Quantcast
Channel: Tech Support Guy - Virus & Other Malware Removal
Viewing all 4746 articles
Browse latest View live

slowing computer- log attached

0
0
I have a Panasonic Toughbook CF-52 with Windows 7. Over the past month it has become slower and slower. At times locking up for a while and chrome resets. Not sure what is causing it. As a start hijackthis log is attached below. Any guidance would be greatly appreciated. Thank you.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:07:02 PM, on 11/16/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Panasonic\Hotkey Appendix\hkeyapp.exe
C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\KONICA MINOLTA\FTP Utility\KMFtp.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Users\ep_user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ep_user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ep_user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ep_user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Users\ep_user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\ep_user\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ga.state.gegov.com/webadmin/login.cfm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Panasonic Hotkey Manager] C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\ep_user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1784816971-1575156748-3080852571-1009\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'ServSafe')
O4 - Global Startup: FTP Utility.lnk = C:\Program Files\KONICA MINOLTA\FTP Utility\KMFtp.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: VPN Client.lnk = ?
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0) - http://javadl-esd.sun.com/update/1.6...ndows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Panasonic PC Information Viewer Service 2 (PcInfoPi) - Panasonic Corporation - C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe
O23 - Service: Panasonic PC Information Viewer (PcInfoSV) - Panasonic Corporation - C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: MEEClientService (SCCommService) - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Managed Client\SCComm.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--
End of file - 9441 bytes

Damaged system

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 2806 Mb
Graphics Card: Intel(R) HD Graphics, 1275 Mb
Hard Drives: C: Total - 591945 MB, Free - 512263 MB;
Motherboard: Acer, Aspire 5733
Antivirus: AVG AntiVirus Free Edition 2014, Updated and Enabled


Hi there :)


I have ran Ccleaner. Malware Anti Malware Bytes. AVG. Anvi Smart Defender but my system is still sluggish, web pages not opening correctly, images not loading and video not running smoothly.


Also incredibly slow when booting up.


Any insight into or help with these issues would be greatly appreciated.


Many thanks in advance.

getting ad pop ups

0
0
ok did it, thank you

Cant turn on defender, install windows updates or get rid of adware/malware-HELP

0
0
I'm almost positive that my title says it all, whatever is on this laptop, is stubborn! I'm savvy enough to get myself in trouble and have tried so many things - perhaps I've made it worse or it even more likely, just beyond my scope of knowledge.
I am unable to install windows updates- they it says failed. Malwarebytes scanned caught & quarantined, emsisoft installed, scanned- quaritined- (since uninstalled), same with eset online scanner.

When I go to a webpage, the entire page shifts down, I get blocks of flashing ads on the page and sometimes another tab opens up- according to my history it's "a.akamaihd.net redirect".

I've got complete scan logs from farbwar that I can provide, but as requested before posting here is the information on this computer.
Please Please please help..

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Pentium(R) CPU 2127U @ 1.90GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 2
RAM: 3965 Mb
Graphics Card: Intel(R) HD Graphics, 2046 Mb
Hard Drives: C: Total - 463032 MB, Free - 397429 MB; Y: Total - 489 MB, Free - 192 MB;
Motherboard: Dell Inc., 0FXP6Y
Antivirus: Windows Defender, Disabled

Computer acting odd, HJT attached

0
0
I am trying to help my dad with his computer issues. It started with an issue only in MS Outlook. When he starts the computer first thing in the morning and tries to open Outlook it gets stuck in "Not responding". I wanted to run some clean up to see if that woud fix the issue. I was able to empty the deleted mail with no problem. Then I tried to delete browsing history using Internet Options in Control panel. I waited 15 minutes or more and it seemed stuck. I tried to run a Disk Cleanup through System Tools, that got about half way through gathering data and also stuck for over 10 minutes. I noticed one of the svchost processes using a lot of memory. I ran an HJT log so I could send it. Sadly I am not still at the comptuer to run the TGS Sysinfo.

The computer is an HP Paviion P7-1287c
I5 2400 Intel Processor
8 gig DDR3 Memory
1 Terabyte Hard drive
Runnin MS Security Essentials

Any help would be appreciated

Attached Files
File Type: txt hijackthis20141115.txt (11.5 KB)

Google Chrome disabled wont start suspect VOSTERAN.COM ???

0
0
Hi
Can anyone help witha Virus i think something to do with (Vosteran.com) as this appears in my start browser whenever i click on google chrome or canary. I have read the internet back n forth for solutions but all suggestions have failed to stop this from happening?

its been fine till about a week ago, go slowish loading browser and then just refused to let google load anything.. I have now downloaded firefox and have IE that works fine and i can get onto google through these but google appears dead?? "Google chrome has stopped working correctly. Windows will close the program and notify you if a solution is available. "

I copied the vosteran.com link as it first appeared in my Google browser in case this is any help for anyone its read: (Attached word doc with link saved here FYI)
http://vosteran.com/?f=7&a=vst_ggbg_...=967712479&ir=


___________________________________________________________________________ ______________


Please can anyone help???


Thank you



Regards


John


Contact me: useditto@googlemail.com

Attached Files
File Type: doc VOSTERAN VIRUS DETAILS LINK.doc (29.5 KB)

may have been hacked

0
0
Sorry, here is the system info:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz, Intel64 Family 6 Model 37 Stepping 2
Processor Count: 4
RAM: 5879 Mb
Graphics Card: Intel(R) Graphics Media Accelerator HD, -1284 Mb
Hard Drives: C: Total - 942146 MB, Free - 422601 MB; D: Total - 11619 MB, Free - 1402 MB;
Motherboard: MSI, 2A9C
Antivirus: avast! Antivirus, Updated and Enabled

Browser & comp running slow, not responding

0
0
wcjohnson66,
While we sort that out..
-----------------------------------------------------------
Download and Run the Farbar Scan Tool
  • Download FRST64 and save to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST64 will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

askey127

computer mess-up

0
0
I was working on some videos, which engendered several unwanted pop-ups. I removed what I could out of "Add and Remove Programs". In the process I must have really messed up my computer. Not only is it now painfully slow, but I still get numerous pop-ups including Runtime Error, etc. messages.

I was trying to download an HP program that I've downloaded many times before; it froze midway. The tech support at HP connected to my computer, which - she said - was full of errors; she tried to install a driver and was unable to do so.

My computer is a Dell Inspiron 530, and I use WindowsXP. The HP program had come with an HP printer that I had acquired some years ago, and it is incompatible with Windows7 or above.( That HP printer disc includes software to create a certain type of calendar that I make yearly for my various family members, and that's why I really need to be able to use it.)

What can I do to clean up my computer - I tried Reimage, but it crashed too.

Please help! (I'm writing this from my HP Netbook)

Ads and HTML links on every page.

0
0
FRST64 Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014
Ran by Knight1911 at 2014-11-17 18:43:31
Running from C:\Users\Knight1911\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3250451271-2232601195-856269239-1000\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3250451271-2232601195-856269239-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Aliens versus Predator Classic 2000 (HKLM-x32\...\Steam App 3730) (Version: - Rebellion)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ancient Weapon Sounds (HKLM-x32\...\{E00A5837-482C-4DCE-B4CC-D16B343374E1}) (Version: 2.1.1 - Screaming Bee)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - )
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version: - Bohemia Interactive)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
AVerMedia Live Gamer HD Series 3.3.64.42 (HKLM-x32\...\AVerMedia Live Gamer HD Series) (Version: 3.3.64.42 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.45 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.45 - AVerMedia Technologies, Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4213 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version: 1.5.1.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.15221 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Better Brain 1.10.0.2 (HKLM-x32\...\BetterBrain_1.10.0.2) (Version: 1.10.0.2 - Better Brain)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Contagion (HKLM-x32\...\Steam App 238430) (Version: - Monochrome LLC)
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version: - Vertigo Gaming)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Damned (HKLM-x32\...\Steam App 251170) (Version: - 9heads Game Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deep Dungeons of Doom (HKLM-x32\...\Steam App 325090) (Version: - Bossa Studios)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Desura (HKLM-x32\...\Desura) (Version: 100.57 - Desura)
Desura: Project Reality: Battlefield 2 (HKLM-x32\...\Desura_18631568130064) (Version: Full - Project Reality Team)
DJ Streaming Plug-In (HKLM-x32\...\{956F54F5-0AA4-441D-8933-7B45F4F56F74}) (Version: 4.3.0 - Screaming Bee)
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon The Game (HKLM-x32\...\Steam App 305960) (Version: - Red Level Games Inc.)
Dragons Prophet (HKU\S-1-5-21-3250451271-2232601195-856269239-1000\...\SOE-Dragons Prophet) (Version: - Sony Online Entertainment)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
Dungeon Defenders Eternity (HKLM-x32\...\Steam App 302270) (Version: - Nom Nom Games)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
F.E.A.R. Online (HKLM-x32\...\F.E.A.R. Online) (Version: - )
Fable Anniversary (HKLM-x32\...\Steam App 288470) (Version: - Lionhead Studios)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Fantasy Voice Pack (HKLM-x32\...\{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}) (Version: 1.3.2 - Screaming Bee)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX)
Furry Voices for Second Life (HKLM-x32\...\{2032DA39-C844-43AE-B638-6A4F7496686E}) (Version: 1.3.1 - Screaming Bee)
Galactic Voices (HKLM-x32\...\{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}) (Version: 1.3.1 - Screaming Bee)
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hack 'n' Slash (HKLM-x32\...\Steam App 246070) (Version: - Double Fine Productions)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Kingdom Wars (HKLM-x32\...\Steam App 227180) (Version: - Reverie World Studios, INC)
Landmark (HKLM-x32\...\Steam App 297810) (Version: - Sony Online Entertainment)
Landmark Beta (HKU\S-1-5-21-3250451271-2232601195-856269239-1000\...\SOE-Landmark Beta) (Version: - Sony Online Entertainment)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lichdom: Battlemage (HKLM-x32\...\Steam App 261760) (Version: - Xaviant)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version: - Digitalmindsoft)
Meridian: New World (HKLM-x32\...\Steam App 265120) (Version: - Elder Games)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Modern War Sounds (HKLM-x32\...\{A514E94F-C436-44C3-A1E9-1F58CD352669}) (Version: 1.0.1 - Screaming Bee)
MorphVOX Effects Rack (HKLM-x32\...\{4439ED25-D9ED-4E78-A41E-6C6C5DCEDE62}) (Version: 4.3.0 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{76828C87-C612-4329-843B-4DB58060030A}) (Version: 4.4.9 - Screaming Bee)
Mount Your Friends (HKLM-x32\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.1 - Black Tree Gaming)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.4.2 (HKLM-x32\...\OpenTTD) (Version: 1.4.2 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Personality Voices (HKLM-x32\...\{4B886E97-AF5B-46F0-9F48-6BE03149D972}) (Version: 1.0.1 - Screaming Bee)
PlanetSide 2 (HKU\S-1-5-21-3250451271-2232601195-856269239-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
Radial-G SP Demo v1.3 (HKLM-x32\...\{B7D14920-5450-4128-BFCD-DF020295B145}) (Version: 1.3 - Tammeka Games)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version: - Croteam)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2379.10 - Hi-Rez Studios)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Special Effects Voices (HKLM-x32\...\{913C4C4F-9E3E-41A6-A614-1BDC1352A225}) (Version: 1.0.2 - Screaming Bee)
Spooky Sounds (HKLM-x32\...\{F71EBF86-9A73-44C0-A674-55FA3E4A8428}) (Version: 2.1.1 - Screaming Bee)
Spotify (HKU\S-1-5-21-3250451271-2232601195-856269239-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
SteamVR (HKLM-x32\...\Steam App 250820) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.23 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
The Binding of Isaac Rebirth 1.0 (HKLM-x32\...\The Binding of Isaac Rebirth 1.0) (Version: 1.0 - Games on Cat-A-Cat.Net)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls IV: Oblivion (HKLM-x32\...\Steam App 22330) (Version: - Bethesda Game Studios)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Fifth Day (HKLM-x32\...\Steam App 312210) (Version: - Touz)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version: - Turbine, Inc.)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.16.10 - Electronic Arts Inc.)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version: - Black Pants Game Studio)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.7.2 - Electronic Arts)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Translator Fun Voice Pack (HKLM-x32\...\{C39768C1-82E7-4466-8526-2D8AC44B768F}) (Version: 1.5.1 - Screaming Bee)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Turbo Dismount (HKLM-x32\...\Steam App 263760) (Version: - Secret Exit Ltd.)
Unity Web Player (HKU\S-1-5-21-3250451271-2232601195-856269239-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VASSAL (3.2.11) (HKLM\...\VASSAL (3.2.11)) (Version: 3.2.11 - vassalengine.org)
Verdun (HKLM-x32\...\Steam App 242860) (Version: - M2H)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Voice Splicer Plug-In (HKLM-x32\...\{5A53F620-6A7A-4362-94AD-12D9FCB856E1}) (Version: 4.2.11 - Screaming Bee)
War Thunder Launcher 1.0.1.340 (HKLM-x32\...\{abc8eea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version: - Eugen Systems)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireless Lite-N Client Utility (HKLM-x32\...\{08C66AEF-E8AA-4204-8867-CABC4D5E9B07}) (Version: 1.0 - Rosewill Inc. )
Workplace Backgrounds (HKLM-x32\...\{13304708-E115-4044-82DA-88A6F5424359}) (Version: 1.0.0 - Screaming Bee)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1624EBF1-4DAA-48CC-9BC7-D5A48AD5C995} - System32\Tasks\0914avtUpdateInfo => C:\ProgramData\Avg_Update_0914avt\0914avt_AVG-Secure-Search-Update.exe [2014-09-14] ()
Task: {1F5EFA21-5133-4C81-A312-6B6160239C3D} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-03] (Synaptics Incorporated)
Task: {5698986C-055C-42C4-9D7F-D2BE2DC72512} - \ASP No Task File <==== ATTENTION
Task: {64F44F32-92EF-4F74-A1FF-6AC8473465EC} - System32\Tasks\EPSON XP-410 Series Update {DF5F0106-642B-4212-8B5F-6BC29A5FB5DD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {7614DB91-E5EE-4176-9BD8-6CDF7A6EC4F3} - System32\Tasks\AdobeAAMUpdater-1.0-Knight1911-PC-Knight1911 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {A8E80595-C396-44FB-9970-BEAF3B0D8086} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-17] (Google Inc.)
Task: {C39F6C6E-A307-4456-B097-23CFD0A52F14} - System32\Tasks\EPSON XP-410 Series Invitation {DF5F0106-642B-4212-8B5F-6BC29A5FB5DD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {CA9C9B8B-2E1C-4703-A585-A6B52B37A6E1} - System32\Tasks\SUPERAntiSpyware Scheduled Task 35b5b0ab-6d93-4dfc-96e1-d79edddeafc7 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {D6377714-608E-49B2-B1AF-E86EE02E1BE0} - System32\Tasks\UpdaterEX => C:\Users\KNIGHT~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E4AF8A67-8B3F-489E-9187-DF93DE385B47} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-17] (Google Inc.)
Task: {ED236440-0081-45D7-B941-FB34003458C4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 3ce4ed33-dd84-47ad-a051-637271b86456 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: C:\Windows\Tasks\0914avtUpdateInfo.job => C:\ProgramData\Avg_Update_0914avt\0914avt_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\EPSON XP-410 Series Invitation {DF5F0106-642B-4212-8B5F-6BC29A5FB5DD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\EPSON XP-410 Series Update {DF5F0106-642B-4212-8B5F-6BC29A5FB5DD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 35b5b0ab-6d93-4dfc-96e1-d79edddeafc7.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 3ce4ed33-dd84-47ad-a051-637271b86456.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\KNIGHT~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-09-15 17:13 - 2014-09-15 17:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-07-24 15:19 - 2014-09-10 12:47 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-09-15 17:13 - 2014-09-15 17:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-11 16:45 - 2014-10-02 10:06 - 00613944 _____ () C:\Users\Knight1911\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-11-17 18:41 - 2014-11-17 18:41 - 02140160 _____ () C:\Users\Knight1911\Desktop\AdwCleaner.exe
2014-04-11 16:45 - 2014-10-02 10:06 - 36966968 _____ () C:\Users\Knight1911\AppData\Roaming\Spotify\Data\libcef.dll
2012-08-28 19:32 - 2012-08-28 19:32 - 00014336 _____ () C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\FPSClient.dll
2014-03-18 22:22 - 2014-03-18 22:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-10-22 02:24 - 2013-10-22 02:24 - 24978944 _____ () C:\ProgramData\Razer\SwitchBlade\Resources\CEF1\libcef.dll
2013-10-22 02:24 - 2013-10-22 02:24 - 00736256 _____ () C:\ProgramData\Razer\SwitchBlade\Resources\CEF1\libglesv2.dll
2013-10-22 02:24 - 2013-10-22 02:24 - 00130048 _____ () C:\ProgramData\Razer\SwitchBlade\Resources\CEF1\libegl.dll
2014-07-08 01:53 - 2014-10-02 10:06 - 00867896 _____ () C:\Users\Knight1911\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-04-11 16:45 - 2014-10-02 10:06 - 00886840 _____ () C:\Users\Knight1911\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-04-11 16:45 - 2014-10-02 10:06 - 00108600 _____ () C:\Users\Knight1911\AppData\Roaming\Spotify\Data\libegl.dll
2014-07-22 08:57 - 2014-07-22 08:57 - 00307712 _____ () C:\Users\Knight1911\AppData\Roaming\Curse Client\Bin\opus.dll
2014-07-22 08:57 - 2014-07-22 08:57 - 00437248 _____ () C:\Users\Knight1911\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
2014-11-17 08:04 - 2014-11-05 17:56 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libglesv2.dll
2014-11-17 08:04 - 2014-11-05 17:56 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libegl.dll
2014-11-17 08:04 - 2014-11-05 17:57 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\pdf.dll
2014-11-17 08:04 - 2014-11-05 17:56 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\ffmpegsumo.dll
2014-11-17 08:04 - 2014-11-05 17:57 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\PepperFlash\pepflashplayer.dl l

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-3250451271-2232601195-856269239-1000\Software\Classes\.exe: => <===== ATTENTION!
HKU\S-1-5-21-3250451271-2232601195-856269239-1000\Software\Classes\exefile: <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RzMiMoAppService.lnk => C:\Windows\pss\RzMiMoAppService.lnk.CommonStartup
MSCONFIG\startupreg: EADM => "E:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: uTorrent => "C:\Users\Knight1911\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-3250451271-2232601195-856269239-500 - Administrator - Disabled)
Guest (S-1-5-21-3250451271-2232601195-856269239-501 - Limited - Disabled)
Knight1911 (S-1-5-21-3250451271-2232601195-856269239-1000 - Administrator - Enabled) => C:\Users\Knight1911

==================== Faulty Device Manager Devices =============

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HID-compliant game controller
Description: HID-compliant game controller
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2014 06:41:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (11/17/2014 06:41:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (11/17/2014 06:38:59 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/17/2014 06:36:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2014 02:55:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (11/17/2014 02:55:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (11/17/2014 02:50:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2014 08:04:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17420, time stamp: 0x545ad233
Faulting module name: atidxx32.dll, version: 8.17.10.569, time stamp: 0x541761f5
Exception code: 0xc0000005
Fault offset: 0x004b5b4a
Faulting process id: 0x14d4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (11/17/2014 06:43:45 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (11/17/2014 06:42:26 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (11/17/2014 06:36:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/17/2014 06:30:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:50:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:49:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:49:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:48:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:48:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:48:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:48:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/17/2014 02:48:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (11/17/2014 06:41:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (11/17/2014 06:41:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (11/17/2014 06:38:59 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/17/2014 06:36:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2014 02:55:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (11/17/2014 02:55:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (11/17/2014 02:50:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2014 08:04:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17420545ad233atidxx32.dll8.17.10.569541761f5c00000050 04b5b4a14d401d0026f23a1020fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\atidxx32.dll974d56e1-6e62-11e4-8aae-3085a98eae77

Error: (11/17/2014 06:43:45 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/17/2014 06:42:26 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Your Windows Licence Will Expire Soon

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 64 bit
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 3988 Mb
Graphics Card: Intel(R) HD Graphics 4000, -2037 Mb
Hard Drives: C: Total - 693542 MB, Free - 654606 MB; D: Total - 20271 MB, Free - 20173 MB;
Motherboard: Hewlett-Packard, 183F
Antivirus: Windows Defender, Disabled

I bought a used laptop last week and all seemed ok until yesterday when I booted up !!
A message opened up on the desktop stating that my windows licence will expire soon (Dec 15th) and to click on the tab to take me to PC Settings and to put in my Windows Product Key which I did ( Duh ) and when I did so it said it was wrong and to try another !!
I then thought...why would windows licence expire when it clearly showed it was activated ?
Is this Malware ?

Any help much appreciated

No Internet connection and MyOSProtect.dll error

0
0
Addition

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-11-2014
Ran by rhaight at 2014-11-17 23:15:45
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Out of date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Microsoft Security Essentials (Enabled - Out of date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 16.1.1 - Hewlett-Packard) Hidden
ActiveState Komodo Edit 8.5.4 (HKLM\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.4 - ActiveState Software Inc.)
ActiveState Komodo IDE 8.5.4 (HKLM\...\{F55999C1-E7CA-405D-8A62-66EE1ABB22AE}) (Version: 8.5.4 - ActiveState Software Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2D DD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG PC Tuneup (HKLM\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.27 - AVG)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother P-touch Editor 5.1 (HKLM\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0120 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM\...\{A598BEC3-4F02-413E-9649-C5A1879DB558}) (Version: 1.0.0010 - Brother Industries, Ltd.)
Burn.Now 4.5 (Version: 4.5.0 - Corel Corporation) Hidden
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.4.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.5.14 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MP470 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series) (Version: - )
Canon MX470 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX470_series) (Version: 1.00 - Canon Inc.)
Canon MX470 series On-screen Manual (HKLM\...\Canon MX470 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MX470 series User Registration (HKLM\...\Canon MX470 series User Registration) (Version: - *Canon Inc.)‬
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM\...\Speed Dial Utility) (Version: 1.4.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cisco Systems VPN Client 5.0.06.0160 (HKLM\...\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}) (Version: 5.0.6 - Cisco Systems, Inc.)
Cisco WebEx Connect (HKLM\...\{599EB71F-CFBA-43DF-94F1-385AE832A2D2}) (Version: 7.2.2.16951 - WebEx Communications Ltd.)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.2 - Conexant)
Configuration Manager Client (Version: 4.00.6487.2000 - Microsoft Corporation) Hidden
Corel Burn.Now Lenovo Edition (HKLM\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel WinDVD (HKLM\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.787 - Corel Inc.)
Dealio Toolbar v9.7 (HKLM\...\{6F45502B-4C52-4CE3-90B9-B4B8BB0706F5}) (Version: 9.7 - Spigot, Inc.) <==== ATTENTION
Dropbox (HKU\S-1-5-21-903375226-1813508666-307258900-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
dsdminst (Version: 1.00.0000 - Brother Industries, Ltd.) Hidden
Elements 9 Organizer (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (Version: 1.0 - Adobe Systems Incorporated) Hidden
Evernote v. 4.6.7 (HKLM\...\{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}) (Version: 4.6.7.8409 - Evernote Corp.)
FreeFixer (HKLM\...\FreeFixer1.11) (Version: 1.11 - Kephyr)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-903375226-1813508666-307258900-1000\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Talk (remove only) (HKU\S-1-5-21-903375226-1813508666-307258900-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.3.0.1010 (HKU\S-1-5-21-903375226-1813508666-307258900-1000\...\GoToMeeting) (Version: 5.3.0.1010 - CitrixOnline)
iCloud (HKLM\...\{8D9592B4-7E22-4D1F-B2CB-B5F0F2F619CB}) (Version: 4.0.3.56 - Apple Inc.)
Integrated Camera Driver Installer Package Ver.1.1.0.42 (HKLM\...\{C3CD17B4-08B0-492D-8A4C-81716D33E520}) (Version: 1.1.0.42 - RICOH)
Intel(R) Identity Protection Technology 1.0.74.0 (HKLM\...\{C6D4B05A-EA7E-1027-80EF-C925E740E99C}) (Version: 1.0.74.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
join.me (HKU\S-1-5-21-903375226-1813508666-307258900-1000\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
LiveUpdate 3.3 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.3.0.96 - Symantec Corporation)
Lotus Notes 8.0.1 (HKLM\...\{3C91D030-CBB8-4D87-8406-01C924C85E7C}) (Version: 8.01.8044 - IBM)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Memore_Loader (HKLM\...\{795E61E4-0198-4554-9B15-F3C42E2019C7}) (Version: 1.0.8 - Channel-1)
Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Lync 2013 (HKLM\...\Office15.LYNC) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Online Services Sign-in Assistant (HKLM\...\{4FAE8D74-FEA4-49F9-B061-D5E45E6A9ABB}) (Version: 7.250.4551.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5738 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13525 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Printer for Windows 7 (HKLM\...\PDF Printer for Windows 7_is1) (Version: - Vivid Document Imaging Technologies)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RICOH_Media_Driver_v2.13.18.02 (HKLM\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-012C-0000-0000-0000000FF1CE}_Office15.LYNC_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skitch (HKLM\...\Skitch 2.3.1.169) (Version: 2.3.1.169 - Evernote Corp.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090 - SmartSound Software Inc) Hidden
Spotify (HKU\S-1-5-21-903375226-1813508666-307258900-1000\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}) (Version: 11.0.6005.562 - Symantec Corporation)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.62.00.00 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.19.0 - )
VCM Suite (HKLM\...\{f5712957-7937-49ee-a1ce-6135c148fd62}) (Version: 2.24.262 - HP Tuners)
VideoFileDownload (HKLM\...\vfd-adk) (Version: 1.0 - VideoFileDownload)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WampServer 2.5 (HKLM\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
Web Protect for Windows (HKLM\...\wp-dcollect-tgu) (Version: 10.0.0 - PC Publishing) <==== ATTENTION
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-903375226-1813508666-307258900-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\rhaight\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Users\rhaight\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand .exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand .exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Users\rhaight\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{4EDE09DD-0761-4ABF-8DAD-1444A02C54A1}\localserver32 -> C:\Program Files\Brother\Ptedit51\Ptedit51.exe (Brother Industries, Ltd.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand .exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\rhaight\AppData\Local\Google\Chrome\Application\37.0.2062.120\dele gate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{5C90EF30-34B3-43e0-9148-0816982E3A0C}\localserver32 -> C:\Program Files\WebEx\Connect\connect.exe (Cisco WebEx)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1010\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Users\rhaight\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Users\rhaight\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{defa762b-ebc6-4ce2-a48c-32b232aac64d}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand .exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rhaight\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-903375226-1813508666-307258900-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\rhaight\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points =========================

10-11-2014 23:05:14 Windows Backup
12-11-2014 19:13:57 Windows Update
15-11-2014 01:37:45 Windows Update
17-11-2014 16:54:50 Restore Operation
18-11-2014 02:06:26 Device Driver Package Install: Microsoft Network adapters

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2014-11-05 19:19 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0034069D-CAC9-422E-8CD6-15BE42B867CF} - System32\Tasks\YWSZF => C:\Users\rhaight\AppData\Roaming\YWSZF.exe <==== ATTENTION
Task: {177D9590-3775-4EB5-8BB2-5DFDD72348ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {204FADC2-EA35-479A-9BDF-1132ADFD34CE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {265400DC-E43C-4726-865B-9DEDD0A4C275} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3149CA45-071B-43D8-BED9-E5D0E57BB182} - System32\Tasks\NWAEW => C:\Users\rhaight\AppData\Roaming\NWAEW.exe <==== ATTENTION
Task: {4B84DD09-DBAC-4D28-AA42-B56CB9254482} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {4D7E21B6-3C5E-480D-82BF-E0CD0E3D8048} - System32\Tasks\AdobeAAMUpdater-1.0-WL92460003-rhaight => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {5525D226-12B9-434F-BF4E-9F42DBC37860} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-06-16] (Microsoft Corporation)
Task: {55AEF06F-41B4-4164-8CCF-3191CA4A42C4} - System32\Tasks\{A322E093-00E5-4DD8-9BB4-115AD8D3CBDF} => C:\Users\rhaight\Desktop\Lotus Notes v5.0.12.exe
Task: {60043D13-1ED7-4CE0-8818-9B6174FBE8CD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for WL92460003-rhaight WL92460003 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-16] (Microsoft Corporation)
Task: {69814A3C-9637-43E7-A4F1-B871F9FF4E63} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {6ED0DD5E-A3C7-48B4-8EF0-C20603BE8824} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-06-16] (Microsoft Corporation)
Task: {7CFFA24E-624F-4D6D-AEDB-A0B3FD8D7479} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903375226-1813508666-307258900-1000Core => C:\Users\rhaight\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28] (Google Inc.)
Task: {7EA15D34-CB84-4E8A-8C2E-3FC2FC1A6965} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-16] (Microsoft Corporation)
Task: {839846CB-5936-4705-97D2-FDBC2277729C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {8A3054AC-174B-453D-9531-341386CD0DA5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903375226-1813508666-307258900-1000UA => C:\Users\rhaight\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28] (Google Inc.)
Task: {9C236C8C-DEDC-45FC-8D38-94CFF985133C} - \20c2cc1e-14d1-4e4a-975c-63c9860aa2aa-7 No Task File <==== ATTENTION
Task: {AC570907-76B7-45A8-92FF-F36144FAB48E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: {ACF26ECC-2DDA-48A2-9C69-A225D934C9E0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C9615557-74F5-41A0-8178-B42D4B309FC4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E266D146-8EB9-4642-8166-D636F43701D8} - System32\Tasks\SGK => C:\Users\rhaight\AppData\Roaming\SGK.exe <==== ATTENTION
Task: {E8148FC9-AC01-4F17-8954-D55C6D9BB031} - System32\Tasks\{5EA0713D-A73D-48BE-9510-7E477C090498} => C:\Users\rhaight\Desktop\Lotus Notes v5.0.12.exe
Task: {EB69FD5F-96CC-4C7C-82A3-0C16534B397F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F24A1EDF-190D-4652-ABB5-B900D4D5DEA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {F8443559-A562-44FA-84E1-C99D83EF303B} - System32\Tasks\IYLITH => C:\Users\rhaight\AppData\Roaming\IYLITH.exe <==== ATTENTION
Task: {FF4246C8-A273-4683-9ECA-6B6AFFD0F1E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-903375226-1813508666-307258900-1000Core.job => C:\Users\rhaight\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-903375226-1813508666-307258900-1000UA.job => C:\Users\rhaight\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IYLITH.job => C:\Users\rhaight\AppData\Roaming\IYLITH.exe <==== ATTENTION
Task: C:\Windows\Tasks\NWAEW.job => C:\Users\rhaight\AppData\Roaming\NWAEW.exe <==== ATTENTION
Task: C:\Windows\Tasks\SGK.job => C:\Users\rhaight\AppData\Roaming\SGK.exe <==== ATTENTION
Task: C:\Windows\Tasks\YWSZF.job => C:\Users\rhaight\AppData\Roaming\YWSZF.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-11-10 14:28 - 2011-02-28 17:37 - 00180624 _____ () C:\Windows\System32\Primomonnt.dll
2014-06-16 12:35 - 2013-10-31 17:14 - 00077992 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2014-10-30 17:26 - 2013-06-28 01:28 - 00084616 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2014-06-16 12:37 - 2014-06-16 12:43 - 08890536 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\1033\GrooveIntlResource.dll
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-10-24 08:50 - 2014-08-25 12:42 - 00043008 _____ () C:\Program Files\Evernote\Skitch\libgcc_s_dw2-1.dll
2014-10-24 08:50 - 2014-08-25 12:42 - 00011362 _____ () C:\Program Files\Evernote\Skitch\mingwm10.dll
2014-11-17 22:28 - 2014-11-17 22:28 - 00043008 _____ () c:\users\rhaight\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvbes7t.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\rhaight\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\Users\rhaight\Desktop\2012-01-13-12-34-42.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\rhaight\Desktop\2012-01-13-12-42-24.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\rhaight\Desktop\active-events.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\rhaight\Desktop\motorola-mc55_session.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\rhaight\Desktop\sample_session_scanner.jpg:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Application Updater => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: Norton PC Checkup Application Launcher => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk => C:\Windows\pss\VPN Client.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cisco WebEx Connect => "C:\Program Files\WebEx\Connect\connect.exe"
MSCONFIG\startupreg: DW7 => "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\rhaight\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IMSS => "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_roc_ssl_v12 => "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
MSCONFIG\startupreg: RotateImage => C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Skitch => C:\Program Files\Evernote\Skitch\Skitch.exe -start-on-hide
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\rhaight\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\rhaight\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-903375226-1813508666-307258900-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-903375226-1813508666-307258900-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-903375226-1813508666-307258900-1002 - Limited - Enabled)
rhaight (S-1-5-21-903375226-1813508666-307258900-1000 - Administrator - Enabled) => C:\Users\rhaight

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2014 10:33:30 PM) (Source: Symantec AntiVirus) (EventID: 45) (User: WL92460003)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info: Terminate Process
Action Taken: Logged
Actor Process: C:\Windows\system32\taskmgr.exe (PID 4164)
Time: Monday, November 17, 2014 10:33:30 PM

Error: (11/17/2014 10:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CNQMMAIN.EXE version 2.3.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11a8

Start Time: 01d002dfa51277e1

Termination Time: 0

Application Path: C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE

Report Id: 7f35776b-6ed3-11e4-90bf-0021ccb6b408

Error: (11/17/2014 10:29:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lync.exe, version: 15.0.4667.1000, time stamp: 0x543d3276
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x531599f6
Exception code: 0xe06d7363
Fault offset: 0x0000812f
Faulting process id: 0x1208
Faulting application start time: 0xlync.exe0
Faulting application path: lync.exe1
Faulting module path: lync.exe2
Report Id: lync.exe3

Error: (11/17/2014 10:27:52 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: Failed to start the Windows Mobile-2003-based device connectivity service due to IPv4 failure (see data for failure code).

Error: (11/17/2014 10:27:33 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (11/17/2014 07:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lync.exe, version: 15.0.4667.1000, time stamp: 0x543d3276
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x531599f6
Exception code: 0xe06d7363
Fault offset: 0x0000812f
Faulting process id: 0xdd0
Faulting application start time: 0xlync.exe0
Faulting application path: lync.exe1
Faulting module path: lync.exe2
Report Id: lync.exe3

Error: (11/17/2014 07:24:32 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: Failed to start the Windows Mobile-2003-based device connectivity service due to IPv4 failure (see data for failure code).

Error: (11/17/2014 07:22:32 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (11/17/2014 07:08:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lync.exe, version: 15.0.4667.1000, time stamp: 0x543d3276
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x531599f6
Exception code: 0xe06d7363
Fault offset: 0x0000812f
Faulting process id: 0x14bc
Faulting application start time: 0xlync.exe0
Faulting application path: lync.exe1
Faulting module path: lync.exe2
Report Id: lync.exe3

Error: (11/17/2014 07:06:45 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: Failed to start the Windows Mobile-2003-based device connectivity service due to IPv4 failure (see data for failure code).


System errors:
=============
Error: (11/17/2014 11:11:21 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error %%-2147014790.

Error: (11/17/2014 11:11:21 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: The BITS service failed to start. Error 2147952506.

Error: (11/17/2014 11:09:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error %%-2147014790.

Error: (11/17/2014 11:09:46 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: The BITS service failed to start. Error 2147952506.

Error: (11/17/2014 11:07:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY59

Update Stage: 4.6.0305.00

Source Path: 4.6.0305.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/17/2014 11:06:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147014790

Error: (11/17/2014 11:06:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147014790

Error: (11/17/2014 10:40:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 4.6.0305.00

Source Path: 4.6.0305.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/17/2014 10:40:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 4.6.0305.00

Source Path: 4.6.0305.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/17/2014 10:40:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 4.6.0305.00

Source Path: 4.6.0305.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (11/17/2014 10:33:30 PM) (Source: Symantec AntiVirus) (EventID: 45) (User: WL92460003)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info: Terminate Process
Action Taken: Logged
Actor Process: C:\Windows\system32\taskmgr.exe (PID 4164)
Time: Monday, November 17, 2014 10:33:30 PM

Error: (11/17/2014 10:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CNQMMAIN.EXE2.3.0.011a801d002dfa51277e10C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE7f35776b-6ed3-11e4-90bf-0021ccb6b408

Error: (11/17/2014 10:29:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lync.exe15.0.4667.1000543d3276KERNELBASE.dll6.1.7601.18409531599f6e06d73630 000812f120801d002dfa62b5a41C:\Program Files\Microsoft Office\Office15\lync.exeC:\Windows\system32\KERNELBASE.dll1ebab14f-6ed3-11e4-90bf-0021ccb6b408

Error: (11/17/2014 10:27:52 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4

Error: (11/17/2014 10:27:33 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (11/17/2014 07:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lync.exe15.0.4667.1000543d3276KERNELBASE.dll6.1.7601.18409531599f6e06d73630 000812fdd001d002c5d0963d34C:\Program Files\Microsoft Office\Office15\lync.exeC:\Windows\system32\KERNELBASE.dll4c98b2c8-6eb9-11e4-8948-0021ccb6b408

Error: (11/17/2014 07:24:32 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4

Error: (11/17/2014 07:22:32 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (11/17/2014 07:08:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lync.exe15.0.4667.1000543d3276KERNELBASE.dll6.1.7601.18409531599f6e06d73630 000812f14bc01d002c39a39b6ecC:\Program Files\Microsoft Office\Office15\lync.exeC:\Windows\system32\KERNELBASE.dllfb349354-6eb6-11e4-b71a-0021ccb6b408

Error: (11/17/2014 07:06:45 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 3493.23 MB
Available physical RAM: 1929.2 MB
Total Pagefile: 6984.76 MB
Available Pagefile: 5481.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1887.29 MB

==================== Drives ================================

Drive c: (Partition Disk 0) (Fixed) (Total:298.09 GB) (Free:207.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:7.49 GB) (Free:6.87 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0F36363B)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== End Of Log ============================

Malware issues

0
0
lick on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.


Acting Weird

0
0
Please help. Computer is acting weird.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 6126 Mb
Graphics Card: AMD Radeon HD 6450, 512 Mb
Hard Drives: C: Total - 942063 MB, Free - 552926 MB; D: Total - 11702 MB, Free - 1430 MB;
Motherboard: PEGATRON CORPORATION, 2AB6
Antivirus: Computer Security, Updated and Enabled

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:25:28 AM, on 11/18/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)

FIREFOX: 33.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\syswow64\dllhost.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Users\Ed\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJP3BRAR\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [F-Secure Hoster (42626)] "C:\Program Files (x86)\Charter Security Suite\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BrYNSvc - Unknown owner - C:\Program Files (x86)\Browny02\BrYNSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12969 bytes

IE update pop-up ? ali-express pop-ups ?

0
0
2 separate virus/pop-up problems: I keep getting a pop-up/virus telling me my internet explorer needs to be updated ? the other pop-up / virus is from someplace called 'ali-express' or something like that, advertising clothes, flights, etc. ? I ran malwarebytes a number of times when I hade the about... virus; thanks

Computer Slow and Internet Sometimes has a mind of its own

0
0
Bumping this back up again...

loading pages problem

0
0
switch file converter? I have no clue to what it is. My son used to use my computer a lot, he may use it, Whats its purpose? sorry I didnt wait longer on the old scanning.I didnt think it took that long. Just impatient me.

ads by info killing me here

0
0
Here is my sysinfo:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4060 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1806 Mb
Hard Drives: C: Total - 464580 MB, Free - 323280 MB;
Motherboard: Dell Inc., 018D1Y
Antivirus: Microsoft Security Essentials, Updated and Enabled

I have "Ads by info" taking over my browser (there are four of them in my window right now). I am running Foxfire (the latest version, which I downloaded today, having uninstalled it yesterday out of frustration). In addition to Security Essential I have AVG free running. I've run malwarebytes numerous times, to no avail. I can't find ads by info in my "tree" so I can't run Revo to uninstall it. I seem to have picked up "deals4you" at the same time (whenever that was, but it may have been eradicated). Can you help me here? I don't have much hair left to pull out.

win32k.sys

0
0
Been having this problem for some time now. Thought I would come on here and see if anyone can help me with this older desktop computer.

Dell Dimension 4600
Windows XP Home
Pentium 4 CPU 2.40 Ghz
Memory 2.00 GB
HDD 80GB

BSOD comes up every day :
Problem has been detected and Windows has been shut down to prevent damage to your computer.
Page_Fault_In_Nonpaged_Area
Stop 0x00000050, (0XE38C901C, 0X00000000, 0XBF84CA7C, 0X00000001,
Win 32K.sys - Address BF84CA7C base at
BF800000, Date Stamp 52F43E77
Beginning dump of physical memory to disk
I have to shut the computer down and restart and after awhile I get the BSOD again. Any help would be greatly appreciated.

Bosveldman

0
0
Thank you so much for previous help but I still encounter system not responding and then I have to wait up to 5 min. and then the system become responsive again.
Can you please render some help what I must or must not do

Attached Files
File Type: txt System Info.txt (6.7 KB)
Viewing all 4746 articles
Browse latest View live




Latest Images