 PM
System Uptime: 12/8/2014 1:34:54 PM (3 hours ago)
.
Motherboard: Hewlett-Packard | | 3627
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz | CPU | 1600/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 32.046 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.943 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: HP Photosmart D110
Device ID: ROOT\IMAGE\0000
Manufacturer: Hewlett-Packard
Name: HP Photosmart D110
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP654: 11/10/2014 7:25:18 PM - Windows Update
RP655: 11/11/2014 10:41:54 PM - Windows Update
RP656: 11/15/2014 5:16:51 PM - Windows Update
RP657: 11/16/2014 9:09:37 AM - Scheduled Checkpoint
RP658: 11/18/2014 7:20:49 PM - Removed SUPERAntiSpyware Free Edition
RP659: 11/18/2014 7:22:29 PM - Windows Update
RP660: 11/18/2014 7:39:08 PM - Windows Update
RP661: 11/18/2014 8:02:44 PM - Device Driver Package Install: BITDEFENDER S.R.L. System devices
RP662: 11/22/2014 10:09:20 PM - Windows Update
RP663: 11/26/2014 2:14:37 PM - Windows Update
RP664: 11/30/2014 12:39:38 PM - Windows Update
RP665: 12/1/2014 12:31:26 PM - Scheduled Checkpoint
RP666: 12/2/2014 10:26:29 AM - Scheduled Checkpoint
RP667: 12/3/2014 1:00:05 AM - Scheduled Checkpoint
RP668: 12/3/2014 6:52:14 PM - Scheduled Checkpoint
RP669: 12/5/2014 1:57:14 AM - Windows Update
RP670: 12/6/2014 1:00:40 AM - Scheduled Checkpoint
RP671: 12/6/2014 9:45:20 PM - Scheduled Checkpoint
RP672: 12/7/2014 5:03:00 PM - Installed HP Support Solutions Framework
RP673: 12/7/2014 8:12:27 PM - 07_Dec_14_2012Hrs
RP674: 12/8/2014 10:16:38 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
ActivClient CAC 6.1 x64
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader X (10.1.12)
Amazing Slow Downer (remove only)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bitdefender Antivirus Free Edition
Bonjour
Broadcom 802.11 Wireless LAN Adapter
BufferChm
CameraHelperMsi
CCleaner
Citrix Online Launcher
Citrix XenApp Web Plugin
ConvertHelper 2.2
D110
D3DX10
Destinations
DeviceDiscovery
erLT
ESET Online Scanner v3
Free M4a to MP3 Converter 7.2
GIMP 2.6.11
Google Chrome
GPBaseService2
Hewlett-Packard ACLM.NET v1.1.0.0
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP MediaSmart Music/Photo/Video
HP MediaSmart Webcam
HP Photo Creations
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Support Assistant
HP Support Solutions Framework
HP Update
HP Wireless Assistant
HPAppStudio
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
IDT Audio
Intel(R) Graphics Media Accelerator Driver
iTunes
Java 8 Update 25
Java Auto Updater
LightScribe System Software
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 2.0.4.1028
MarketResearch
Metro7 version 1.0
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Easy Assist v2
Microsoft Fix it Center
Microsoft Lync Web App Plug-in
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
MotoCast
MotoHelper MergeModules
Motorola Device Manager
Motorola Device Software Update
MOTOROLA MEDIA LINK
Motorola Mobile Drivers Installation 6.3.0
Mozilla Firefox 33.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Network64
PdaNet+ for Android 4.12
ProtectSmart Hard Drive Protection
PS_AIO_07_D110_SW_Min
QuickTime 7
QuickTransfer
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek USB 2.0 Card Reader
Safari
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2899526) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2899527) 32-Bit Edition
Segoe UI
Shop for HP Supplies
Skype Click to Call
Skype™ 6.11
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
Status
Synaptics Pointing Device Driver
TerraExplorer
Toolbox
TrayApp
Tweaking.com - Simple System Tweaker
Tweaking.com - Windows Repair (All in One)
Universal Adb Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899525) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
12/8/2014 9:39:18 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/8/2014 9:29:23 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
12/8/2014 9:29:23 AM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
12/8/2014 8:53:22 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/8/2014 4:27:41 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/8/2014 2:49:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
12/8/2014 2:48:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
12/8/2014 12:08:43 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 11:13:49 AM, Error: Service Control Manager [7022] - The Diagnostic System Host service hung on starting.
12/8/2014 10:45:20 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 bdftdif Beep DfsC gzflt NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx trufos Wanarpv6 ws2ifsl
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The PST Service service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Network Connections service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:45:18 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/8/2014 10:44:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/8/2014 10:44:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/8/2014 1:37:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
12/8/2014 1:37:20 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
12/8/2014 1:37:20 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 1:37:20 PM, Error: Service Control Manager [7001] - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/8/2014 1:37:20 PM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/8/2014 1:16:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
12/8/2014 1:13:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 bdftdif Beep gzflt spldr trufos Wanarpv6
12/8/2014 1:13:43 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/8/2014 1:13:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/8/2014 1:13:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/8/2014 1:13:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/8/2014 1:12:53 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
12/7/2014 8:06:55 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} to the user Linford-PC\Linford SID (S-1-5-21-76335557-1567907971-1813161301-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/7/2014 6:39:04 PM, Error: Service Control Manager [7034] - The UMVPFSrv service terminated unexpectedly. It has done this 1 time(s).
12/7/2014 5:17:58 PM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).
12/4/2014 8:21:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gzserv service.
12/4/2014 8:12:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
12/4/2014 8:12:25 PM, Error: Service Control Manager [7000] - The HP Support Solutions Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/4/2014 8:10:55 PM, Error: EventLog [6008] - The previous system shutdown at 8:09:26 PM on 12/4/2014 was unexpected.
12/4/2014 12:04:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
12/4/2014 12:04:49 AM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/3/2014 2:07:48 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 bdftdif Beep gzflt SASDIFSV SASKUTIL spldr trufos Wanarpv6
12/3/2014 12:45:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 bdftdif Beep DfsC gzflt NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx trufos Wanarpv6 ws2ifsl
12/3/2014 11:30:56 AM, Error: EventLog [6008] - The previous system shutdown at 11:28:38 AM on 12/3/2014 was unexpected.
12/3/2014 11:28:38 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
12/2/2014 11:50:00 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
12/2/2014 11:18:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
12/2/2014 11:18:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Motorola Device Manager service.
12/2/2014 11:15:44 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpsrv service.
.
==== End Of File ===========================
 
Welcome aboard


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

You posted Attach.txt from DDS twice.
I still need DDS.txt log.
 
Sorry about that, thank you for being willing to assist me, the proper DDS.txt log is below:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16592 BrowserJavaVersion: 11.25.2
Run by Linford at 16:28:38 on 2014-12-08
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3998.1427 [GMT -5:00]
.
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\taskeng.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\Linford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Linford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Linford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
EB: {555D4D79-4BD2-4094-A395-CFC534424A05} - <orphaned>
EB: {555D4D79-4BD2-4094-A395-CFC534424A05} - <orphaned>
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: MemCheckBoxInRunDlg = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - <no file>
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A6B3DB85-6F58-4ADB-8943-5C07A3FC4D3E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EE474FD0-7ED4-43E2-B61D-665786517434} : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - <no file>
Notify: SDWinLogon - SDWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-Run: [SysTrayApp] C:\Program Files (x86)\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-Explorer: MemCheckBoxInRunDlg = dword:1
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
x64-mPolicies-System: ConsentPromptBehaviorUser = dword:3
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Linford\AppData\Roaming\Mozilla\Firefox\Profiles\acrt07sy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.rr.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Linford\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\Linford\AppData\Roaming\Mozilla\Firefox\Profiles\acrt07sy.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Users\Linford\AppData\Roaming\Mozilla\plugins\npicaN.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
FF - ExtSQL: !HIDDEN! 2011-12-17 15:51; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - dac332c4-2917-4d5d-bd56-04fb8d5a019e
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,BestVideoDownloader,BestVideoDownloader,
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-11-18 718840]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-11-18 148696]
R2 accoca;ActivClient Middleware Service;C:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-6-25 241456]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe [2013-7-26 89600]
R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-7 87992]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2014-11-18 69368]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-9-15 89352]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-6-15 65657]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-12-5 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-12-5 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-12-5 171928]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-11-18 593144]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-9-4 64000]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-9-21 126464]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-12-7 129752]
R3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2013-11-17 15360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-9-11 1012344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2013-3-20 6144]
S3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2014-6-20 57024]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2014-8-13 90776]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;QuickCam Pro for Notebooks(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 MatSvc;Microsoft Automated Troubleshooting Service;C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2011-6-13 343856]
S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2013-3-26 32768]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2013-3-19 23552]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2013-3-19 27648]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
.
=============== File Associations ===============
.
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2014-12-08 20:36:45 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-08 19:46:49 37624 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-12-08 19:34:24 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-08 18:49:24 320936 ----a-w- C:\Windows\System32\javaws.exe
2014-12-08 18:49:24 191400 ----a-w- C:\Windows\System32\javaw.exe
2014-12-08 18:49:24 190888 ----a-w- C:\Windows\System32\java.exe
2014-12-05 01:41:30 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2014-11-26 20:03:11 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 20:03:11 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-21 11:14:18 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 11:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 11:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-12 03:43:28 103374192 ----a-w- C:\Windows\System32\mrt.exe
2014-11-04 19:30:58 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-27 20:32:45 17870336 ----a-w- C:\Windows\System32\mshtml.dll
2014-10-27 20:13:57 2339840 ----a-w- C:\Windows\System32\jscript9.dll
2014-10-27 20:12:24 10921472 ----a-w- C:\Windows\System32\ieframe.dll
2014-10-27 20:07:15 1388032 ----a-w- C:\Windows\System32\urlmon.dll
2014-10-27 20:06:55 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-10-27 20:05:41 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-10-27 20:05:26 237056 ----a-w- C:\Windows\System32\url.dll
2014-10-27 20:05:13 86016 ----a-w- C:\Windows\System32\jsproxy.dll
2014-10-27 20:04:52 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-10-27 20:04:38 2157056 ----a-w- C:\Windows\System32\iertutil.dll
2014-10-27 20:04:37 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-10-27 20:04:29 816640 ----a-w- C:\Windows\System32\jscript.dll
2014-10-27 20:04:26 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2014-10-27 20:04:09 453120 ----a-w- C:\Windows\System32\dxtmsft.dll
2014-10-27 20:03:59 282112 ----a-w- C:\Windows\System32\dxtrans.dll
2014-10-27 20:03:57 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll
2014-10-27 20:03:54 11264 ----a-w- C:\Windows\System32\msfeedssync.exe
2014-10-27 20:03:41 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2014-10-27 20:03:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-10-27 20:03:21 12800 ----a-w- C:\Windows\System32\mshta.exe
2014-10-27 20:03:05 248320 ----a-w- C:\Windows\System32\ieui.dll
2014-10-27 19:10:22 12366848 ----a-w- C:\Windows\SysWow64\mshtml.dll
2014-10-27 19:05:44 1810944 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-10-27 19:02:37 9739776 ----a-w- C:\Windows\SysWow64\ieframe.dll
2014-10-27 18:59:41 1139712 ----a-w- C:\Windows\SysWow64\urlmon.dll
2014-10-27 18:59:06 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-10-27 18:58:19 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-10-27 18:57:36 231936 ----a-w- C:\Windows\SysWow64\url.dll
2014-10-27 18:57:18 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2014-10-27 18:56:58 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-10-27 18:56:40 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-10-27 18:56:15 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2014-10-27 18:56:10 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2014-10-27 18:56:08 1802752 ----a-w- C:\Windows\SysWow64\iertutil.dll
2014-10-27 18:55:50 41472 ----a-w- C:\Windows\SysWow64\msfeedsbs.dll
2014-10-27 18:55:44 353792 ----a-w- C:\Windows\SysWow64\dxtmsft.dll
2014-10-27 18:55:39 223232 ----a-w- C:\Windows\SysWow64\dxtrans.dll
2014-10-27 18:55:32 10752 ----a-w- C:\Windows\SysWow64\msfeedssync.exe
2014-10-27 18:55:28 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2014-10-27 18:55:20 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-10-27 18:55:17 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-10-27 18:54:43 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2014-10-24 01:04:29 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-24 01:03:40 499200 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-10-24 00:39:49 77312 ----a-w- C:\Windows\System32\packager.dll
2014-10-24 00:39:19 656384 ----a-w- C:\Windows\System32\kerberos.dll
2014-10-18 01:08:10 564224 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-18 00:46:22 847360 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-12 23:52:40 2782208 ----a-w- C:\Windows\System32\win32k.sys
2014-10-10 01:10:24 548352 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-10 01:09:30 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-10 01:09:23 1689600 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-10 01:01:46 77312 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-10 01:00:34 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-09 23:53:20 619520 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-09 23:22:16 619520 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-03 01:18:20 274432 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:17:16 396800 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:17:16 115712 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:03:12 313344 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 01:02:20 201728 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 01:01:59 474624 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 01:01:59 446976 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-02 23:49:01 88576 ----a-w- C:\Windows\SysWow64\audiodg.exe
2014-10-02 18:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 18:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2014-09-19 00:50:45 278528 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 00:45:00 347136 ----a-w- C:\Windows\System32\schannel.dll
.
============= FINISH: 16:29:31.77 ===============
 
redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download
51a5f31352b88-icon_MBAR.png
Malwarebytes Anti-Rootkit to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"
NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.
 
I downloaded RogueKiller and immediately upon opening the program I got a warning that said "this application has failed to start because wbemcomn.dll was not found. Re-installing the application may fix this problem. I noticed the browser was open, so I closed it and did a second run with the same results. Both logs are posted below:

Scan#1:
RogueKiller V10.0.9.0 [Dec 8 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User : Linford [Administrator]
Mode : Scan -- Date : 12/08/2014 22:13:24

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-76335557-1567907971-1813161301-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:8080 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-76335557-1567907971-1813161301-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:8080 -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 44 (Driver: Not loaded [0xc000036b]) ¤¤¤
[IAT:Inl] (firefox.exe) ntdll.dll - NtOpenFile : Unknown @ 0x7514079f (jmp 0xfffffffffe039809|jmp 0xffffffffffffd57a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtSetValueKey : Unknown @ 0x7514079f (jmp 0xfffffffffe039cb9|jmp 0xffffffffffffcc92|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7514079f (jmp 0xfffffffffe037675|jmp 0xffffffffffffda3a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x7514079f (jmp 0xfffffffffe038641|jmp 0xffffffffffffe87a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtCreateSection : Unknown @ 0x7514079f (jmp 0xfffffffffe039d99|jmp 0xffffffffffffcdc2|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtSetInformationProcess : Unknown @ 0x7514079f (jmp 0xfffffffffe039441|jmp 0xffffffffffffdb6a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtOpenSection : Unknown @ 0x7514079f (jmp 0xfffffffffe039ec9|jmp 0xffffffffffffce5a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtMapViewOfSection : Unknown @ 0x7514079f (jmp 0xfffffffffe037ef1|jmp 0xffffffffffffef9a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtUnmapViewOfSection : Unknown @ 0x7514079f (jmp 0xfffffffffe037f59|jmp 0xffffffffffffef02|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x7514079f (jmp 0xfffffffffe038561|jmp 0xffffffffffffe74a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - RtlCreateProcessParametersEx : Unknown @ 0x7514079f (jmp 0xfffffffffe03b7cd|jmp 0xffffffffffffddca|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7514079f (jmp 0xfffffffffe038331|jmp 0xffffffffffffe9aa|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x7514079f (jmp 0xfffffffffe039229|jmp 0xffffffffffffdc02|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x7514079f (jmp 0xfffffffffe039489|jmp 0xffffffffffffcef2|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x7514079f (jmp 0xfffffffffe036a25|jmp 0xffffffffffffe912|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x7514079f (jmp 0xfffffffffe036945|jmp 0xffffffffffffe61a|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtQueueApcThread : Unknown @ 0x7514079f (jmp 0xfffffffffe0383f1|jmp 0xffffffffffffe7e2|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7514079f (jmp 0xfffffffffe0375e9|jmp 0xffffffffffffeca2|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtProtectVirtualMemory : Unknown @ 0x7514079f (jmp 0xfffffffffe039979|jmp 0xffffffffffffd152|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - CreateToolhelp32Snapshot : Unknown @ 0x7514079f (jmp 0xfffffffffeb60e0e|jmp 0xffffffffffffe6b2|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - CreateThread : Unknown @ 0x7514079f (jmp 0xfffffffffebd9ddf|jmp 0xffffffffffffe452|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - VirtualProtectEx : Unknown @ 0x7514079f (jmp 0xfffffffffebda6e3|jmp 0xffffffffffffd1ea|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - VirtualProtect : Unknown @ 0x7514079f (jmp 0xfffffffffebe252d|jmp 0xffffffffffffd282|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - HeapCreate : Unknown @ 0x7514079f (jmp 0xfffffffffebdfdfe|jmp 0xffffffffffffd31a|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - WriteProcessMemory : Unknown @ 0x7514079f (jmp 0xfffffffffebe14f5|jmp 0xffffffffffffe3ba|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtVdmControl : Unknown @ 0x7514079f (jmp 0xfffffffffe03750d|jmp 0xffffffffffffd90a|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - CreateProcessInternalW : Unknown @ 0x7514079f (jmp 0xfffffffffebc49ca|jmp 0xffffffffffffea42|call 0x1f7)
[IAT:Inl] (firefox.exe) USER32.dll - GetMessageA : Unknown @ 0x7514079f (jmp 0xfffffffffec9d178|jmp 0xffffffffffffd7da|call 0x1f7)
[IAT:Inl] (firefox.exe) USER32.dll - PostMessageW : Unknown @ 0x7514079f (jmp 0xfffffffffeca92e1|jmp 0xffffffffffffd612|call 0x1f7)
[IAT:Inl] (firefox.exe) USER32.dll - PostMessageA : Unknown @ 0x7514079f (jmp 0xfffffffffeca2911|jmp 0xffffffffffffd6aa|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - CloseServiceHandle : Unknown @ 0x7514079f (jmp 0xffffffffffeca47c|jmp 0xffffffffffffde62|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - OpenServiceW : Unknown @ 0x7514079f (jmp 0xffffffffffec9fa5|jmp 0xffffffffffffe28a|call 0x1f7)
[IAT:Inl] (firefox.exe) USER32.dll - SetWindowsHookExW : Unknown @ 0x7514079f (jmp 0xfffffffffeca13df|jmp 0xffffffffffffedd2|call 0x1f7)
[IAT:Inl] (firefox.exe) USER32.dll - GetMessageW : Unknown @ 0x7514079f (jmp 0xfffffffffec9d00a|jmp 0xffffffffffffd742|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - CreateServiceA : Unknown @ 0x7514079f (jmp 0xffffffffffe6b5b0|jmp 0xffffffffffffdd32|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - ChangeServiceConfigA : Unknown @ 0x7514079f (jmp 0xffffffffffe6b818|jmp 0xffffffffffffdf92|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - OpenServiceA : Unknown @ 0x7514079f (jmp 0xffffffffffecf3a4|jmp 0xffffffffffffe322|call 0x1f7)
[IAT:Inl] (firefox.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x7514079f (jmp 0xfffffffffe0382e1|jmp 0xffffffffffffdad2|call 0x1f7)
[IAT:Inl] (firefox.exe) KERNEL32.dll - CreateRemoteThread : Unknown @ 0x7514079f (jmp 0xfffffffffebd94d0|jmp 0xffffffffffffed3a|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - ChangeServiceConfigW : Unknown @ 0x7514079f (jmp 0xffffffffffe6b708|jmp 0xffffffffffffdefa|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - ControlService : Unknown @ 0x7514079f (jmp 0xffffffffffea8509|jmp 0xffffffffffffe0c2|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - CreateServiceW : Unknown @ 0x7514079f (jmp 0xffffffffffea8a35|jmp 0xffffffffffffdc9a|call 0x1f7)
[IAT:Inl] (firefox.exe) ADVAPI32.dll - DeleteService : Unknown @ 0x7514079f (jmp 0xffffffffffea84db|jmp 0xffffffffffffe02a|call 0x1f7)
[IAT:Inl] (firefox.exe) USER32.dll - SetWinEventHook : Unknown @ 0x7514079f (jmp 0xfffffffffec8bb5b|jmp 0xffffffffffffe4ea|call 0x1f7)

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] acrt07sy.default : user_pref("browser.startup.homepage", "http://www.twcc.com/"); -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] fbcad29b7c7a0d27a94065438390ee47
[BSP] ec1b0a4346ca50fced1d504bb503f2ee : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 292472 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 598984704 | Size: 12769 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_06192014_165611.log - RKreport_DEL_06192014_170357.log - RKreport_DEL_06202014_221704.log - RKreport_DEL_12082014_151708.log
RKreport_SCN_06192014_165519.log - RKreport_SCN_06192014_170137.log - RKreport_SCN_06202014_220713.log - RKreport_SCN_12082014_145547.log
RKreport_SCN_12082014_152103.log

Scan#2:
RogueKiller V10.0.9.0 [Dec 8 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User : Linford [Administrator]
Mode : Delete -- Date : 12/08/2014 22:24:42

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-76335557-1567907971-1813161301-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:8080 -> Deleted
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-76335557-1567907971-1813161301-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : localhost:8080 -> ERROR [2]

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] acrt07sy.default : user_pref("browser.startup.homepage", "http://www.twcc.com/"); -> Replaced (about:home)

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] fbcad29b7c7a0d27a94065438390ee47
[BSP] ec1b0a4346ca50fced1d504bb503f2ee : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 292472 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 598984704 | Size: 12769 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_06192014_165611.log - RKreport_DEL_06192014_170357.log - RKreport_DEL_06202014_221704.log - RKreport_DEL_12082014_151708.log
RKreport_SCN_06192014_165519.log - RKreport_SCN_06192014_170137.log - RKreport_SCN_06202014_220713.log - RKreport_SCN_12082014_145547.log
RKreport_SCN_12082014_152103.log - RKreport_SCN_12082014_221324.log - RKreport_SCN_12082014_221729.log - RKreport_SCN_12082014_222408.log
 
I am unable to create a system restore point. When I checked the box for the drive of the system restore point I got a warning pop up- "Unable to create restore point due to catastrophic failure" (0x8000FFFF)". successive attempts results in the window hanging up.
 
I skipped the restore point, ran Malwarebytes Anti-Rootkit and it said congratulations, nothing detected.
 
Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
Hi,
Combo fix has been running for almost twelve hours, (I fell asleep). The screen says "deleting files:" and it has only deleted one file- "c:\windows\wininit.INI"

Let it run, or close it?
 
I tried, the computer will not allow it to create restore points in safe mode and it stalls out in normal mode regardless of using Rkill beforehand. Unable to create restore points under any circumstances.
 
redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

redtarget.gif
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
 
Here are the logs for ADW and JRT:

# AdwCleaner v4.105 - Report created 10/12/2014 at 13:16:19
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Local]
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Linford - LINFORD-PC
# Running from : C:\Users\Linford\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\Uniblue
[!] Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
[!] Folder Deleted : C:\Users\Geoff\AppData\LocalLow\SimplyTech
[!] Folder Deleted : C:\Users\Linford\AppData\Local\eSupport.com
[!] Folder Deleted : C:\Users\Linford\AppData\Local\PackageAware
[!] Folder Deleted : C:\Users\Linford\AppData\LocalLow\HPAppData
[!] Folder Deleted : C:\Users\Linford\AppData\Roaming\0D0S1L2Z1P1B
[!] Folder Deleted : C:\Users\Linford\AppData\Roaming\DigitalSites
[!] Folder Deleted : C:\Users\Linford\AppData\Roaming\HPAppData
File Deleted : C:\Users\Linford\AppData\Roaming\Mozilla\Firefox\Profiles\acrt07sy.default\searchplugins\bingp.xml
File Deleted : C:\Users\Geoff\AppData\Roaming\Mozilla\Firefox\Profiles\w2z074w4.default-1393627998171\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Zip Extractor Packages

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599


-\\ Mozilla Firefox v33.1 (x86 en-US)

[acrt07sy.default\prefs.js] - Line Deleted : user_pref("0E9A6913-3CC7-4511-BE2D-424E9F8A8EF0.license", "M2iNThT%2BaaB52q%2BoEpowgBSI8o6deoaCi7NfHKJfGjY6CrmCCbRlBemnUeXCf31OjbsMl3mSSBIi9A2h%2FcXDeBX%2FtJiZ0q4TuL7aFNKD37iDJ%2BgQZUdbOkKfRZi4QyH1mxS[...]

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [4191 octets] - [10/12/2014 11:29:30]
AdwCleaner[R1].txt - [3027 octets] - [10/12/2014 13:10:27]
AdwCleaner[S0].txt - [2893 octets] - [10/12/2014 13:16:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2953 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Linford on Wed 12/10/2014 at 13:23:04.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}
Failed to delete: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Linford\AppData\Roaming\mozilla\firefox\profiles\acrt07sy.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/10/2014 at 13:32:12.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Farbar log Part one:


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by Linford (administrator) on LINFORD-PC on 10-12-2014 13:40:50
Running from C:\Users\Linford\Desktop
Loaded Profile: Linford (Available profiles: Linford & Geoff & Khari & Kemba & Trini)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accoca.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
(Agere Systems) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [370992 2007-06-25] (ActivIdentity)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [442368 2009-06-03] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\* <====== ATTENTION
HKLM Group Policy restriction on software: %SystemRoot%\Fonts\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\* <====== ATTENTION
HKLM Group Policy restriction on software: %SystemDrive%\$Recycle.Bin\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Skype\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Package Cache\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Internet Explorer\Quick Launch\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Microsoft\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Adobe\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Oracle\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Windows\Start Menu\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Oracle\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %SystemDrive%\Users\Public\Desktop\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\LocalLow\Oracle\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Microsoft\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\LocalLow\Sun\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\Downloads\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Windows\Recent\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\Desktop\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\temp\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\* <====== ATTENTION
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-76335557-1567907971-1813161301-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-76335557-1567907971-1813161301-1000\...\Policies\Explorer: [NoInstrumentation] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk
ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\Windows\System32\WPDShServiceObj.dll (Microsoft Corporation)
SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\Windows\SysWOW64\WPDShServiceObj.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-76335557-1567907971-1813161301-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-76335557-1567907971-1813161301-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-76335557-1567907971-1813161301-1000 -> DefaultScope {AB64C8D8-16F0-46EE-B658-1EEDB17B7E48} URL = http://www.bing.com/search?FORM=U270DF&PC=U270&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-76335557-1567907971-1813161301-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-76335557-1567907971-1813161301-1000 -> {7E19B4F4-8D4F-471E-9791-AA9C1FA23630} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-76335557-1567907971-1813161301-1000 -> {AB64C8D8-16F0-46EE-B658-1EEDB17B7E48} URL = http://www.bing.com/search?FORM=U270DF&PC=U270&q={searchTerms}&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler-x32: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - c:\Users\Geoff\AppData\Roaming\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline Software Systems Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Linford\AppData\Roaming\Mozilla\Firefox\Profiles\acrt07sy.default
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://www.msn.com/en-us/?pc=U270&ocid=U270DHP
FF Keyword.URL: hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-76335557-1567907971-1813161301-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Linford\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-76335557-1567907971-1813161301-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Linford\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Extension: WOT - C:\Users\Linford\AppData\Roaming\Mozilla\Firefox\Profiles\acrt07sy.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-12-09]
FF Extension: Bitdefender QuickScan - C:\Users\Linford\AppData\Roaming\Mozilla\Firefox\Profiles\acrt07sy.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-11-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-12]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-12]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-12]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-17]
FF HKU\S-1-5-21-76335557-1567907971-1813161301-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Linford\AppData\Local\Google\Chrome\User Data\Default
CHR StartMenuInternet: Google Chrome - C:\Users\Geoff\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 accoca; C:\Program Files\ActivIdentity\ActivClient\accoca.exe [241456 2007-06-25] (ActivIdentity)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2008-08-26] (Agere Systems)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [41984 2008-01-20] (Microsoft Corporation)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NtmsSvc; C:\Windows\system32\ntmssvc.dll [521216 2008-01-20] (Microsoft Corporation)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S2 SDRSVC; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S2 SDRSVC; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [239104 2009-06-03] (IDT, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [427008 2010-04-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2014-06-19] (Emsisoft GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [0 2014-11-18] () [File not signed]
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [138920 2013-04-17] (Bitdefender SRL)
S1 Beep; No ImagePath
S3 cleanhlp; C:\EEK\RUN\cleanhlp64.sys [57024 2014-06-19] (Emsisoft GmbH)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192512 2008-01-20] (Intel Corporation)
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2014-12-09] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]
S3 USBCCID; C:\Windows\System32\DRIVERS\usbccid.sys [38400 2009-04-11] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 NTPASp50a64; System32\Drivers\NTPASp50a64.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
Farbar Log Part Two:

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 13:40 - 2014-12-10 13:41 - 00021091 _____ () C:\Users\Linford\Desktop\FRST.txt
2014-12-10 13:32 - 2014-12-10 13:32 - 00001361 _____ () C:\Users\Linford\Desktop\JRT.txt
2014-12-10 13:06 - 2014-12-10 13:06 - 00277744 _____ () C:\Windows\Minidump\Mini121014-01.dmp
2014-12-10 13:05 - 2014-12-10 13:05 - 578422123 _____ () C:\Windows\MEMORY.DMP
2014-12-10 12:52 - 2014-12-10 12:52 - 00000000 ____D () C:\Windows\pss
2014-12-10 12:04 - 2014-12-10 12:22 - 00000000 ____D () C:\Program Files\UVK - Ultra Virus Killer
2014-12-10 12:04 - 2014-12-10 12:04 - 00001768 _____ () C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk
2014-12-10 12:03 - 2014-12-10 12:03 - 05810688 _____ (Carifred) C:\Users\Linford\Desktop\UVKPortable.exe
2014-12-10 11:37 - 2014-11-06 20:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 11:37 - 2014-11-06 20:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:37 - 2014-11-03 19:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 11:37 - 2014-11-03 19:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 11:35 - 2014-12-02 21:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-10 11:35 - 2014-12-02 20:51 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-10 11:34 - 2014-11-24 17:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 11:34 - 2014-11-24 16:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 11:34 - 2014-11-24 16:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 11:34 - 2014-11-24 16:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 11:34 - 2014-11-24 16:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 11:34 - 2014-11-24 16:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 11:34 - 2014-11-24 16:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 11:34 - 2014-11-24 16:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-10 11:34 - 2014-11-24 16:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 11:34 - 2014-11-24 16:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-10 11:34 - 2014-11-24 16:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-10 11:34 - 2014-11-24 16:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 11:34 - 2014-11-24 16:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 11:34 - 2014-11-24 16:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-10 11:34 - 2014-11-24 16:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 11:34 - 2014-11-24 15:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 11:34 - 2014-11-24 15:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 11:34 - 2014-11-24 15:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 11:34 - 2014-11-24 15:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 11:34 - 2014-11-24 15:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 11:34 - 2014-11-24 15:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 11:34 - 2014-11-24 15:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 11:34 - 2014-11-24 15:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-10 11:34 - 2014-11-24 15:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 11:34 - 2014-11-24 15:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 11:34 - 2014-11-24 15:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 11:34 - 2014-11-24 15:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 11:34 - 2014-11-24 15:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 11:34 - 2014-11-24 15:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 11:34 - 2014-11-24 15:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-10 11:34 - 2014-11-24 15:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 11:34 - 2014-11-24 15:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 11:34 - 2014-11-24 15:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 11:34 - 2014-11-24 15:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 11:34 - 2014-11-24 15:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 11:34 - 2014-11-24 15:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-10 11:34 - 2014-11-24 15:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-10 11:29 - 2014-12-10 13:16 - 00000000 ____D () C:\AdwCleaner
2014-12-09 23:30 - 2014-12-09 23:30 - 00000000 ____D () C:\Users\Linford\AppData\Roaming\SUPERAntiSpyware.com
2014-12-09 23:30 - 2014-12-09 23:30 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-09 23:30 - 2014-12-09 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-09 23:29 - 2014-12-09 23:29 - 05073240 _____ (Microsoft Corporation) C:\Users\Linford\Downloads\vcredist_x86.exe
2014-12-09 23:29 - 2014-12-09 23:29 - 02238600 _____ (Microsoft Corporation) C:\Users\Linford\Downloads\DefaultPack.EXE
2014-12-09 22:24 - 2014-12-09 22:29 - 00000000 ____D () C:\ProgramData\UVK
2014-12-09 22:01 - 2014-12-09 22:10 - 308385792 _____ () C:\Users\Linford\Desktop\kav_rescue_10.iso
2014-12-09 21:52 - 2014-12-10 11:52 - 00035279 _____ () C:\Windows\iis7.log
2014-12-09 21:52 - 2014-12-09 21:52 - 00000000 ____D () C:\inetpub
2014-12-09 21:12 - 2014-12-09 21:13 - 36904648 _____ (Microsoft Corporation) C:\Users\Linford\Downloads\Windows-KB890830-x64-V5.19.exe
2014-12-09 21:06 - 2014-12-09 21:06 - 00907264 _____ () C:\Users\Linford\Desktop\NtBackupRestore_Win64.msi
2014-12-09 20:42 - 2014-12-09 20:42 - 02238600 _____ (Microsoft Corporation) C:\Users\Linford\Desktop\DefaultPack.EXE
2014-12-09 20:35 - 2014-12-09 20:35 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-09 20:08 - 2014-12-09 20:15 - 03129816 _____ () C:\re-regdll.bat
2014-12-09 20:06 - 2014-12-09 20:06 - 27475934 _____ () C:\Users\Linford\Documents\services.dmp
2014-12-09 19:37 - 2014-12-09 19:37 - 00000000 ____D () C:\your_name14223y
2014-12-09 19:36 - 2014-12-09 19:37 - 00000000 ___SD () C:\32788R22FWJFW
2014-12-09 19:07 - 2014-12-09 19:08 - 16489198 _____ () C:\Users\Linford\Desktop\unhackme.zip
2014-12-09 18:41 - 2014-12-10 13:40 - 00000000 ____D () C:\FRST
2014-12-09 18:38 - 2014-12-09 18:38 - 02119680 _____ (Farbar) C:\Users\Linford\Desktop\FRST64.exe
2014-12-09 18:25 - 2014-12-09 18:25 - 00000000 ____D () C:\Windows\ERUNT
2014-12-09 18:24 - 2014-12-09 18:24 - 01707646 _____ (Thisisu) C:\Users\Linford\Desktop\JRT.exe
2014-12-09 18:16 - 2014-12-09 18:16 - 02166272 _____ () C:\Users\Linford\Desktop\adwcleaner_4.105.exe
2014-12-09 18:06 - 2014-12-09 18:06 - 00000000 ____D () C:\_OTL
2014-12-09 14:35 - 2014-12-09 14:35 - 00000000 ____D () C:\your_name3091y
2014-12-09 14:34 - 2014-12-09 14:34 - 00000000 ____D () C:\your_name16443y
2014-12-09 14:27 - 2014-12-09 14:27 - 00000000 ____D () C:\your_name32065y
2014-12-09 14:15 - 2014-12-09 14:15 - 00000000 ____D () C:\your_name21837y
2014-12-09 14:14 - 2014-12-09 14:14 - 00000000 ____D () C:\your_name
2014-12-09 13:56 - 2014-12-09 13:56 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Linford\Desktop\iExplore.exe
2014-12-09 13:48 - 2014-12-09 13:48 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Linford\Downloads\iExplore.exe
2014-12-09 13:43 - 2014-12-09 13:43 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Linford\Desktop\rkill64.exe
2014-12-08 23:20 - 2014-12-08 23:20 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Linford\Desktop\mbar-1.08.2.1001.exe
2014-12-08 23:18 - 2014-12-09 22:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-08 23:18 - 2014-12-08 23:20 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-08 23:18 - 2014-12-08 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-08 23:18 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-08 23:18 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-08 22:05 - 2014-12-08 22:06 - 15201368 _____ () C:\Users\Linford\Desktop\RogueKiller.exe
2014-12-08 21:07 - 2014-12-08 21:07 - 00017339 _____ () C:\Users\Public\Documents\Combofix_08_Dec_2014.txt
2014-12-08 21:06 - 2014-12-08 21:06 - 00019080 _____ () C:\Users\Public\Documents\RKreport_SCN_12082014_145547.log
2014-12-08 16:26 - 2014-12-10 13:40 - 00000000 ____D () C:\Users\Linford\Desktop\TechSpot Log Items
2014-12-08 15:38 - 2014-12-08 15:38 - 00688992 ____R (Swearware) C:\Users\Linford\Desktop\dds.com
2014-12-08 14:46 - 2014-12-09 14:29 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-12-08 14:46 - 2014-12-08 14:46 - 18315864 _____ () C:\Users\Linford\Downloads\RogueKillerX64.exe
2014-12-08 14:35 - 2014-12-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-08 14:32 - 2014-12-08 14:32 - 00638888 _____ (Oracle Corporation) C:\Users\Linford\Downloads\chromeinstall-8u25 (1).exe
2014-12-08 13:57 - 2014-12-08 13:57 - 00000000 ____D () C:\ProgramData\Sun
2014-12-08 13:50 - 2014-12-08 13:50 - 00638888 _____ (Oracle Corporation) C:\Users\Linford\Downloads\chromeinstall-8u25.exe
2014-12-08 13:17 - 2014-12-08 13:17 - 00002117 _____ () C:\Users\Linford\Desktop\Tweaking.com - Simple System Tweaker.lnk
2014-12-08 12:16 - 2014-12-08 12:16 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LINFORD-PC-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
2014-12-08 12:16 - 2014-12-08 12:16 - 00000000 ____D () C:\RegBackup
2014-12-08 10:40 - 2014-12-08 13:17 - 00000000 ____D () C:\Users\Linford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-08 10:40 - 2014-12-08 13:17 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-08 10:40 - 2014-12-08 10:40 - 00001994 _____ () C:\Users\Linford\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-12-08 06:53 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-08 06:53 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-08 06:53 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-08 06:53 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-08 06:53 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-08 06:53 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-08 06:53 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-08 06:53 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-07 21:36 - 2014-12-07 21:36 - 00000000 ____D () C:\Users\Linford\Documents\ProcAlyzer Dumps
2014-12-07 20:14 - 2014-12-09 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-07 20:04 - 2014-12-07 20:04 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Linford\Downloads\mbar-1.08.2.1001.exe
2014-12-07 18:22 - 2014-12-07 18:23 - 09817304 _____ () C:\Users\Linford\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-12-07 18:21 - 2014-12-07 18:21 - 00050688 _____ (Atribune.org) C:\Users\Linford\Downloads\ATF-Cleaner.exe
2014-12-07 18:15 - 2014-12-07 18:15 - 00415232 _____ (Farbar) C:\Users\Linford\Downloads\FSS.exe
2014-12-07 18:05 - 2014-12-07 18:05 - 05198336 _____ (AVAST Software) C:\Users\Linford\Downloads\aswMBR.exe
2014-12-07 17:58 - 2014-12-07 18:00 - 04163057 _____ () C:\Users\Linford\Downloads\tdsskiller.zip
2014-12-07 17:16 - 2014-12-07 17:17 - 00000000 ____D () C:\Program Files\IDT
2014-12-07 17:02 - 2014-12-07 17:02 - 05152768 _____ () C:\Users\Linford\Downloads\HPSupportSolutionsFramework-11.51.0027.msi
2014-12-06 21:41 - 2014-11-18 20:02 - 00000000 _____ () C:\Windows\system32\Drivers\avchv.sys
2014-12-05 19:58 - 2014-12-05 19:58 - 00014469 _____ () C:\Users\Geoff\Downloads\O St Set List Holiday Mkt Dec 2014 KEYS.xlsx
2014-12-05 16:21 - 2014-12-05 16:29 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Linford\Downloads\spybot-2.4.exe
2014-12-05 16:19 - 2014-12-05 16:19 - 00000916 ____R () C:\Windows\system32\Drivers\etc\hosts.20141205-161930.backup
2014-12-05 14:01 - 2014-12-05 14:01 - 00047616 _____ () C:\Users\Geoff\Downloads\SP005000 Maintenance and Database Support (UNCLASSIFIED).msg
2014-12-04 11:15 - 2014-12-04 11:15 - 00001843 _____ () C:\Users\Geoff\Desktop\TerraExplorer.lnk
2014-12-04 11:14 - 2014-12-04 11:15 - 00000000 ____D () C:\Users\Geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Skyline TerraExplorer
2014-12-04 11:14 - 2014-12-04 11:14 - 00000000 ____D () C:\Users\Geoff\AppData\Roaming\Skyline
2014-12-04 11:14 - 2014-12-04 11:14 - 00000000 ____D () C:\Users\Geoff\AppData\Roaming\InstallShield Installation Information
2014-12-04 11:08 - 2014-12-04 11:09 - 28363176 _____ (Skyline Software Systems Inc.) C:\Users\Geoff\Downloads\SkylineGlobeSetup.exe
2014-12-03 17:00 - 2014-12-03 17:00 - 00000000 ____D () C:\Users\Trini\AppData\Roaming\Motorola Mobility
2014-12-02 17:25 - 2014-12-02 17:25 - 00119808 _____ (Atribune.org) C:\Users\Linford\Downloads\vundofix.exe
2014-12-02 14:02 - 2014-12-02 14:02 - 00002333 _____ () C:\Malwarebites_Dec_2014.txt
2014-12-02 12:33 - 2014-12-02 12:34 - 00010258 _____ () C:\Users\Linford\Documents\cc_20141202_123353.reg
2014-12-02 12:29 - 2014-12-02 12:30 - 05162080 _____ (Piriform Ltd) C:\Users\Linford\Downloads\ccsetup500.exe
2014-12-02 12:17 - 2014-12-02 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-12-02 12:14 - 2014-12-02 12:14 - 00003092 _____ () C:\Windows\System32\Tasks\{879748DC-0F4E-4E2B-BE16-67A83126E6E2}
2014-12-02 12:10 - 2014-12-02 12:10 - 02347384 _____ (ESET) C:\Users\Linford\Downloads\esetsmartinstaller_enu (4).exe
2014-12-02 12:09 - 2014-12-02 12:09 - 02347384 _____ (ESET) C:\Users\Linford\Downloads\esetsmartinstaller_enu (3).exe
2014-12-02 11:57 - 2014-12-03 17:17 - 00000000 ____D () C:\SUPERDelete
2014-11-18 20:04 - 2014-11-18 20:04 - 00002007 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-11-18 20:04 - 2014-11-18 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-11-18 20:02 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-18 20:02 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-11-18 20:00 - 2014-11-18 20:04 - 00000000 ____D () C:\Program Files\Bitdefender
2014-11-18 19:59 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-18 19:59 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-11-18 19:39 - 2014-10-23 20:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 19:39 - 2014-10-23 19:39 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 19:29 - 2014-11-18 20:57 - 00000000 ____D () C:\Users\Linford\AppData\Roaming\QuickScan
2014-11-18 19:28 - 2014-11-18 19:29 - 10447328 _____ () C:\Users\Linford\Downloads\Antivirus_Free_Edition_x64.exe
2014-11-18 19:25 - 2014-11-18 19:27 - 00162208 _____ () C:\Users\Linford\Downloads\Antivirus_Free_Edition.exe
2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2014-11-12 18:24 - 2014-11-12 18:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 17:33 - 2014-11-12 17:33 - 00000000 ____D () C:\Users\Geoff\Documents\INSURANCE
2014-11-11 23:01 - 2014-10-12 18:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 22:55 - 2014-08-11 21:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 22:55 - 2014-08-11 21:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 22:53 - 2014-10-17 20:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 22:53 - 2014-10-17 19:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 22:53 - 2014-10-09 20:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 22:53 - 2014-10-09 20:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 22:53 - 2014-10-09 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 22:53 - 2014-10-09 20:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 22:53 - 2014-10-09 20:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 22:53 - 2014-10-09 18:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 22:53 - 2014-10-09 18:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 22:53 - 2014-10-02 20:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 22:53 - 2014-10-02 20:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 22:53 - 2014-10-02 20:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 22:53 - 2014-10-02 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 22:53 - 2014-10-02 20:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 22:53 - 2014-10-02 20:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 22:53 - 2014-10-02 20:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 22:53 - 2014-10-02 18:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-11 22:42 - 2014-10-23 20:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 22:42 - 2014-10-23 19:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 22:42 - 2014-08-26 19:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 22:42 - 2014-08-26 19:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 22:42 - 2014-08-26 19:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 22:42 - 2014-08-26 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 21:07 - 2014-11-11 21:07 - 00093571 _____ () C:\Users\Geoff\Downloads\WinZip Compressed Attachments (1).zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 13:26 - 2011-12-12 22:05 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000UA.job
2014-12-10 13:23 - 2006-11-02 07:46 - 00861698 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-10 13:22 - 2008-01-20 20:53 - 01940377 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 13:21 - 2012-02-13 18:44 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-10 13:18 - 2012-04-11 17:43 - 00000000 ____D () C:\Temp
2014-12-10 13:18 - 2006-11-02 10:07 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-10 13:17 - 2012-03-27 18:48 - 00159144 _____ () C:\Windows\PFRO.log
2014-12-10 13:17 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-10 13:17 - 2006-11-02 10:22 - 00005184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 13:17 - 2006-11-02 10:22 - 00005184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 13:07 - 2006-11-02 10:21 - 00388888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-10 13:06 - 2012-04-11 17:37 - 00000000 ____D () C:\Windows\Minidump
2014-12-10 13:03 - 2012-03-30 09:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-10 12:22 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\rescache
2014-12-10 12:21 - 2011-12-11 17:47 - 00102744 _____ () C:\Users\Linford\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-10 11:49 - 2011-12-11 17:56 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-12-10 11:49 - 2006-11-02 10:42 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-10 11:49 - 2006-11-02 08:34 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-12-10 11:49 - 2006-11-02 08:34 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-12-10 11:48 - 2011-12-11 16:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 11:45 - 2013-08-13 21:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 11:38 - 2006-11-02 07:35 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-12-10 01:03 - 2012-03-30 09:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 01:03 - 2012-03-30 09:14 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 01:03 - 2011-12-11 16:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 22:28 - 2014-06-19 16:14 - 00000000 ____D () C:\Users\Linford\AppData\Local\CrashDumps
2014-12-09 21:53 - 2011-12-11 18:47 - 00799096 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-09 21:52 - 2006-11-02 10:15 - 00000000 ____D () C:\Windows\system32\0409
2014-12-09 21:25 - 2014-05-22 17:27 - 00000000 ____D () C:\Users\Linford\Desktop\Spyware cleaners
2014-12-09 20:43 - 2011-12-12 22:41 - 00000000 ____D () C:\Users\Linford\AppData\Roaming\Apple Computer
2014-12-09 19:37 - 2013-07-01 15:47 - 00000000 ____D () C:\Windows\erdnt
2014-12-09 19:26 - 2011-12-12 22:05 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000Core.job
2014-12-09 19:20 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-09 17:23 - 2011-12-14 00:00 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001Core.job
2014-12-09 15:41 - 2014-06-20 14:52 - 00000000 ____D () C:\EEK
2014-12-09 14:35 - 2011-12-11 17:46 - 00000732 _____ () C:\Users\Linford\AppData\Local\d3d9caps64.dat
2014-12-08 21:03 - 2012-04-11 17:56 - 00000000 ____D () C:\Users\Geoff\AppData\Roaming\MotoCast
2014-12-08 18:06 - 2012-04-11 17:56 - 00000000 ____D () C:\Users\Geoff\.gstreamer-0.10
2014-12-08 17:09 - 2011-12-12 20:18 - 00102744 _____ () C:\Users\Geoff\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-08 17:08 - 2014-08-25 16:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-08 17:06 - 2013-04-04 01:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-08 14:33 - 2012-04-11 17:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-08 14:32 - 2013-11-05 18:11 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-08 13:57 - 2011-12-11 16:21 - 00000000 ____D () C:\Program Files\Java
2014-12-08 13:49 - 2014-05-14 17:17 - 00320936 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-08 13:49 - 2014-05-14 17:16 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-08 13:49 - 2014-05-14 17:16 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-08 13:17 - 2011-12-12 22:07 - 00000000 ____D () C:\Users\Linford\Downloads\Spyware cleaners
2014-12-08 13:02 - 2006-11-02 07:34 - 00000290 _____ () C:\Windows\win.ini
2014-12-08 09:29 - 2014-06-20 13:52 - 00000000 ____D () C:\Qoobox
2014-12-08 09:08 - 2006-11-02 07:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-08 09:08 - 2006-11-02 07:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_23
2014-12-07 21:43 - 2006-11-02 07:34 - 00000741 ____R () C:\Windows\system32\Drivers\etc\hosts.20141208-074146.backup
2014-12-07 21:26 - 2006-11-02 07:34 - 00000741 ____R () C:\Windows\system32\Drivers\etc\hosts.20141207-214355.backup
2014-12-07 17:37 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\registration
2014-12-07 17:12 - 2011-12-23 11:54 - 00000000 ____D () C:\Users\Linford\AppData\Local\Hewlett-Packard
2014-12-07 16:29 - 2011-12-21 13:57 - 00000000 ____D () C:\Users\Geoff\AppData\Local\Hewlett-Packard
2014-12-05 21:09 - 2012-02-14 01:48 - 00047577 _____ () C:\Windows\setupact.log
2014-12-05 16:19 - 2013-04-04 01:10 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-12-05 16:19 - 2006-11-02 07:34 - 00000916 ____R () C:\Windows\system32\Drivers\etc\hosts.20141205-165952.backup
2014-12-04 16:05 - 2009-05-12 17:39 - 00000000 ____D () C:\Users\Geoff\Documents\bLUES STUFF
2014-12-03 17:01 - 2011-12-12 22:50 - 00008224 _____ () C:\Users\Trini\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-03 17:00 - 2011-12-12 22:50 - 00000979 _____ () C:\Users\Trini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-03 17:00 - 2011-12-12 22:50 - 00000949 _____ () C:\Users\Trini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-12-03 17:00 - 2011-12-12 22:50 - 00000000 ____D () C:\Users\Trini\AppData\Local\VirtualStore
2014-12-02 13:02 - 2009-12-11 03:49 - 00000000 ____D () C:\MGtools
2014-12-02 12:20 - 2012-02-13 19:15 - 00000000 ____D () C:\Users\Linford\AppData\Roaming\Malwarebytes
2014-12-02 11:57 - 2011-12-17 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2014-12-02 11:28 - 2006-11-02 07:34 - 00000741 ____R () C:\Windows\system32\Drivers\etc\hosts.20141205-161910.backup
2014-11-26 21:47 - 2013-06-25 16:48 - 00000000 ____D () C:\Users\Geoff\AppData\Local\CrashDumps
2014-11-26 15:04 - 2013-09-07 12:37 - 00000000 ____D () C:\Users\Geoff\Documents\2-Mortgage Hunt Info
2014-11-26 14:33 - 2011-12-14 00:01 - 00002042 _____ () C:\Users\Geoff\Desktop\Google Chrome.lnk
2014-11-19 21:49 - 2012-01-19 19:57 - 00002517 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-11-19 21:49 - 2012-01-19 19:57 - 00002505 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-11-19 21:49 - 2011-12-15 15:50 - 00000000 ____D () C:\Users\Geoff\AppData\Local\Apple Computer
2014-11-19 21:49 - 2011-12-12 22:58 - 00000000 ____D () C:\Users\Geoff\AppData\Roaming\Apple Computer
2014-11-19 20:56 - 2011-12-18 22:06 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-18 20:04 - 2011-12-11 17:46 - 00000000 ____D () C:\Users\Linford
2014-11-18 19:38 - 2011-12-11 18:48 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-11-18 19:34 - 2006-11-02 08:34 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-18 19:23 - 2014-06-19 16:40 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-11-18 19:21 - 2011-12-12 22:05 - 00003804 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000UA
2014-11-18 19:21 - 2011-12-12 22:05 - 00003408 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000Core
2014-11-15 17:12 - 2012-04-27 17:59 - 00000000 ____D () C:\Users\Geoff\AppData\Local\Akamai
2014-11-15 17:08 - 2012-06-19 21:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 17:19 - 2011-12-14 00:00 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001UA
2014-11-12 17:19 - 2011-12-14 00:00 - 00003396 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001Core
2014-11-12 17:19 - 2011-12-14 00:00 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001UA.job
2014-11-10 19:39 - 2012-06-04 20:02 - 00000000 ____D () C:\Users\Geoff\Documents\PFCU

Some content of TEMP:
====================
C:\Users\Linford\AppData\Local\temp\Quarantine.exe
C:\Users\Linford\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-10 13:33

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2014
Ran by Linford at 2014-12-10 13:42:13
Running from C:\Users\Linford\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ActivClient CAC 6.1 x64 (HKLM\...\{AC194855-F7AC-4D04-B4C9-07BA46FCB697}) (Version: 6.11.00039 - ActivIdentity)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version: - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.30.20.0 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
Citrix XenApp Web Plugin (HKLM-x32\...\{C0B165DC-F037-483F-B1C9-D89D91529CEB}) (Version: 11.0.150.5357 - Citrix Systems, Inc.)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-76335557-1567907971-1813161301-1000\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.2.2829 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.2.1621 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6159.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metro7 version 1.0 (HKLM-x32\...\{6B994472-9239-4E07-8008-1206252E9E51}_is1) (Version: 1.0 - Metro7.org)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Easy Assist v2 (HKLM-x32\...\{326957C7-83FD-4550-A59A-849B7B4297DE}) (Version: 8.1.6416.0 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM-x32\...\{877EC1C3-6D58-4DE0-BD83-5B29BED8B995}) (Version: 15.8.8308.315 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
PdaNet+ for Android 4.12 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
ProtectSmart Hard Drive Protection (HKLM\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista (HKLM-x32\...\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}) (Version: 1.00.0000 - Realtek)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TerraExplorer (x32 Version: 6.1.01033 - Skyline Software Systems Inc.) Hidden
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 6.8.5.0 - Carifred)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (HKLM\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Linford\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Linford\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Linford\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Linford\AppData\Local\Google\Chrome\Application\39.0.2171.71\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Linford\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

12-11-2014 03:41:54 Windows Update
15-11-2014 22:16:51 Windows Update
16-11-2014 14:09:37 Scheduled Checkpoint
19-11-2014 00:20:49 Removed SUPERAntiSpyware Free Edition
19-11-2014 00:22:29 Windows Update
19-11-2014 00:39:08 Windows Update
19-11-2014 01:02:44 Device Driver Package Install: BITDEFENDER S.R.L. System devices
23-11-2014 03:09:20 Windows Update
26-11-2014 19:14:37 Windows Update
30-11-2014 17:39:38 Windows Update
01-12-2014 17:31:26 Scheduled Checkpoint
02-12-2014 15:26:29 Scheduled Checkpoint
03-12-2014 06:00:05 Scheduled Checkpoint
03-12-2014 23:52:14 Scheduled Checkpoint
05-12-2014 06:57:14 Windows Update
06-12-2014 06:00:40 Scheduled Checkpoint
07-12-2014 02:45:20 Scheduled Checkpoint
07-12-2014 22:03:00 Installed HP Support Solutions Framework
08-12-2014 01:12:27 07_Dec_14_2012Hrs
08-12-2014 15:16:38 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:34 - 2014-12-09 18:07 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16D4304C-9EE8-42BC-AAE1-1F6F2CF66F4B} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {22D3397D-20FE-4C5A-B2A8-7F2F2C6DC199} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001Core => C:\Users\Geoff\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {2406FE98-F2B4-4CF2-B791-675CFF53C75C} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] ()
Task: {36D59D73-5BDF-4976-8DC6-F944E22F9884} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {49AD996E-DB1C-409B-8867-11EF662B22CB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000UA => C:\Users\Linford\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-18] (Google Inc.)
Task: {58F65BE6-FF0F-47B9-89E8-CF7958F30EE1} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\OSUpgrade => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunHandleOSUpgrade
Task: {7E23D888-1EBB-45E3-BCE0-A7B2E6CDBAD8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001UA => C:\Users\Geoff\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {7F590172-BA79-4F23-A59A-E9A3D30CA841} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {807E239F-BE4B-49B4-A2D7-022CAA317D44} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2014-08-19] (Microsoft)
Task: {98700978-770C-40F8-9850-49E651B2D564} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {C0EF6C8C-DBD2-4235-A0E2-79C030669501} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-08-19] (Microsoft)
Task: {CEEE92BC-989A-4EA5-9554-EFC5F385C327} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {D1B876D0-F12A-47C5-A897-E78069BFF5DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000Core => C:\Users\Linford\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-18] (Google Inc.)
Task: {D442702E-6BBA-48F4-B3E9-1C5B4E9B89DB} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2012-03-27] ()
Task: {D9900B77-23DB-43F7-80E6-B131F851643F} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {DF159A32-7C17-4992-8C72-03BA708B17B7} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {E5396A0E-57FA-46BB-A6E5-83E29111A2B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E65C6B99-3642-4CB6-9FB6-27C3C71B8F90} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\ConfigExec => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunCollectConfigurationInfo
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000Core.job => C:\Users\Linford\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1000UA.job => C:\Users\Linford\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001Core.job => C:\Users\Geoff\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-76335557-1567907971-1813161301-1001UA.job => C:\Users\Geoff\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2014-11-18 20:02 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-11-18 20:02 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2009-07-01 14:44 - 2009-07-01 14:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-07 20:35 - 2012-09-07 20:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 20:35 - 2012-09-07 20:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 20:37 - 2012-09-07 20:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 20:36 - 2012-09-07 20:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 20:36 - 2012-09-07 20:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\Geoff\Downloads\Alexxyss and lolipop.mpg:TOC.WMV
AlternateDataStreams: C:\Users\Linford\Desktop\adwcleaner_4.105.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\dds.com:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\DefaultPack.EXE:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\iExplore.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\mbar-1.08.2.1001.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\RogueKiller.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\UVKPortable.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\aswMBR.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\ATF-Cleaner.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\ccsetup500.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\chromeinstall-8u25.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\DefaultPack.EXE:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\esetsmartinstaller_enu (3).exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\esetsmartinstaller_enu (4).exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\FSS.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\mbar-1.08.2.1001.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\RogueKillerX64.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\spybot-2.4.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\tweaking.com_windows_repair_aio_setup.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\vcredist_x86.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\Windows-KB890830-x64-V5.19.exe:BDU
 
==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

========================= Accounts: ==========================

Administrator (S-1-5-21-76335557-1567907971-1813161301-500 - Administrator - Disabled)
Geoff (S-1-5-21-76335557-1567907971-1813161301-1001 - Limited - Enabled) => C:\Users\Geoff
Guest (S-1-5-21-76335557-1567907971-1813161301-501 - Limited - Disabled)
Kemba (S-1-5-21-76335557-1567907971-1813161301-1003 - Limited - Enabled) => C:\Users\Kemba
Khari (S-1-5-21-76335557-1567907971-1813161301-1002 - Limited - Enabled) => C:\Users\Khari
Linford (S-1-5-21-76335557-1567907971-1813161301-1000 - Administrator - Enabled) => C:\Users\Linford
Trini (S-1-5-21-76335557-1567907971-1813161301-1004 - Limited - Enabled) => C:\Users\Trini

==================== Faulty Device Manager Devices =============

Name: HP Photosmart D110
Description: HP Photosmart D110
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (12/10/2014 01:39:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-12-10 13:41:59.458
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:41:59.208
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:41:58.974
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:41:58.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:41:58.303
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:41:58.069
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:41:57.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:41:57.570
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:09:30.970
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-10 13:09:30.768
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 39%
Total physical RAM: 3998.24 MB
Available physical RAM: 2430.41 MB
Total Pagefile: 8211.74 MB
Available Pagefile: 6290.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:285.62 GB) (Free:30.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:12.47 GB) (Free:1.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: CF9BC167)
Partition 1: (Active) - (Size=285.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    6.1 KB · Views: 1
I saved the fixlist.txt to my desktop and ran FRST64 as instructed, the Fixlog.txt is below:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2014
Ran by Linford at 2014-12-12 17:42:45 Run:1
Running from C:\Users\Linford\Desktop
Loaded Profile: Linford (Available profiles: Linford & Geoff & Khari & Kemba & Trini)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\* <====== ATTENTION
HKLM Group Policy restriction on software: %SystemRoot%\Fonts\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\* <====== ATTENTION
HKLM Group Policy restriction on software: %SystemDrive%\$Recycle.Bin\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Skype\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Package Cache\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Internet Explorer\Quick Launch\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Microsoft\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Adobe\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Oracle\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Windows\Start Menu\* <====== ATTENTION
HKLM Group Policy restriction on software: %ALLUSERSPROFILE%\Oracle\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %SystemDrive%\Users\Public\Desktop\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\LocalLow\Oracle\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\Microsoft\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\LocalLow\Sun\Java\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\Downloads\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\Windows\Recent\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\Desktop\* <====== ATTENTION
HKLM Group Policy restriction on software: %USERPROFILE%\AppData\Local\temp\* <====== ATTENTION
HKLM Group Policy restriction on software: %APPDATA%\Microsoft\* <====== ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-76335557-1567907971-1813161301-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-76335557-1567907971-1813161301-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found]
S1 Beep; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 NTPASp50a64; System32\Drivers\NTPASp50a64.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
C:\Users\Linford\AppData\Local\temp\Quarantine.exe
C:\Users\Linford\AppData\Local\temp\sqlite3.dll
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> No File Path
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\Geoff\Downloads\Alexxyss and lolipop.mpg:TOC.WMV
AlternateDataStreams: C:\Users\Linford\Desktop\adwcleaner_4.105.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\dds.com:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\DefaultPack.EXE:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\iExplore.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\mbar-1.08.2.1001.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\RogueKiller.exe:BDU
AlternateDataStreams: C:\Users\Linford\Desktop\UVKPortable.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\aswMBR.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\ATF-Cleaner.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\ccsetup500.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\chromeinstall-8u25.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\DefaultPack.EXE:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\esetsmartinstaller_enu (3).exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\esetsmartinstaller_enu (4).exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\FSS.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\mbar-1.08.2.1001.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\RogueKillerX64.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\spybot-2.4.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\tweaking.com_windows_repair_aio_setup.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\vcredist_x86.exe:BDU
AlternateDataStreams: C:\Users\Linford\Downloads\Windows-KB890830-x64-V5.19.exe:BDU


*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-76335557-1567907971-1813161301-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-76335557-1567907971-1813161301-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key not found.
FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found] not found.
Beep => Service deleted successfully.
catchme => Service deleted successfully.
IpInIp => Service deleted successfully.
motccgpfl => Service deleted successfully.
motusbdevice => Service deleted successfully.
NTPASp50a64 => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Users\Linford\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\Linford\AppData\Local\temp\sqlite3.dll => Moved successfully.
"HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => Key deleted successfully.
"HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => Key deleted successfully.
"HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}" => Key deleted successfully.
"HKU\S-1-5-21-76335557-1567907971-1813161301-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}" => Key deleted successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
C:\Users\Geoff\Downloads\Alexxyss and lolipop.mpg => ":TOC.WMV" ADS removed successfully.
C:\Users\Linford\Desktop\adwcleaner_4.105.exe => ":BDU" ADS removed successfully.
"C:\Users\Linford\Desktop\dds.com" => ":BDU" ADS not found.
C:\Users\Linford\Desktop\DefaultPack.EXE => ":BDU" ADS removed successfully.
C:\Users\Linford\Desktop\FRST64.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Desktop\iExplore.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Desktop\JRT.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Desktop\mbar-1.08.2.1001.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Desktop\RogueKiller.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Desktop\UVKPortable.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\aswMBR.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\ATF-Cleaner.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\ccsetup500.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\chromeinstall-8u25.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\DefaultPack.EXE => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\esetsmartinstaller_enu (3).exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\esetsmartinstaller_enu (4).exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\FSS.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\mbar-1.08.2.1001.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\RogueKillerX64.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\spybot-2.4.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\tweaking.com_windows_repair_aio_setup.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\vcredist_x86.exe => ":BDU" ADS removed successfully.
C:\Users\Linford\Downloads\Windows-KB890830-x64-V5.19.exe => ":BDU" ADS removed successfully.

==== End of Fixlog ====
 
Back