I can't open all txt & jpeg files thanx to Win32/Filecoder/CRTrojan. Nod32 found & removed all infections, but I still can't open these files. What do I do to open them? I have had no ransom notes. How can I decrypt them to get everything back again as it was?

Thank you

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by John at 2015-05-10 13:30:33
Running from C:\Users\John\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2944059519-1132189833-573973414-500 - Administrator - Disabled)
Barbara Osterholm (S-1-5-21-2944059519-1132189833-573973414-1004 - Administrator - Enabled) => C:\Users\Barbara Osterholm
Guest (S-1-5-21-2944059519-1132189833-573973414-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2944059519-1132189833-573973414-1002 - Limited - Enabled)
John (S-1-5-21-2944059519-1132189833-573973414-1001 - Administrator - Enabled) => C:\Users\John

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Disabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Internet Security (Disabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\Amazon Kindle) (Version: - Amazon)
Amazon Music (HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CMS (HKLM-x32\...\CMS_is1) (Version: 2.24.05 - CMS)
CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126b - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.3206 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp (HKLM-x32\...\dBpowerAMP) (Version: Release 15.1 - Illustrate)
dBpoweramp m4a Nero AAC Encoder (HKLM-x32\...\dBpoweramp m4a Nero AAC Encoder) (Version: Release 1 - Illustrate)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14 - Illustrate)
dBpoweramp Ogg Vorbis Codec (HKLM-x32\...\dBpoweramp Ogg Vorbis Codec) (Version: Release 23 (Vorbis v1.3.3) - Illustrate)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DePopper 2.x (HKLM-x32\...\DePopper2) (Version: - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DisplayLink Core Software (HKLM\...\{5D41DC9D-F8E9-4A17-A16F-466137D9B49E}) (Version: 6.1.35667.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{C3500153-BFEA-40E1-A50A-CA126994FF4E}) (Version: 6.1.35667.0 - DisplayLink Corp.)
D-Link DWA-121 (HKLM-x32\...\{ACB879B8-19A7-4310-BD93-5D745CA6B798}) (Version: - D-Link)
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Draw 4 App (HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\Draw 4 App) (Version: - Sun Microsystems, Inc.)
Dropbox (HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Garmin BaseCamp (HKLM-x32\...\{B0BED0BB-E1C4-49AA-840F-7CA052ADF5EB}) (Version: 4.3.4 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2015.10 (HKLM-x32\...\{FCDB42FC-A70B-4041-877F-D73E16DE4345}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Power Assistant (HKLM\...\{6888C635-E550-4FA4-958E-CE2880B0443B}) (Version: 1.1.1.5 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB67}) (Version: 1.0.3.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: - )
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft Works (HKLM-x32\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
MixPad Audio Mixer (HKLM-x32\...\MixPad) (Version: - NCH Software)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCH Toolbox (HKLM-x32\...\ToolBox) (Version: - NCH Software)
Nero 11 (HKLM-x32\...\{F05851AA-ADDF-4321-BC61-0F7D76CF9B30}) (Version: 11.0.15202 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{8F7F40B4-8C55-4B92-8C89-16501DAC697F}) (Version: 12.5.00800 - Nero AG)
Password Recovery 5.0 (HKLM-x32\...\Password Recovery 5.0) (Version: - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polaroid Dust and Scratch Removal v1.0.0.15.2e (HKLM-x32\...\{7B03B4E6-E3F9-11D5-B9D9-00D0B75C082C}) (Version: Polaroid Polaroid Dust and Scratch Removal v1.0.0.15.2e - Polaroid Corporation)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 - NewspaperDirect Inc.)
Quicken 2010 (HKLM-x32\...\{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}) (Version: 19.1.2.22 - Intuit)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SureThing CD Labeler Deluxe (HKLM-x32\...\{4ED7D297-58F7-45C3-A9BA-A7CD6FA0D373}_is1) (Version: 5.2.647.0 - MicroVision Development, Inc.)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
VCRT for DirectPass x64 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (x32 Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VidCoder 1.5.31 (x64) (HKLM\...\VidCoder-x64_is1) (Version: 1.5.31 - RandomEngy)
ViewSonic Windows 7 x64 Signed Files (HKLM-x32\...\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}) (Version: - )
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: - NCH Software)
WD Drive Utilities (HKLM-x32\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SES Driver Setup (x32 Version: 1.0.3.3 - Western Digital) Hidden
WD SmartWare (HKLM\...\{F6FE3205-7737-4772-9017-C7ACD8A5561C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinX DVD Ripper Platinum 7.5.11 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyn cApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944059519-1132189833-573973414-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-05-2015 01:00:50 Windows Backup
06-05-2015 02:07:46 Windows Update
09-05-2015 18:21:48 Installed Microsoft Fix it 50123
10-05-2015 01:01:41 Windows Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E177DD8-D258-40F2-9DFB-C94D16CC180D} - \{650B4C6B-CEE7-4805-8D9F-C1C983AD4CCB} No Task File <==== ATTENTION
Task: {135A6C4D-E87D-4F05-9347-9C269E287A4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {1375DAA3-D068-4810-A0B6-97762F2F0BD1} - \RealUpgradeScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1001 No Task File <==== ATTENTION
Task: {143B272C-DCE0-426D-991F-D741FCD9C702} - \{8B8D08FD-D154-42CC-85FF-3E61681F7831} No Task File <==== ATTENTION
Task: {1445CEF0-3D45-4AB9-8E8A-089861351BAE} - \{FBE65879-5606-4EE9-B061-6E53BACEC2B2} No Task File <==== ATTENTION
Task: {150B2F43-5603-465E-B090-3A37C0ACDF12} - \RealUpgradeScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1004 No Task File <==== ATTENTION
Task: {187DC26C-E34C-488C-B0F6-92A51A11BF4D} - \RealDownloaderDownloaderScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1004 No Task File <==== ATTENTION
Task: {1C211D72-8B19-4B96-899F-C8FE41C5D135} - System32\Tasks\Trend Micro Inspect of Platinum => C:\Program Files\Trend Micro\Titanium\plugin\Pt\win32\Inspect\Inspect.exe [2014-07-20] (Trend Micro Inc.)
Task: {1CBED5AC-7D94-4BE2-A6F9-8D30A582F61D} - \RealUpgradeLogonTaskS-1-5-21-2944059519-1132189833-573973414-1004 No Task File <==== ATTENTION
Task: {206BEAC4-27D4-49D2-85A3-15CAF9ED2612} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {218927A2-C8A5-4AC1-A68D-71141405B36D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {2636C469-3432-4818-87AA-4E4C15BD6026} - \RealUpgradeLogonTaskS-1-5-21-2944059519-1132189833-573973414-1001 No Task File <==== ATTENTION
Task: {2676CB46-427C-4B45-B203-1F06A446DCAC} - \{F597D5B2-0434-4D30-9EC7-E6636417D850} No Task File <==== ATTENTION
Task: {45AB1E3A-1E77-4960-ABBF-D063E1063BBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {577080A1-65C8-4C97-95E7-29CADEDD3B01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-22] (Adobe Systems Incorporated)
Task: {5C2764FA-DED9-4ED9-968E-980B7042121C} - \{7C183DA5-A5D1-4BC3-AC6F-11AD03C55246} No Task File <==== ATTENTION
Task: {5CD47FBB-4DE8-45FB-B42A-784FA599EAB9} - \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1004 No Task File <==== ATTENTION
Task: {6D1A5C9B-4E38-429F-90E9-930C4C5BFB89} - \Adobe Acrobat Update Task No Task File <==== ATTENTION
Task: {70A06789-05E5-417F-9B59-B9E60CDAA899} - \RealDownloaderDownloaderScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1001 No Task File <==== ATTENTION
Task: {76B12DCD-5CC6-40D2-9515-65606FB7F0F6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {77831FE0-6AD3-43C4-B889-0C642C21B9CB} - \Driver Robot No Task File <==== ATTENTION
Task: {81219257-50B7-44A2-B825-B327734FB69B} - \{108D127D-16E2-4E57-A238-D45A48E4E465} No Task File <==== ATTENTION
Task: {8E6413E1-D651-4D5B-ABE8-C0713EE7E28C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {93E2550B-5440-4198-87EE-60F1DC7BAE7A} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {9A0BE7CA-1CE1-4BC2-AA45-347CFF9DEB2E} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {9B325875-FB39-4B52-9E21-8638C4677503} - \{C85A4DFA-A77F-4C3F-91F9-82D2223B988A} No Task File <==== ATTENTION
Task: {9C441248-5069-475C-8B0D-43617394D47D} - \RealDownloaderRealUpgradeLogonTaskS-1-5-21-2944059519-1132189833-573973414-1001 No Task File <==== ATTENTION
Task: {9F2167FD-91B7-4416-92C5-B58BD55EBADE} - \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1001 No Task File <==== ATTENTION
Task: {9FC9045E-99EA-4BF1-ADF1-AC4E74628C2F} - \{39338B56-714D-472C-B3CA-111EF8FBFA2E} No Task File <==== ATTENTION
Task: {A21B084B-430C-4819-BFF6-1BE434AB20EB} - \{C5E72DDC-2107-475F-9CDD-6723DA11B28E} No Task File <==== ATTENTION
Task: {A67349BB-B0B9-41CA-87B9-EEA5E0C9879F} - \RealPlayerRealUpgradeScheduledTaskS-1-5-21-2944059519-1132189833-573973414-1004 No Task File <==== ATTENTION
Task: {A94E827E-CBF2-4CF8-8075-A1CC1087CAB8} - System32\Tasks\NCH Swift Sound\wavepadShakeIcon => C:\Program Files (x86)\NCH Swift Sound\WavePad\WavePad.exe [2011-01-17] (NCH Software)
Task: {AD95E230-80C3-409C-89A1-9B53ED41871D} - \ServicePlan No Task File <==== ATTENTION
Task: {B07BA529-D94F-4BDD-A2A1-4237423D063C} - \{116CED58-38DC-46AE-BE8C-BBA4CBACB64B} No Task File <==== ATTENTION
Task: {BCDEDC48-5256-43CC-9DEA-EA0841C7CE12} - \{58C9C6E5-8B7D-4DC4-ACFA-5CEC9AA3FC76} No Task File <==== ATTENTION
Task: {C0210696-66F4-4791-8F13-8C653233ED2C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C4CE099A-CD27-4927-8B28-29AF33AE494C} - \RealPlayerRealUpgradeLogonTaskS-1-5-21-2944059519-1132189833-573973414-1004 No Task File <==== ATTENTION
Task: {C8E78F5C-5795-4D12-8E14-407FAF33C2CC} - \GarminUpdaterTask No Task File <==== ATTENTION
Task: {CA446CFE-03E0-4A54-81B6-3DD1FF860691} - \RealDownloaderRealUpgradeLogonTaskS-1-5-21-2944059519-1132189833-573973414-1004 No Task File <==== ATTENTION
Task: {CEDF11E5-697E-4B4D-89F6-D96B584B194A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2944059519-1132189833-573973414-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {D1E7D616-AFD0-4BAC-BAEC-7E4A75B9A154} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {D2A1E720-AA93-45D4-8D51-90CEE68D7DF2} - \{D5431620-0D7C-4D63-A1AE-2A0A6C43D0A1} No Task File <==== ATTENTION
Task: {D2C1AA7F-4376-4C90-9A89-89290FFA13AB} - \AdobeAAMUpdater-1.0-John-HP-John No Task File <==== ATTENTION
Task: {DB30B2C1-AA62-4AA2-B472-029CE701A872} - System32\Tasks\Western Digital\SmartWare\____Volume_c77a8aa4_fc23_11df_9177_806e6f6e6963______Volu me_571b67a2_cc5c_11e2_b395_6c626d8702d9__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2015-02-12] (Western Digital Technologies, Inc.)
Task: {E0B4998A-3F52-48BD-8821-46560BF1E0ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN22TBQ093 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {E13D5435-2EEA-4A8B-95F1-A19D4057D948} - \{DEB9B4F0-EECC-4418-88E5-F570AE7A09FD} No Task File <==== ATTENTION
Task: {E9372AEC-9305-4AFF-807D-19884EC2C528} - \{B451E3E6-1A3E-4438-9ABE-EA2CB564ED52} No Task File <==== ATTENTION
Task: {EE0E8E30-5BAF-4E3B-A55C-BD1CEF3AE539} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {EEAF0A5F-798D-4199-A345-204F4354DB72} - \HPCeeScheduleForJohn No Task File <==== ATTENTION
Task: {EF0BE58F-9D95-44BD-9B99-2E4B707D1966} - \{C5087A81-B8A6-484D-9C39-581CBE538E10} No Task File <==== ATTENTION
Task: {F0D19CE3-7891-4AA0-95C6-B12C58B5662C} - \{9F8EB598-3456-4047-A366-A9A2CDB93058} No Task File <==== ATTENTION
Task: {F437A15B-840A-41D8-918C-010B27B60EC7} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {F4DC1021-220B-4B34-B13B-DC0DB0985E7E} - \HPCustParticipation HP Officejet Pro 8600 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Robot.job => C:\Program Files (x86)\Driver Robot\1.2.0.5\DriverRobot.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJohn.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2015-05-05 17:06 - 2014-07-09 09:03 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2015-05-05 17:06 - 2014-07-09 09:02 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2015-05-05 17:06 - 2014-07-09 09:03 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2015-05-05 17:06 - 2014-07-09 09:03 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2015-05-05 17:06 - 2014-07-09 09:02 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll
2015-05-05 16:50 - 2014-07-20 12:04 - 00168584 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2010-03-11 17:50 - 2010-03-11 17:50 - 00107576 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
2015-05-05 17:08 - 2014-07-20 12:05 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2015-05-05 17:08 - 2014-07-20 12:05 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2015-05-05 17:08 - 2014-07-20 12:05 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2015-05-05 17:08 - 2014-07-20 12:05 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll
2015-05-05 16:50 - 2014-07-20 12:05 - 00065560 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2015-04-01 12:51 - 2015-04-01 12:51 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2014-10-17 23:27 - 2014-10-17 23:27 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad0 6fd61510c5d8f326\IsdiInterop.ni.dll
2010-11-23 03:21 - 2010-03-03 21:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-10-10 18:17 - 2013-10-10 18:17 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-121 revA\ANPDApi.dll
2013-10-10 18:17 - 2010-09-26 19:16 - 00290816 _____ () C:\Program Files (x86)\D-Link\DWA-121 revA\WlanApp.dll
2015-05-05 16:50 - 2014-07-20 12:05 - 00039424 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_49.dll
2015-05-05 16:50 - 2014-07-20 12:05 - 00049152 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_49.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Barbara Osterholm\Documents\Play timing for next season.eml:OECustomProperty
AlternateDataStreams: C:\Users\John\Desktop\ARPC highpower matches for 2015.eml:OECustomProperty
AlternateDataStreams: C:\Users\John\Desktop\code.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\6mmbr.com -> hxxp://www.6mmbr.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\aetv.com -> hxxp://boards.aetv.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\amazon.com -> www.amazon.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\aol.com -> hxxp://free.aol.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\bestbuy.com -> hxxp://www.bestbuy.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\comcast.net -> hxxp://xfinity.comcast.net
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\delphiforums.com -> hxxp://forums.delphiforums.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\dennismillerradio.com -> hxxp://www.dennismillerradio.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\dennismillerradio.com -> hxxps://www.dennismillerradio.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\dpreview.com -> hxxps://forums.dpreview.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\ebay.com -> hxxp://search.ebay.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\facebook.com -> www.facebook.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\floridashooting.com -> hxxp://www.floridashooting.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\fourfreshmen.com -> hxxp://www.fourfreshmen.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\gunbot.net -> hxxp://gunbot.net
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\gunsamerica.com -> hxxp://www.gunsamerica.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\gunsinternational.com -> hxxp://www.gunsinternational.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\imdb.com -> hxxps://us.imdb.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\latimes.com -> hxxp://www.latimes.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\lauraingraham.com -> hxxps://www.lauraingraham.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\lauraingraham.com -> hxxp://www.lauraingraham.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\microsoft.com -> hxxps://oas.support.microsoft.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\mlb.com -> hxxp://losangeles.dodgers.mlb.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\musicstack.com -> hxxps://www.musicstack.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\mylist.net -> hxxp://mylist.net
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\nationalmatch.us -> hxxp://www.nationalmatch.us
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\ning.com -> hxxp://throughthehedge.ning.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\nndb.com -> hxxp://www.nndb.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\prospero.com -> hxxp://login.prospero.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\rifleshooting.com -> hxxp://arizona.rifleshooting.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\runboard.com -> hxxp://com1.runboard.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\rusc.com -> hxxp://www.rusc.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\shootersproshop.com -> hxxp://www.shootersproshop.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\tammybruce.com -> hxxp://tammybruce.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\turbotax.com -> hxxps://turbotax.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\turnerclassicmovies.com -> hxxp://www.turnerclassicmovies.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\tv-now.com -> hxxp://www.tv-now.com
IE trusted site: HKU\S-1-5-21-2944059519-1132189833-573973414-1001\...\usrifleteams.com -> hxxp://www.usrifleteams.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2944059519-1132189833-573973414-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper. jpg
DNS Servers: 75.75.75.75 - 75.75.76.76

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeActiveFileMonitor13.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Amazon Download Agent => 3
MSCONFIG\Services: DisplayLinkService => 2
MSCONFIG\Services: D_Link_DWA-121_WPS => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: Garmin Device Interaction Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IntuitUpdateServiceV4 => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Unbox.lnk => C:\Windows\pss\Amazon Unbox.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet Pro 8600.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet Pro 8600.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\John\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: AmazonGSDownloaderTray => C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_DC7C249942899F83C1747FF3FB5BD5F3 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Power2GoExpress8 => "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: SansaDispatch => C:\Users\John\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [TCP Query User{3B32E971-421C-4B17-B23C-1D213E15386E}C:\program files (x86)\windows media player\wmplayer.exe] => (Allow) C:\program files (x86)\windows media player\wmplayer.exe
FirewallRules: [UDP Query User{D2C3D4A5-8367-4971-8A49-EC9F3CE7D17B}C:\program files (x86)\windows media player\wmplayer.exe] => (Allow) C:\program files (x86)\windows media player\wmplayer.exe
FirewallRules: [{9863B41C-C695-4912-B8D7-07EFF74F5040}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{BADD9117-6200-4246-A4F0-3A54BB247568}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{4ADE3779-5A0E-48C5-AAAA-4E2E249F6DAB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{5D9AF56F-655A-48E0-9D83-0D65AE70BA0E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{26926513-7957-42A6-9716-EE58CDF5900A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{7A1E9F63-55BE-412B-B97B-DD769E1825D4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{0961B550-BE72-42A0-A66C-28B6AB419515}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{2CFD84FF-26AB-4970-A4FA-87F7C487A4C0}] => (Allow) C:\Users\John\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{F4EBFE25-118B-4280-90BD-A2B5ABAD9A27}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4FF3877E-1302-40CA-BA81-54E358958342}] => (Allow) LPort=2869
FirewallRules: [{E6635FC5-7B84-499F-B292-751BE574BF23}] => (Allow) LPort=1900
FirewallRules: [{15C65308-648D-4E17-94FE-1D34C7EAD175}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{77943484-5E1F-4F83-8FF4-D53D020ABA8D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (05/10/2015 00:36:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (4024) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000D7.log.


System errors:
=============
Error: (05/10/2015 01:20:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (05/10/2015 00:36:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/10/2015 00:36:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (05/10/2015 08:04:30 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (05/09/2015 11:22:23 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (05/07/2015 10:00:40 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (05/07/2015 10:00:33 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (05/07/2015 09:16:45 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (05/07/2015 09:16:31 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (05/07/2015 06:42:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/10/2015 00:36:30 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (05/10/2015 00:36:24 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description:
Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (05/10/2015 00:36:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows4024Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000D7.log-1811


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
Percentage of memory in use: 48%
Total physical RAM: 3767.08 MB
Available physical RAM: 1930 MB
Total Pagefile: 7532.35 MB
Available Pagefile: 5490.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:686.23 GB) (Free:518.9 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.31 GB) (Free:1.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (MY DVD) (CDROM) (Total:2.03 GB) (Free:0 GB) UDF
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:822.03 GB) NTFS
Drive m: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:844.05 GB) NTFS
Drive n: (My Passport) (Fixed) (Total:931.48 GB) (Free:142.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A61AC4EC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=686.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 44622B8A)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08E94FBD)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

Here is the pop up after it restarted. To be honest I'm not really sure what it even means

Attached Images

	Screenshot (7).png (58.2 KB)
	Screenshot (8).png (61.8 KB)

Laptop is very slow. I need help to clean up laptop from viruses/malware.

Thanks!

Hello Everybody, I am having a major problem in running the Farbar Recovery Scan Tool on a Windows 7 laptop. Every time I insert the flash drive into the USB on the infected computer, and double click to run it, I get a message window that reads: "F:\FRST64.exe The system could not find the environment option that was entered." I was wondering if I could run this in safe mode but I'm not sure if this is safe to do. What are your thoughts? Please help...

Hi z0rkny,
HijackThis is not very good with 64 bit systems.
Let's see what's on there.
-----------------------------------------------------------
Download and Run the Farbar Scan Tool

• Download FRST64 and save to your Desktop.
  
• Double click Frst64.exe to launch it.
• FRST64 will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
  • Please post them in your next reply.

If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

askey127

This problem persists. Anyone up for helping me?

Hi there and HELP. I am running windows 8.1 on an HP Pavillion AMD5 desktop.Hope that make sense. I am unable to use most of the programmes & applications on my pc, I cannot open attachments, or download anything ,nor can I forward anything. I can receive and send basic mail I cannot use my antivirus nor can I access the link you have recommended at the start of all problems. I can delete mails and junk. I cannot use my printer or scanner and cannot save anything.
Any help appreciated.

Thanks

Backchat

Hello,

I`ve re-opened your thread, what is the current status....

Kevin...

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2015 01
Ran by Deni (administrator) on NEWFAMCOMP on 13-05-2015 18:46:57
Running from C:\Users\Deni\Desktop
Loaded Profiles: Deni (Available profiles: Deni & Guest)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\HCS.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM\...\Run: [WD Drive Manager] => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [430080 2008-05-16] (WDC)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7514656 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [296520 2014-12-04] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-01-27] (Apple Inc.)
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [TWC.Win7] => C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [C:/Program Files/Media Freeware/Free Youtube To MP4 Converter/Free Youtube To MP4 Converter.exe] => C:\Program Files\Media Freeware\Free Youtube To MP4 Converter\Free Youtube To MP4 Converter.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2012-03-27]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-12-04]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-25] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {9B21041F-37E4-49AF-B708-75DD245BEB5A} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin .dll [2014-10-27] (RealDownloader)
BHO: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Cassiopesa
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-09] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-03-09] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-12-04] (RealPlayer Cloud)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-04-08] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-12-04] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-12-04] (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566\searchplugins\cassiopesa.xml [2015-05-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-18]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: avast! EasyPass Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-02-16]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-13]
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-04]
FF HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-24]

Chrome:
=======
CHR Profile: C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (No Name) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-12]
CHR Extension: (Google Wallet) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-25] (Avast Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PenCommService; C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2012-11-05] (Livescribe) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
S2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-04] (RealNetworks, Inc.)
S2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-05-16] (WDC) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-25] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-04-25] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-25] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [271248 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-25] ()
S3 JRAID; C:\Windows\system32\DRIVERS\jraid.sys [89048 2009-05-21] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [20480 2012-11-05] (Windows (R) Win 7 DDK provider) [File not signed]
S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror.sys [3328 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-28] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-25] (Avast Software)
R3 Wdm1; C:\Windows\System32\Drivers\usbbc.sys [15576 2003-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:17 - 2015-05-13 18:46 - 00019491 _____ () C:\Users\Deni\Desktop\FRST.txt
2015-05-13 18:17 - 2015-05-13 18:17 - 00000000 ____D () C:\Users\Deni\Desktop\FRST-OlderVersion
2015-05-13 13:51 - 2015-05-13 13:51 - 01307590 _____ () C:\Users\Deni\Documents\Thank bottom of my butt.hmk
2015-05-13 11:30 - 2015-05-13 11:30 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NEWFAMCOMP-Windows-7-Professional-(32-bit).dat
2015-05-13 11:25 - 2015-05-13 11:28 - 00000000 ____D () C:\Users\Deni\AppData\Local\AvastSupport
2015-05-12 23:11 - 2015-04-25 11:33 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-12 22:57 - 2015-05-12 22:57 - 00000000 ____D () C:\RegBackup
2015-05-12 20:56 - 2015-05-12 20:56 - 00000000 ____D () C:\ProgramData\f04b3c000005f06
2015-05-12 19:02 - 2015-05-12 23:05 - 00000000 ____D () C:\Users\Deni\AppData\Local\fiso
2015-05-12 18:47 - 2015-05-12 23:05 - 00000000 ____D () C:\Program Files\user extensions
2015-05-12 18:47 - 2015-05-12 18:47 - 00000064 _____ () C:\Users\Deni\AppData\Local\9aff5a1a12d9faf30fb9a5b935a39c40
2015-05-12 12:40 - 2015-05-12 12:40 - 01819136 _____ () C:\Users\Deni\Downloads\SQLServerCE31-EN.msi
2015-05-12 12:40 - 2015-05-12 12:40 - 01819136 _____ () C:\Users\Deni\Downloads\SQLServerCE31-EN(1).msi
2015-05-07 14:23 - 2015-05-07 14:23 - 01124072 _____ (Adobe Systems Incorporated) C:\Users\Deni\Downloads\readerdc_en_ha_install.exe
2015-05-07 13:34 - 2015-05-07 13:34 - 00008213 _____ () C:\Users\Deni\Documents\cher.aspx
2015-04-27 10:45 - 2015-04-27 10:45 - 00151552 _____ () C:\Users\Deni\Documents\Half envelope DOGWOOD w add.php
2015-04-27 10:23 - 2015-04-27 10:23 - 00903010 _____ () C:\Users\Deni\Documents\Thinking of you barlow.hmk
2015-04-25 11:33 - 2015-04-25 11:33 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-25 11:32 - 2015-04-25 11:32 - 00271248 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-04-24 13:58 - 2015-05-13 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:46 - 2014-05-12 01:56 - 00000000 ____D () C:\FRST
2015-05-13 18:17 - 2014-08-23 15:28 - 01144320 _____ (Farbar) C:\Users\Deni\Desktop\FRST.exe
2015-05-13 18:01 - 2010-02-05 16:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 15:05 - 2010-03-24 12:05 - 00001071 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-13 14:04 - 2015-03-25 16:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-13 13:57 - 2014-08-26 13:30 - 00750080 _____ () C:\Users\Deni\Documents\Half env DECKEDOUT GIRL add.php
2015-05-13 13:35 - 2014-04-23 17:35 - 00000027 _____ () C:\Users\Deni\Documents\Hallmark Card Studio 2008.txt
2015-05-13 13:01 - 2010-02-05 16:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 12:17 - 2009-07-13 21:55 - 01593726 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 11:59 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\TRAVEL
2015-05-13 11:45 - 2014-06-17 11:06 - 00000000 ____D () C:\AdwCleaner
2015-05-13 11:38 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 11:38 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 11:01 - 2013-04-09 13:35 - 00000000 ___RD () C:\Users\Deni\Dropbox
2015-05-13 11:01 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Dropbox
2015-05-13 10:59 - 2014-10-27 14:07 - 00005927 _____ () C:\Windows\setupact.log
2015-05-13 10:59 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 10:58 - 2009-10-29 18:33 - 01480206 _____ () C:\Windows\PFRO.log
2015-05-13 10:50 - 2013-04-09 13:35 - 00001020 _____ () C:\Users\Deni\Desktop\Dropbox.lnk
2015-05-13 10:50 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 23:58 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2015-05-12 23:55 - 2009-11-16 14:25 - 00000000 ____D () C:\Users\Deni
2015-05-12 23:15 - 2014-11-13 12:24 - 00002025 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-12 23:15 - 2014-11-13 12:24 - 00001965 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-05-12 23:15 - 2014-11-13 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-12 23:05 - 2015-03-25 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-12 23:05 - 2014-08-23 16:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-12 23:05 - 2012-06-23 09:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-12 23:05 - 2011-01-13 11:02 - 00000000 ____D () C:\Users\Guest
2015-05-12 23:05 - 2009-11-18 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntelliMover
2015-05-12 23:05 - 2009-11-18 10:16 - 00000000 ____D () C:\Program Files\IntelliMover
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\registration
2015-05-12 18:26 - 2014-09-05 10:24 - 00000000 ____D () C:\Users\Deni\AppData\Local\Adobe
2015-05-12 18:21 - 2006-07-31 08:31 - 00000171 _____ () C:\Users\Deni\default.pls
2015-05-12 16:03 - 2009-11-18 18:21 - 00000000 ____D () C:\Users\Deni\Documents\House and Garden SERVICES
2015-05-12 16:01 - 2006-06-21 13:58 - 00001198 _____ () C:\Users\Deni\Desktop\Wireless Network Info.txt
2015-05-12 12:41 - 2009-10-29 16:44 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-05-07 11:16 - 2010-09-27 12:04 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-27 10:33 - 2006-05-24 23:05 - 02302976 ___SH () C:\Users\Deni\Documents\Thumbs.db
2015-04-27 10:28 - 2012-12-19 21:15 - 00020670 _____ () C:\Users\Deni\Documents\Christmas Address List 2012 COMPLETE.xlsx
2015-04-26 17:23 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\RECIPES
2015-04-25 11:33 - 2014-04-23 14:05 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-25 11:33 - 2014-01-07 12:25 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-25 11:33 - 2013-03-04 10:37 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-25 11:33 - 2013-03-04 10:37 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-25 11:33 - 2012-02-24 01:42 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-25 11:33 - 2012-01-19 08:30 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-25 11:33 - 2012-01-19 08:29 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-25 11:32 - 2012-02-24 01:42 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-04-25 11:32 - 2012-01-19 08:29 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-24 16:19 - 2015-04-08 11:41 - 00000000 ____D () C:\Users\Deni\AppData\Local\CrashDumps
2015-04-24 13:11 - 2010-09-27 12:04 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2009-11-19 11:07 - 2009-11-19 11:07 - 0004632 _____ () C:\Program Files\0x0409.ini
2009-11-19 11:07 - 2009-11-19 11:07 - 0740864 _____ () C:\Program Files\1033.MST
2005-12-14 16:54 - 2001-03-15 09:58 - 1013507 _____ () C:\Program Files\ComedyCardStudioManual.pdf
2005-12-14 16:54 - 2003-03-31 23:13 - 0028125 ____N () C:\Program Files\Eula.txt
2009-11-19 11:07 - 2009-11-19 11:07 - 45639680 _____ () C:\Program Files\iPod for Windows 2006-06-28.msi
2009-01-09 23:52 - 2009-01-09 23:59 - 0000134 _____ () C:\Program Files\libmp3lame-win-3.98.2.zip
2002-01-26 01:36 - 2002-01-26 01:35 - 0002407 _____ () C:\Program Files\message3.txt
2005-12-14 16:54 - 2001-03-15 09:10 - 0011744 _____ () C:\Program Files\Original Copy of Eula.txt
2005-12-14 16:54 - 2001-03-16 11:17 - 0009493 _____ () C:\Program Files\Original Copy of readme.txt
2005-12-14 16:54 - 2003-03-31 23:12 - 0025178 ____N () C:\Program Files\readme.txt
2009-08-19 13:59 - 2009-08-19 13:59 - 0010066 _____ () C:\Program Files\taylormade rescue hybrid.jpg
2005-10-08 18:23 - 2005-10-08 18:23 - 0024406 _____ () C:\Program Files\Untitled.jpg
2010-04-21 12:32 - 2010-04-21 12:32 - 0000025 _____ () C:\Users\Deni\AppData\Roaming\bdfvconp.ini
2014-05-07 16:13 - 2014-05-07 16:13 - 0000035 _____ () C:\Users\Deni\AppData\Roaming\mbam.context.scan
2011-04-27 12:59 - 2011-04-27 13:13 - 0000077 _____ () C:\Users\Deni\AppData\Roaming\Rim.Desktop.Exception.log
2011-04-27 11:44 - 2011-04-27 11:44 - 0001147 _____ () C:\Users\Deni\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-05-12 18:47 - 2015-05-12 18:47 - 0000064 _____ () C:\Users\Deni\AppData\Local\9aff5a1a12d9faf30fb9a5b935a39c40
2014-07-25 12:46 - 2014-08-14 18:48 - 0159672 _____ () C:\Users\Deni\AppData\Local\ars.cache
2014-07-25 12:46 - 2014-08-14 18:48 - 0351087 _____ () C:\Users\Deni\AppData\Local\census.cache
2011-04-27 13:00 - 2011-04-27 13:00 - 0014848 _____ () C:\Users\Deni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-03-28 16:29 - 2007-03-28 16:29 - 0000127 _____ () C:\Users\Deni\AppData\Local\fusioncache.dat
2014-07-25 12:23 - 2014-07-25 12:23 - 0000036 _____ () C:\Users\Deni\AppData\Local\housecall.guid.cache
2012-03-27 14:40 - 2012-03-27 14:40 - 0000017 _____ () C:\Users\Deni\AppData\Local\resmon.resmoncfg
2014-07-25 12:37 - 2014-08-14 18:43 - 0000010 _____ () C:\Users\Deni\AppData\Local\sponge.last.runtime.cache
2011-07-23 16:36 - 2011-07-23 16:36 - 0000000 _____ () C:\Users\Deni\AppData\Local\{179C5815-782C-4F8F-88E5-D079AB43B531}
2010-09-27 12:05 - 2010-09-27 12:05 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-01-19 13:41 - 2009-01-19 13:41 - 0039705 _____ () C:\ProgramData\hprealign_log.txt
2009-11-18 12:20 - 2014-08-13 13:41 - 0063160 _____ () C:\ProgramData\hpzinstall.log
2009-11-18 12:20 - 2009-11-18 12:35 - 0001135 _____ () C:\ProgramData\Original Copy of hpzinstall.log
2014-11-24 16:35 - 2014-11-24 16:35 - 0000000 _____ () C:\ProgramData\PKP_DLec.DAT

Files to move or delete:
====================
C:\Users\Deni\SysInfo.exe


Some content of TEMP:
====================
C:\Users\Deni\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Deni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzx06um.dll
C:\Users\Deni\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Deni\AppData\Local\Temp\HPInstaller.exe
C:\Users\Deni\AppData\Local\Temp\HPPSdr.exe
C:\Users\Deni\AppData\Local\Temp\install.exe
C:\Users\Deni\AppData\Local\Temp\lowproc.exe
C:\Users\Deni\AppData\Local\Temp\Quarantine.exe
C:\Users\Deni\AppData\Local\Temp\SonosUpgrader.exe
C:\Users\Deni\AppData\Local\Temp\sqlite3.dll
C:\Users\Deni\AppData\Local\Temp\stubhelper.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-12 23:48

==================== End Of Log ============================

For some reason, every now and then, a random malicious program pops up such as "PCSpeedUp" or "YAC". Am I being hacked/ hijacked? Should I contact the police? I already removed 2 of them using AdwCleaner. What should I do next?

Perhaps I'm just paranoid, but my taskbar (Solve PC issues) has alerted me to a detected threat

TrojanDownloader:JS Nemucod.P

It wants me to click to "Clean infection" but I don't trust it.


I've "un-hidden" files and I have run Superantispyware and Malwarebytes and both come up with clean scans (on first run Malwarebytes removed a lot of ConduitTP files). The warnings still come up on the microsoft icon on task bar. Any advice?

Susan


Below is my SysInfo and the last Malwarebytes log

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD FX(tm)-6100 Six-Core Processor, AMD64 Family 21 Model 1 Stepping 2
Processor Count: 6
RAM: 12031 Mb
Graphics Card: ATI Radeon 3000 Graphics, 256 Mb
Hard Drives: C: Total - 1907627 MB, Free - 1526456 MB;
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD, 760GM-E51(MS-7596)
Antivirus: Norton Internet Security, Disabled

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/14/2015
Scan Time: 1:43:47 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.14.04
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: candee

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351973
Time Elapsed: 13 min, 7 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD Athlon(tm) II X2 215 Processor, AMD64 Family 16 Model 6 Stepping 2
Processor Count: 2
RAM: 3838 Mb
Graphics Card: NVIDIA GeForce 6150SE nForce 430, 256 Mb
Hard Drives: C: Total - 464610 MB, Free - 303913 MB; D: Total - 12226 MB, Free - 2192 MB;
Motherboard: PEGATRON CORPORATION, NARRA5
Antivirus: AVG AntiVirus 2015, Disabled


I have thousands of files that have been infected with ransom ware. I've searched for a solution but have failed to find one. Has there been any new developments that can help me retrieve my files?
Also questions about playtopus...I see it in my program uninstall but when I click uninstall it says that the file does not exist.
also, my computer has been running quite slow. I've scanned with Avg Antivirus, malwarebytes, and spybot. Spybot found one spybot with 6 entries and quarantined it. malwarebytes found one pup and quarantined it. Avg has found nothing. Any advice will be greatly appreciated!

This popped up on my computer: Warning Virus Trojan (TRJ.DealWare.Stealh) has been injected into your computer.
You must call this tolll lfree number 1-844-485-4060 now.

DO NOT RESTART YOUR COMPUTER. DOING SO WILL CAUSE SYSTEM FAILURE. PLEASE CALL THE NUMBER PROVIDED TO REMOVE THE VIRUS.

My question is: is this real?

CD R

Can you run the following in Normal mode? if not continue is safemode...

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7/8, right-click on it and Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
• If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
• If the tool does not run from any of the links provided, please let me know.

Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

• Quit all running programs.
• For Windows XP, double-click to start.
• For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
• Read and accept the EULA (End User Licene Agreement)
• Click Scan to scan the system.
• When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
• Post back the report which should also be located here:

Post those logs in next reply...

Thanks,

Kevin

Hi folks,
In the past few days, I have noticed that my internet connection has become unstable. When I stream internet radio, it will work fine for 10 min. Then there will be nothing but dead air for 30-60 sec.. Then the stream will continue again. While online gaming, my computer will stop communication with the servers for 10-30 seconds, start working for 5-10 min, then stop communication again. Yesterday I tried to fix the problem myself. Malwarebytes found OpenCandy which it fixed, but the problem persists. I have attached my hijack this logfile. I've also posted my most recent Malwarebytes log file. Any help would be greatly appreciated.


Thanks


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 4:19:33 PM, on 5/15/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
FIREFOX: 35.0.1 (x86 en-US)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Support.com\Desktop\Virus Removal Tools\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 24.40.45.56 esolutions
O1 - Hosts: 24.40.60.142 vision
O1 - Hosts: 172.28.65.225 cuportal.cable.comcast.com
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [GamingMouse] C:\Program Files (x86)\Gaming Mouse\hid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Spark] C:\Program Files (x86)\Spark\Spark.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-310 Series" (User '?')
O4 - HKUS\S-1-5-21-3532716672-192860038-2888753106-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Spark] C:\Program Files (x86)\Spark\Spark.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-310 Series" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-310 Series" (User 'Default user')
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.cable.comcast.com
O15 - Trusted Zone: *.comtrac
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O15 - Trusted Zone: partnervpn.support.com
O15 - Trusted Zone: *.vision
O16 - DPF: {538793D5-659C-4639-A56C-A179AD87ED44} (Cisco AnyConnect Secure Mobility Client Web Control) - https://partnervpn1.support.com/CACH...ies/vpnweb.cab
O16 - DPF: {979B3FE4-7C7E-45AD-85E4-5A737690AF53} (ContactCTIServer Class) - http://einstein.cable.comcast.com/Ei...tBehaviors.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Unknown owner - c:\Program Files (x86)\Nero\Update\NASvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11943 bytes
===================================================================


Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 5/15/2015
Scan Time: 4:12:51 PM
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.05.15.05
Rootkit Database: v2015.05.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Support.com
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 403552
Time Elapsed: 24 min, 55 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 4
PUP.Optional.MultiPlug.A, C:\Users\Support.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160, , [d918e6ad84061c1a19253731f31238c8],
PUP.Optional.MultiPlug.A, C:\Users\Support.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech, , [d918e6ad84061c1a19253731f31238c8],
PUP.Optional.MultiPlug.A, C:\Users\Wes\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160, , [14ddfc972c5e38fef24cb4b46d98f50b],
PUP.Optional.MultiPlug.A, C:\Users\Wes\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech, , [14ddfc972c5e38fef24cb4b46d98f50b],
Files: 10
PUP.Optional.MultiPlug.A, C:\Users\Support.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\lsdb.js, , [d918e6ad84061c1a19253731f31238c8],
PUP.Optional.MultiPlug.A, C:\Users\Support.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\background.htm l, , [d918e6ad84061c1a19253731f31238c8],
PUP.Optional.MultiPlug.A, C:\Users\Support.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\content.js, , [d918e6ad84061c1a19253731f31238c8],
PUP.Optional.MultiPlug.A, C:\Users\Support.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\jHb.js, , [d918e6ad84061c1a19253731f31238c8],
PUP.Optional.MultiPlug.A, C:\Users\Support.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\manifest.json, , [d918e6ad84061c1a19253731f31238c8],
PUP.Optional.MultiPlug.A, C:\Users\Wes\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\lsdb.js, , [14ddfc972c5e38fef24cb4b46d98f50b],
PUP.Optional.MultiPlug.A, C:\Users\Wes\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\background.htm l, , [14ddfc972c5e38fef24cb4b46d98f50b],
PUP.Optional.MultiPlug.A, C:\Users\Wes\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\content.js, , [14ddfc972c5e38fef24cb4b46d98f50b],
PUP.Optional.MultiPlug.A, C:\Users\Wes\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\jHb.js, , [14ddfc972c5e38fef24cb4b46d98f50b],
PUP.Optional.MultiPlug.A, C:\Users\Wes\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhcajgllkpacioibcjiniefblpmpech\160\manifest.json, , [14ddfc972c5e38fef24cb4b46d98f50b],
Physical Sectors: 0
(No malicious items detected)

(end)

the site static.chromenotice.com seems to have taken over and keeps popping up everywhere. Can't close it down permanently.

When I do a virus scan with both my purchased mcafee software and Malwarebytes, during the scan of my C: Drive, my computer “beeps” twice during the scan. I do not get any prompts of what happened, it just beeps. Are there a couple of files the virus scan doesn’t like? Is there a log from these virus software packages that I can look at to see what it beeped at, or show me what happened. I also get a file with the word “Chinese” on it, is this a part of windows 7, or should I be concerned? I never had the system beep at me before during virus scans. The scans show that there are no virus’s present.
Thanks for any help in this matter, I'm very concerned about this.

I get this...


There was a problem starting C:\Windows\TEMP\mdi464.dll


Any reason why and how to get rid of it?


mnhka@yahoo.com

Dear Members,

Can anyone help me to get rid of the virus S3.amazonaws.com ?

It has infected my laptop and all search engines get pop up and advertisement as well as websites that i do not choose , which is slowing my work.

please assist..!!