Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Jack at 2015-03-31 13:38:31
Running from C:\Users\Jack\Desktop\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
6200 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
6200_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
6200Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
AIO_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
AnswerWorks 5.0 English Runtime (HKLM\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2215 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (HKLM\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Docs Opener 0.1 (HKLM\...\Docs Opener) (Version: 0.1 - )
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
EPSON Artisan 800 Series Printer Uninstall (HKLM\...\EPSON Artisan 800 Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Print CD (HKLM\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth Plug-in (HKLM\...\{171E6C1E-B5FC-11DF-B115-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java(TM) 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)
Live! Cam Avatar v1.0 (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative Technology Ltd.)
Local Temperature (HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\...\Local Temperature) (Version: 1.0.0.2 - Local Temperature LLC)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 (HKLM\...\OUTLOOKR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{A71D5E81-B967-43DB-93D7-FD31BFB95748}) (Version: 3.1.5.0 - Apple Inc.)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
Mozilla Firefox 37.0 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0 (x86 en-US)) (Version: 37.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
PrimoPDF (HKLM\...\PrimoPDF4.1.0.9) (Version: 4.1.0.9 - activePDF)
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
Quicken 2010 (HKLM\...\{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}) (Version: 19.1.1.27 - Intuit)
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - )
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Search Module Plus (HKLM\...\Search Module Plus) (Version: - Goobzo)
SiteSpinner Pro V2 (HKLM\...\{0235B9FB-3225-4A55-BD77-1B1C43D3865F}) (Version: 2.91.8 - Virtual Mechanics)
Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPrograms (HKLM\...\WebWatcherInstall) (Version: - )
YTDownloader (HKLM\...\YTDownloader) (Version: - YTDownloader)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Jack\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Jack\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Jack\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Jack\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
CustomCLSID: HKU\S-1-5-21-3857334386-3578862484-2166480049-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
==================== Restore Points =========================
Could not list restore points.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {06941A33-FFEB-4926-A2B0-CC71FF213F41} - System32\Tasks\SysHealth_Controller_Mon => C:\Windows\SysFilesController\SysFiles_backup.exe [2015-03-17] ()
Task: {0F4A65CD-B36A-4A37-BF9D-E519CB82C258} - System32\Tasks\mdb => C:\Users\Jack\AppData\Roaming\orlando\Vipp\mbd.exe [2015-02-06] ()
Task: {10965127-AC9E-41E5-810F-8324499BB476} - System32\Tasks\Convertor => C:\Users\Jack\AppData\Roaming\Convertor\Convertor.exe [2015-01-29] ()
Task: {17126A0E-E767-4D99-976C-853741DC6F1D} - System32\Tasks\RocketTab Update Task => C:\Program Files\RocketTab\uninstall.exe [2014-09-06] () <==== ATTENTION
Task: {1A7C9BB8-1BA6-4EB5-96C0-EDA8E89285EA} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {21EEEB12-C0C1-417F-9CBE-102498E6C0DB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3857334386-3578862484-2166480049-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3A8146C1-F07A-4EC0-83B1-0ACC073A6F47} - System32\Tasks\SysHealthcare_Controller => C:\Windows\SysHealthController\SysFiles_backup.exe [2015-03-17] ()
Task: {3B4F82AD-2E8B-439C-ACB3-16A929F75191} - System32\Tasks\YTDownloader => C:\Program Files\YTDownloader\YTDownloader.exe [2015-03-27] (YTDownloader) <==== ATTENTION
Task: {4CB39A81-F7E0-423A-84E5-DAF140390585} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {4CD05017-C813-48BD-883A-8E1677B6AF5F} - System32\Tasks\ObronaCleanerUacSkip => C:\Users\Jack\AppData\Local\Obrona Cleaner\ObronaCleaner.exe
Task: {4F55CC1E-3483-4FE3-BF54-E9004AD6F95A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {53913CB8-649C-4BF9-8E6E-E097545B855A} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files\RocketTab\Client.exe" /Preferred=true <==== ATTENTION
Task: {670859B7-E8EA-4670-A75F-056165A0832D} - System32\Tasks\YTDownloaderUpd => C:\Program Files\YTDownloader\updater.exe [2015-03-27] (Goobzo) <==== ATTENTION
Task: {6D76670C-4CCC-456D-856D-8D6D63A0775B} - System32\Tasks\WinKit => C:\Users\Jack\AppData\Roaming\WinKit\Updater.exe [2015-01-29] ()
Task: {72CED28D-109D-4078-9538-E6036F654B69} - System32\Tasks\SMW_UpdateTask_Time_343130353038303132362d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModulePlus\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {74CB1D74-AA0E-4343-B48F-5B2E1336BDC1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3857334386-3578862484-2166480049-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7F864734-6652-43D7-A67F-8D72E0417B2A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3857334386-3578862484-2166480049-1001Core => C:\Users\Jack\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-09] (Facebook Inc.)
Task: {8FED1D1B-8E5C-4419-86B4-53DFDA68A3EC} - System32\Tasks\{A7D8B7C5-84FB-453D-8907-963596BCB547} => C:\Program Files\Skype\Phone\Skype.exe
Task: {9C364571-0E54-49BB-A2BD-2601B0C023D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {A5A8B0A3-11AC-4369-9C1A-D9D35D406E6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {B4499DFF-CC0F-43BC-B1CD-C298272D6CAB} - System32\Tasks\RunTool => C:\Users\Jack\AppData\Local\2d684269-0a27-4fc5-b6b6-50b33ea5e2c7\sysad.exe [2015-02-24] ()
Task: {BECB454B-1D41-4FDB-BEF9-339A809D3129} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {DC1C897D-211F-4973-8C8F-F937790E47D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DEEEDE86-709A-4963-80F9-46A8B6D243DB} - System32\Tasks\RunAsStdUser Task => C:\Users\Midge\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe <==== ATTENTION
Task: {EBDE6D0C-090D-4528-BF77-378F87D0A5B8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-31] (Avast Software s.r.o.)
Task: {EEE22308-83D3-4FCF-94CC-9DB52139685C} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {EFAC6925-6806-4B4D-962C-D55C29A287F2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3857334386-3578862484-2166480049-1001UA => C:\Users\Jack\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-09] (Facebook Inc.)
Task: {FF27F0EF-A4DD-4BF2-BE42-0564AF18D21F} - System32\Tasks\mdb01 => C:\Users\Jack\AppData\Roaming\orlando\Vipp\mbd.exe [2015-02-06] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3857334386-3578862484-2166480049-1001Core.job => C:\Users\Jack\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3857334386-3578862484-2166480049-1001UA.job => C:\Users\Jack\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{93A42882-E554-4369-9F48-A4CA0FEB9E2D}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) ==============
2008-07-18 11:37 - 2008-05-18 23:26 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2008-07-18 11:37 - 2008-05-18 23:25 - 00054784 _____ () C:\Windows\System32\bcmwlrmt.dll
2015-03-31 10:17 - 2015-03-31 10:17 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-31 10:17 - 2015-03-31 10:17 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-31 13:02 - 2015-03-31 13:02 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15032300\algo.dll
2015-03-31 12:28 - 2015-03-31 12:28 - 02924032 _____ () C:\Program Files\AVAST Software\Avast\defs\15033101\algo.dll
2009-01-27 18:15 - 2006-12-11 14:12 - 00176235 _____ () C:\Windows\System32\Primomonnt.dll
2014-09-06 15:54 - 2014-09-06 15:54 - 01420512 _____ () C:\Program Files\RocketTab\Client.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-28 23:25 - 2015-03-25 09:05 - 00256512 ___SH () C:\Program Files\Pgrouncounsterheads\Pgrouncounsterheads.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-07-18 21:43 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2010-07-18 21:43 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2015-03-31 10:17 - 2015-03-31 10:17 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2006-12-10 18:51 - 2006-12-10 18:51 - 00065536 ____R () C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
2006-12-10 18:51 - 2006-12-10 18:51 - 00077824 ____R () C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
2015-03-30 00:01 - 2015-02-06 09:24 - 00022016 _____ () C:\Users\Jack\AppData\Roaming\orlando\Vipp\mbd.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wwwd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebWatcherProxy => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wwwd.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3857334386-3578862484-2166480049-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.1 - 74.40.74.40
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3857334386-3578862484-2166480049-500 - Administrator - Disabled)
Guest (S-1-5-21-3857334386-3578862484-2166480049-501 - Limited - Disabled)
Jack (S-1-5-21-3857334386-3578862484-2166480049-1001 - Administrator - Enabled) => C:\Users\Jack
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/31/2015 01:32:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application DownloadHelper.exe, version 1.0.1.5, time stamp 0x55152942, faulting module KERNEL32.dll!K32GetModuleFileNameExW, version 6.0.6001.18538, time stamp 0x4cb733dc, exception code 0xc0000139, fault offset 0x00009cfc,
process id 0x1628, application start time 0xDownloadHelper.exe0.
Error: (03/31/2015 00:59:54 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {50820ff0-d7da-4f13-8b30-8dc334101938}
Error: (03/31/2015 00:35:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {01cdfc91-19e1-4c50-8f25-4e6241c3c634}
Error: (03/31/2015 00:13:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/31/2015 00:13:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/31/2015 11:58:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Search Module Plus Update since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (03/31/2015 11:58:44 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f154a1b2-7867-4254-bb81-20bf31176201}
Error: (03/31/2015 11:02:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Search Module Plus Update since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (03/31/2015 11:02:05 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f154a1b2-7867-4254-bb81-20bf31176201}
Error: (03/31/2015 10:34:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module ntdll.dll, version 6.0.6001.18538, time stamp 0x4cb733dc, exception code 0xc0000135, fault offset 0x00009cfc,
process id 0x3b8, application start time 0xrundll32.exe0.
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (02/14/2011 06:03:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 514 seconds with 480 seconds of active time. This session ended with a crash.
Error: (07/09/2009 09:35:38 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 312 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/09/2009 09:33:03 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 81 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/09/2009 09:32:04 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/09/2009 09:30:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/09/2009 09:29:50 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/09/2009 09:29:02 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-03-31 13:38:17.948
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:38:17.590
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:38:17.356
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:38:17.137
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:38:16.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:38:16.417
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:38:16.214
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:38:15.964
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:37:54.374
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 13:37:54.171
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Percentage of memory in use: 45%
Total physical RAM: 3061.31 MB
Available physical RAM: 1655.41 MB
Total Pagefile: 6324.88 MB
Available Pagefile: 4657.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1872.24 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.58 GB) (Free:116.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:0.01 GB) NTFS
Drive f: (MEMORY CARD) (Removable) (Total:1.9 GB) (Free:1.4 GB) FAT
Drive g: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00000080)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=220.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 0DD62270)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)
==================== End Of Log ============================