HI! Thank you for looking at this mess.
My computer is running hurky jerky...as I am typing this, I'm waiting for 10 seconds for it to catch up with me typing at a realatively slow pace.
I'm getting all sorts of script messages....I click on STOP SCRIPT, and it still runs in slow motion.
It's taking forever for my programs to load. My email service is incredibly slow. I click on an email, and it may or may not open.
Trying to get an internet site to open is a joke. Sometimes it will open, most often my computer just freezes.
My anti-virus software says I'm up to date and all is good. ??? Wassup with that? This is a MESS!
Please help!!
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, x64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3036 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1294 Mb
Hard Drives: C: Total - 223377 MB, Free - 83001 MB;
Motherboard: Dell Inc., 0JJW8N
Antivirus: avast! Antivirus, Updated and Enabled
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2014 02
Ran by Deni (administrator) on NEWFAMCOMP on 14-08-2014 13:55:47
Running from C:\Users\Deni\Desktop
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version:
http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\wkcalrem.exe
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe
(Dropbox, Inc.) C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Digital Image 2006\pi.exe
(Microsoft Corporation) C:\Program Files\Microsoft Home Publishing 2000\HPUB.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Farbar) C:\Users\Deni\Desktop\FRST(2).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [96056 2013-02-16] (Siber Systems)
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
Startup: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-18]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: avast! EasyPass Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-02-16]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-13]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=AV01
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=AV01"
CHR StartupUrls: "hxxp://www.msn.com/?pc=AV01"
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.140.8) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U14) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (BlackBerry AppWorld) - C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-28]
CHR Extension: (Poppit) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-28]
CHR Extension: (Google Wallet) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-13]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-13] (AVAST Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PenCommService; C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2012-11-05] (Livescribe) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-05-16] (WDC) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-13] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270752 2014-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-13] ()
S3 JRAID; C:\Windows\system32\DRIVERS\jraid.sys [89048 2009-05-21] (JMicron Technology Corp.)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [20480 2012-11-05] (Windows (R) Win 7 DDK provider) [File not signed]
S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror.sys [3328 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
S3 Wdm1; C:\Windows\System32\Drivers\usbbc.sys [15576 2003-07-01] ()
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 13:55 - 2014-08-14 13:57 - 00018647 _____ () C:\Users\Deni\Desktop\FRST.txt
2014-08-14 13:54 - 2014-08-14 13:54 - 00001429 _____ () C:\Users\Deni\Desktop\FRST(2) - Shortcut.lnk
2014-08-14 13:53 - 2014-08-14 13:53 - 01092096 _____ (Farbar) C:\Users\Deni\Desktop\FRST(2).exe
2014-08-13 13:47 - 2014-08-13 13:47 - 00001253 _____ () C:\Users\Deni\Desktop\HP Solution Center.lnk
2014-08-13 13:39 - 2014-08-13 13:39 - 00000000 ____D () C:\Windows\LastGood
2014-08-13 13:37 - 2014-08-13 13:37 - 00002087 _____ () C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
2014-08-13 13:37 - 2014-08-13 13:37 - 00001028 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001241 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001235 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001081 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\Program Files\Common Files\HP
2014-08-13 13:07 - 2014-08-13 13:14 - 327118416 _____ () C:\Users\Deni\Downloads\PS_AIO_02_Net_Full_Win_WW_130_140(3).exe
2014-08-11 09:35 - 2014-08-11 09:35 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\gnupg
2014-08-11 09:35 - 2014-08-11 02:41 - 00000000 __SHD () C:\Jumpshot
2014-08-11 09:22 - 2014-08-11 11:26 - 00000000 ____D () C:\Windows\jumpshot.com
2014-08-11 09:22 - 2014-08-11 09:22 - 14482352 _____ (AVAST Software) C:\Users\Deni\Downloads\grimefighter.exe
2014-08-03 20:39 - 2014-08-03 20:39 - 00222915 _____ () C:\Users\Deni\Documents\triad 2014.hmk
2014-07-25 13:09 - 2014-07-25 13:10 - 00042313 _____ () C:\Users\Deni\Downloads\Addition.txt
2014-07-25 13:08 - 2014-07-25 13:10 - 00031218 _____ () C:\Users\Deni\Downloads\FRST.txt
2014-07-25 13:07 - 2014-07-25 13:07 - 01084416 _____ (Farbar) C:\Users\Deni\Downloads\FRST(1).exe
2014-07-25 12:55 - 2014-07-25 12:55 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(2).exe
2014-07-25 12:46 - 2014-07-25 12:46 - 00348187 _____ () C:\Users\Deni\AppData\Local\census.cache
2014-07-25 12:46 - 2014-07-25 12:46 - 00159672 _____ () C:\Users\Deni\AppData\Local\ars.cache
2014-07-25 12:37 - 2014-07-25 12:37 - 00000010 _____ () C:\Users\Deni\AppData\Local\sponge.last.runtime.cache
2014-07-25 12:35 - 2014-07-25 12:35 - 00509440 _____ (Tech Support Guy System) C:\Users\Deni\Downloads\SysInfo(3).exe
2014-07-25 12:23 - 2014-07-25 12:23 - 00000036 _____ () C:\Users\Deni\AppData\Local\housecall.guid.cache
2014-07-25 12:22 - 2014-07-25 12:22 - 02055784 _____ (Trend Micro Inc.) C:\Users\Deni\Downloads\HousecallLauncher.exe
2014-07-24 13:51 - 2014-07-24 13:52 - 00135071 _____ () C:\Users\Deni\Documents\qtr env NO add bday.hmk
2014-07-22 18:53 - 2014-07-22 18:53 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(1).exe
2014-07-22 18:50 - 2014-07-22 18:50 - 00000000 ____D () C:\Trend Micro
2014-07-22 18:47 - 2014-07-22 18:47 - 01402880 _____ () C:\Users\Deni\Downloads\HiJackThis.msi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 13:57 - 2014-08-14 13:55 - 00018647 _____ () C:\Users\Deni\Desktop\FRST.txt
2014-08-14 13:56 - 2014-05-12 01:56 - 00000000 ____D () C:\FRST
2014-08-14 13:54 - 2014-08-14 13:54 - 00001429 _____ () C:\Users\Deni\Desktop\FRST(2) - Shortcut.lnk
2014-08-14 13:53 - 2014-08-14 13:53 - 01092096 _____ (Farbar) C:\Users\Deni\Desktop\FRST(2).exe
2014-08-14 13:40 - 2013-03-07 13:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-14 13:39 - 2010-02-05 16:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 13:33 - 2009-07-13 21:55 - 01072655 _____ () C:\Windows\WindowsUpdate.log
2014-08-14 13:31 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\RECIPES
2014-08-14 12:39 - 2010-02-05 16:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-13 15:28 - 2013-01-29 17:55 - 00000000 ____D () C:\Users\Deni\Documents\ICE IMPT INFO
2014-08-13 15:10 - 2006-05-24 23:05 - 02184704 ___SH () C:\Users\Deni\Documents\Thumbs.db
2014-08-13 13:47 - 2014-08-13 13:47 - 00001253 _____ () C:\Users\Deni\Desktop\HP Solution Center.lnk
2014-08-13 13:47 - 2009-11-18 18:40 - 00000000 ____D () C:\Users\Deni\Documents\My Scans
2014-08-13 13:44 - 2009-11-16 15:17 - 00162944 _____ () C:\Users\Deni\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 13:41 - 2013-04-02 22:15 - 00210562 _____ () C:\Windows\hpoins21.dat
2014-08-13 13:41 - 2009-11-18 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-13 13:41 - 2009-11-18 12:20 - 00063160 _____ () C:\ProgramData\hpzinstall.log
2014-08-13 13:41 - 2009-07-13 19:04 - 00000534 _____ () C:\Windows\win.ini
2014-08-13 13:39 - 2014-08-13 13:39 - 00000000 ____D () C:\Windows\LastGood
2014-08-13 13:39 - 2009-07-13 21:52 - 00000000 ____D () C:\Windows\twain_32
2014-08-13 13:37 - 2014-08-13 13:37 - 00002087 _____ () C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
2014-08-13 13:37 - 2014-08-13 13:37 - 00001028 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-08-13 13:37 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:37 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:36 - 2014-08-13 13:36 - 00001241 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001235 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001081 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-13 13:36 - 2009-11-18 12:29 - 00000000 ____D () C:\Program Files\HP
2014-08-13 13:36 - 2009-11-18 12:19 - 00000000 ____D () C:\ProgramData\HP
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\Program Files\Common Files\HP
2014-08-13 13:28 - 2014-05-11 15:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-13 13:28 - 2012-06-23 09:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-13 13:27 - 2013-04-09 13:35 - 00000000 ___RD () C:\Users\Deni\Dropbox
2014-08-13 13:27 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Dropbox
2014-08-13 13:26 - 2013-12-10 15:05 - 00010484 _____ () C:\Windows\setupact.log
2014-08-13 13:26 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-13 13:26 - 2009-07-13 21:33 - 00520928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 13:25 - 2009-10-29 18:33 - 01384718 _____ () C:\Windows\PFRO.log
2014-08-13 13:16 - 2009-11-19 22:54 - 00209898 ____N () C:\Windows\hpoins21.dat.temp
2014-08-13 13:14 - 2014-08-13 13:07 - 327118416 _____ () C:\Users\Deni\Downloads\PS_AIO_02_Net_Full_Win_WW_130_140(3).exe
2014-08-13 13:05 - 2010-07-21 13:45 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\HpUpdate
2014-08-13 12:35 - 2014-01-13 13:51 - 00001928 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-08-11 11:27 - 2011-01-13 11:02 - 00000000 ____D () C:\Users\Guest
2014-08-11 11:27 - 2009-11-16 14:25 - 00000000 ____D () C:\Users\Deni
2014-08-11 11:26 - 2014-08-11 09:22 - 00000000 ____D () C:\Windows\jumpshot.com
2014-08-11 09:41 - 2009-07-13 19:03 - 62652416 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000001
2014-08-11 09:41 - 2009-07-13 19:03 - 15728640 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000003
2014-08-11 09:40 - 2009-11-16 14:25 - 07864320 ___SH () C:\Users\Deni\.ghost-ntfs-3g-00000000000000000009
2014-08-11 09:35 - 2014-08-11 09:35 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\gnupg
2014-08-11 09:22 - 2014-08-11 09:22 - 14482352 _____ (AVAST Software) C:\Users\Deni\Downloads\grimefighter.exe
2014-08-11 02:41 - 2014-08-11 09:35 - 00000000 __SHD () C:\Jumpshot
2014-08-03 20:48 - 2014-04-23 17:35 - 00000027 _____ () C:\Users\Deni\Documents\Hallmark Card Studio 2008.txt
2014-08-03 20:39 - 2014-08-03 20:39 - 00222915 _____ () C:\Users\Deni\Documents\triad 2014.hmk
2014-07-25 13:22 - 2009-11-18 19:21 - 00000000 ____D () C:\Program Files\Google
2014-07-25 13:22 - 2009-11-18 19:05 - 00000000 ____D () C:\Users\Deni\AppData\Local\Google
2014-07-25 13:10 - 2014-07-25 13:09 - 00042313 _____ () C:\Users\Deni\Downloads\Addition.txt
2014-07-25 13:10 - 2014-07-25 13:08 - 00031218 _____ () C:\Users\Deni\Downloads\FRST.txt
2014-07-25 13:07 - 2014-07-25 13:07 - 01084416 _____ (Farbar) C:\Users\Deni\Downloads\FRST(1).exe
2014-07-25 13:04 - 2013-04-09 13:35 - 00001020 _____ () C:\Users\Deni\Desktop\Dropbox.lnk
2014-07-25 13:04 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 13:00 - 2014-06-17 11:06 - 00000000 ____D () C:\AdwCleaner
2014-07-25 12:55 - 2014-07-25 12:55 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(2).exe
2014-07-25 12:46 - 2014-07-25 12:46 - 00348187 _____ () C:\Users\Deni\AppData\Local\census.cache
2014-07-25 12:46 - 2014-07-25 12:46 - 00159672 _____ () C:\Users\Deni\AppData\Local\ars.cache
2014-07-25 12:37 - 2014-07-25 12:37 - 00000010 _____ () C:\Users\Deni\AppData\Local\sponge.last.runtime.cache
2014-07-25 12:35 - 2014-07-25 12:35 - 00509440 _____ (Tech Support Guy System) C:\Users\Deni\Downloads\SysInfo(3).exe
2014-07-25 12:23 - 2014-07-25 12:23 - 00000036 _____ () C:\Users\Deni\AppData\Local\housecall.guid.cache
2014-07-25 12:22 - 2014-07-25 12:22 - 02055784 _____ (Trend Micro Inc.) C:\Users\Deni\Downloads\HousecallLauncher.exe
2014-07-24 13:52 - 2014-07-24 13:51 - 00135071 _____ () C:\Users\Deni\Documents\qtr env NO add bday.hmk
2014-07-24 13:48 - 2009-11-18 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 13:48 - 2009-11-18 19:04 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Malwarebytes
2014-07-22 18:53 - 2014-07-22 18:53 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(1).exe
2014-07-22 18:50 - 2014-07-22 18:50 - 00000000 ____D () C:\Trend Micro
2014-07-22 18:47 - 2014-07-22 18:47 - 01402880 _____ () C:\Users\Deni\Downloads\HiJackThis.msi
2014-07-18 07:02 - 2010-09-27 12:04 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 13:55 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
Some content of TEMP:
====================
C:\Users\Deni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgkzq8s.dll
C:\Users\Deni\AppData\Local\Temp\HPInstaller.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-13 20:47
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-08-2014 02
Ran by Deni at 2014-08-14 14:01:42
Running from C:\Users\Deni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Kindle For PC v1.1 (HKCU\...\Amazon Kindle For PC) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
avast! EasyPass (HKLM\...\AI RoboForm) (Version: 7-7-8-128 - AVAST Software)
avast! Internet Security (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Avery Template (HKLM\...\{A760067A-C07E-1033-0000-A764AC000010}) (Version: 2.0.0.0 - Avery)
BlackBerry Desktop Software 6.0.2 (HKLM\...\BlackBerry_Desktop) (Version: 6.0.2.42 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.0.2 (Version: 6.0.2.42 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C8100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
C8100_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Click'N Design 3D (V5) (HKLM\...\Click'N Design 3D (V5)) (Version: v5.x.x - Stomp Inc.)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}) (Version: 1.1.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileOpen Client (HKLM\...\{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}) (Version: 3.0.16.879 - FileOpen Systems, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hallmark Card Studio 2008 Deluxe (HKLM\...\{747A6A10-DA58-48C2-A1F0-C15514419C8A}) (Version: 9.0.0.9 - Creative Home)
Hallmark Card Studio 2011 Deluxe (HKLM\...\{62687EAC-F27D-49AC-A0E2-3899B0459113}) (Version: 12.0.2.6 - Hallmark Software)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Product Detection (HKLM\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP RC Mirror Driver (Version: 2.0.0.0 - Hewlett-Packard) Hidden
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IntelliMover (HKLM\...\{B6751A10-2389-4AEF-870A-4DD925F48733}) (Version: 3.63 - Detto Technologies)
iPod for Windows 2006-06-28 (Version: 4.7.0 - Apple Computer, Inc.) Hidden
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version: - )
Livescribe Helper (HKLM\...\Livescribe Helper 1.0.2) (Version: 1.0.2 - Livescribe Inc)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Digital Image Suite 2006 (HKLM\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Digital Image Suite 2006 Editor (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Digital Image Suite 2006 Library (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Greetings 2000 (HKLM\...\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}) (Version: 4.0.0000 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{B6AC9178-8DE8-4654-97C8-7B71C7CBE683}) (Version: 3.50.242.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Picture It! 2000 (HKLM\...\{E78FC917-C21B-11D2-99FE-00105A98B681}) (Version: 4.0.0.0 - Microsoft)
Microsoft Search Enhancement Pack (HKLM\...\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}) (Version: 3.0.133.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OverDrive Media Console (HKLM\...\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}) (Version: 3.2.5 - OverDrive, Inc.)
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PHOTOfunSTUDIO 5.0 (HKLM\...\{959282E3-55A9-49D8-B885-D27CF8A2FD82}) (Version: 5.00.209 - Panasonic Corporation)
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
PictureProject In Touch Downloader 1.0 (HKLM\...\PictureProject In Touch Downloader) (Version: 1.0 - Fotonation Inc.)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
PS_AIO_02_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Roxio Creator DE 10.3 (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
vanBasco's Karaoke Player (HKLM\...\VMidi) (Version: - )
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WD Drive Manager (x86) (HKLM\...\{E934E2A2-BE3B-4C1A-A3D9-753FFB2B38B4}) (Version: 2.103 - Western Digital)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - WebEx Communications, Inc)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
16-05-2014 19:03:56 End of disinfection
14-06-2014 00:59:29 Windows Update
02-07-2014 21:53:34 Windows Update
13-07-2014 20:33:24 avast! antivirus system restore point
13-07-2014 20:35:46 Device Driver Package Install: Avast Network Service
23-07-2014 01:49:06 Installed HiJackThis
25-07-2014 20:20:56 Removed HiJackThis
25-07-2014 20:21:33 Removed Google Drive
25-07-2014 20:25:54 Installed HiJackThis
13-08-2014 20:04:25 Installed HP Update.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {09CDC56C-157C-4D97-B694-C954514959BD} - System32\Tasks\{14B3793A-EB0B-422F-9A42-9840F1BD94A4} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {14EB18A4-C6D1-4E57-8086-943D4491AA10} - System32\Tasks\{B8026622-9AD3-4356-8649-B6B687800D4C} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {1A135B76-F544-477F-905E-E8E0903CDFED} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-13] (AVAST Software)
Task: {25047F3E-1D94-4C4B-9639-E0F1CE75905E} - System32\Tasks\{5EDCAD6D-F5A7-4BDD-BB73-50652E6D0048} => C:\Program Files\Creative Home\Hallmark Card Studio 2008 Deluxe\Hallmark Card Studio 2008.exe [2007-10-03] (Creative Home)
Task: {515DB207-623C-4113-BCD9-7CAD89430F3B} - System32\Tasks\{12C2787B-FF61-4A21-B1FB-12256565DB97} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {5C1C2EAC-91A1-4E3A-898D-3D455E8529A6} - System32\Tasks\{A4FC6B95-5BA4-46AA-834C-E96B9DD9D4BD} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {6E42190C-26A9-407B-9641-114B8F5FAE2E} - System32\Tasks\{E82068A0-FCC9-41A4-BD07-6E61187E06C8} => C:\Users\Deni\Desktop\vanBasco's Karaoke Player\vmidi.exe
Task: {7B2E5C77-7568-4BF2-8D53-55C324331B18} - System32\Tasks\{2329800E-0AD0-4363-9316-EE9B55B62659} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {7DD1BF38-B372-4F4D-BA7C-67B81F8BE552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05] (Google Inc.)
Task: {943DD186-E7C3-407F-AB57-AFE4169C1ADF} - System32\Tasks\{C85B9E07-8AA4-4E03-8465-4E7EA3A1FFC2} => C:\Program Files\vanBasco's Karaoke Player\vmidi.exe [2004-03-11] ()
Task: {A3E48FAA-E243-4D8D-B1A7-A7F71243A6C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05] (Google Inc.)
Task: {A4B7423F-40AC-4344-A0DA-50AE8A9AE8EB} - System32\Tasks\{161DDA94-2C3D-4DDC-BA23-B03CD141F01C} => C:\Program Files\vanBasco's Karaoke Player\vmidi.exe [2004-03-11] ()
Task: {AD59AF74-8CB1-4C46-8AC3-88FA20F20A86} - \Run RoboForm TaskBar Icon No Task File <==== ATTENTION
Task: {C23D22D1-CED1-40FB-9A75-37C886B6F8B8} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {C77D8EC2-3DF7-4E15-8A7A-D6EA547C6F85} - System32\Tasks\{BF77CC00-8B94-40BD-9C4C-FE8F78DC379A} => C:\Users\Deni\Desktop\vanBasco's Karaoke Player\vmidi.exe
Task: {E5511BA7-A903-43F2-BEDC-881905872DCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E92A3065-6C71-42FE-A543-591E058F4B66} - System32\Tasks\{E4304D56-C64D-4DC0-AA38-55849AE050EE} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {FEE56706-F5E7-491D-A629-3F3F85D78F4B} - System32\Tasks\{67DC3A3E-113B-4C67-8274-E7FAAB80CC76} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-13 13:35 - 2014-07-13 13:35 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-13 11:27 - 2014-08-13 11:27 - 02797056 _____ () C:\Program Files\AVAST Software\Avast\defs\14081301\algo.dll
2014-08-14 11:19 - 2014-08-14 11:19 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081401\algo.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-05 16:35 - 2012-11-05 16:35 - 00276992 ____N () C:\Program Files\Common Files\Livescribe\PenComm\PenCommSdk.dll
2014-07-13 13:35 - 2014-07-13 13:35 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-13 13:27 - 2014-08-13 13:27 - 00043008 _____ () c:\users\deni\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgkzq8s.dll
2013-10-18 16:55 - 2013-10-18 16:55 - 25100288 _____ () C:\Users\Deni\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-09 17:12 - 2014-03-09 17:12 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc 7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-06-30 13:25 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-27 13:51 - 2012-07-27 13:51 - 06549432 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\authplay.dll
2013-05-10 00:57 - 2013-05-10 00:57 - 00305728 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
2014-05-11 15:57 - 2014-08-13 13:28 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-07-09 09:40 - 2014-07-09 09:40 - 17029808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Deni\Documents\FwBlondeBreakdown.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\FWRulestoLiveByFw.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\Hi + resume.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\HMO.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\MarriageOne-liners.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Classes\.exe: => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder 2008.lnk => C:\Windows\pss\Event Planner Reminder 2008.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder.lnk => C:\Windows\pss\Event Planner Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk => C:\Windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
MSCONFIG\startupreg: AddressBookReminderApp => C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\ReminderApp.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Faulty Device Manager Devices =============
Name: Photosmart C8100 series
Description: Photosmart C8100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/14/2014 00:46:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8845
Error: (08/14/2014 00:46:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8845
Error: (08/14/2014 00:46:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/14/2014 00:46:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7831
Error: (08/14/2014 00:46:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7831
Error: (08/14/2014 00:46:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/14/2014 00:46:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6786
Error: (08/14/2014 00:46:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6786
Error: (08/14/2014 00:46:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/14/2014 00:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5772
System errors:
=============
Error: (08/14/2014 10:28:19 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (08/14/2014 10:27:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
Error: (08/13/2014 01:39:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{10DA4F3C-CC99-4190-BE4D-58330754E882}{7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (08/13/2014 01:39:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{10DA4F3C-CC99-4190-BE4D-58330754E882}{7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (08/13/2014 01:39:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{10DA4F3C-CC99-4190-BE4D-58330754E882}{7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (08/13/2014 01:18:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (08/13/2014 01:18:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (08/13/2014 01:18:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (08/13/2014 01:04:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (08/13/2014 00:36:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Microsoft Office Sessions:
=========================
Error: (12/17/2013 01:13:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 779 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/22/2013 09:39:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 64 seconds with 60 seconds of active time. This session ended with a crash.
Error: (04/18/2012 05:37:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1016 seconds with 600 seconds of active time. This session ended with a crash.
Error: (12/29/2011 05:54:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2555 seconds with 1920 seconds of active time. This session ended with a crash.
Error: (05/11/2011 03:20:21 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 321570 seconds with 720 seconds of active time. This session ended with a crash.
Error: (05/11/2011 03:20:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 135227 seconds with 1860 seconds of active time. This session ended with a crash.
Error: (09/16/2010 03:24:54 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1271506 seconds with 180 seconds of active time. This session ended with a crash.
Error: (12/21/2009 09:35:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2010-03-08 09:34:44.958
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-08 08:45:42.610
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-08 00:35:05.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-04 17:59:37.817
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-03 09:16:53.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-03 08:59:52.204
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-02 22:30:15.184
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-02 22:14:03.854
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-02 21:48:30.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
Date: 2010-03-02 21:32:27.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 48%
Total physical RAM: 3036.99 MB
Available physical RAM: 1549.2 MB
Total Pagefile: 6072.27 MB
Available Pagefile: 3838.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.13 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:218.14 GB) (Free:81.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 71B1E4FB)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218 GB) - (Type=07 NTFS)
==================== End Of Log ============================
TDSS rootkit removing tool on next post: