Jump to content

Recommended Posts

Previous Thread:

https://forums.malwarebytes.org/index.php?showtopic=143167#entry797281

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 7.0.6000.16386
Run by Bibanan at 11:59:10 on 2014-02-25
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.1.1033.18.1918.943 [GMT -5:00]
.
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\vVX6000.exe
C:\WINDOWS\RtHDVCpl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Napster\napster.exe
C:\WINDOWS\ModPS2Key.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Bamboo Dock\BambooCore.exe
C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\lpremove.exe
C:\Windows\system32\lpksetup.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [Google Update] "c:\users\bibanan\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [VX6000] c:\windows\vVX6000.exe
mRun: [showWnd] ShowWnd.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NapsterShell] c:\program files\napster\napster.exe /systray
mRun: [ModPS2] ModPS2Key.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [CHotkey] zHotkey.exe
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [bigFix] c:\program files\bigfix\bigfix.exe /atstartup
mRun: [bambooCore] c:\program files\bamboo dock\BambooCore.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [20131121] c:\program files\avast software\avast\setup\emupdate\82bad5bb-ac83-42ba-b2f2-ca90453b985b.exe /check
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wnda3100v2\WNDA3100v2.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.6.1
TCP: Interfaces\{1065630A-CD1E-405E-8BDC-D802CBFA64C4} : DHCPNameServer = 192.168.6.1
TCP: Interfaces\{78DC9EF7-A703-4371-B410-25D493B81B0A} : DHCPNameServer = 192.168.6.1
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bibanan\appdata\roaming\mozilla\firefox\profiles\xan65c4y.default\
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - plugin: c:\program files\tabletplugins\npWacomTabletPlugin.dll
FF - plugin: c:\users\bibanan\appdata\local\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-3 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-3 180248]
R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2012-2-28 21728]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-28 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2012-2-28 410784]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-2-28 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-2-23 50344]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-2-25 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-2-25 701512]
R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2012-3-11 5554552]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2012-3-11 451960]
R2 WSWNDA3100v2;WSWNDA3100v2;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2012-2-28 303360]
R3 AVer88xHD;AVerMedia 23888 AvStream Video Capture;c:\windows\system32\drivers\AVer88xHD.sys [2012-2-28 401408]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh6.sys [2012-2-28 1074944]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-2-25 22856]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2012-2-28 50704]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2014-2-24 27192]
S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2010-1-29 2074480]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2012-3-11 10752]
.
=============== File Associations ===============
.
ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1"
.
=============== Created Last 30 ================
.
2014-02-25 09:45:09 -------- d-----w- c:\users\bibanan\appdata\roaming\Malwarebytes
2014-02-25 09:44:39 -------- d-----w- c:\programdata\Malwarebytes
2014-02-25 09:44:38 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-25 09:44:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-25 05:13:37 -------- d-----w- c:\windows\pss
2014-02-25 05:01:52 -------- d-----w- c:\programdata\ErrorEND
2014-02-25 05:01:45 -------- d-----w- c:\program files\ErrorEND
2014-02-25 03:17:52 -------- d-----w- c:\users\bibanan\appdata\local\VS Revo Group
2014-02-25 03:17:47 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2014-02-25 03:17:47 -------- d-----w- c:\programdata\VS Revo Group
2014-02-25 03:17:45 -------- d-----w- c:\program files\VS Revo Group
2014-02-25 02:14:45 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-02-25 02:14:45 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2014-02-25 02:14:45 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2014-02-25 02:14:42 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-02-25 02:14:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-02-25 02:14:40 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-02-25 02:14:38 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-02-25 02:14:13 -------- d-----w- c:\program files\Zenimax Online
2014-02-25 00:38:32 -------- d-----w- C:\FRST
2014-02-25 00:04:49 -------- d-----w- c:\program files\CCleaner
2014-02-24 03:06:49 -------- d-----w- c:\users\bibanan\appdata\local\ElevatedDiagnostics
2014-02-24 02:49:31 -------- d-----w- c:\programdata\Oracle
2014-02-24 01:31:48 7947048 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c5793298-7c00-4968-8c8f-540361424950}\mpengine.dll
.
==================== Find3M  ====================
.
2014-02-25 10:59:26 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-02-24 00:25:12 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-24 00:25:12 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-24 00:25:12 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-24 00:25:11 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 11:13:56 231584 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 11:59:37.66 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 2/28/2012 9:36:16 PM
System Uptime: 2/25/2014 11:43:48 AM (0 hours ago)
.
Motherboard: ELITEGROUP |  | MCP61PM-AM
Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ | Socket AM2  | 2600/201mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 400.479 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.862 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
7-Zip 9.20
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Photoshop Elements 6.0
Adobe Reader 8
Adobe Shockwave Player 11.6
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 2.0
Audiosurf
avast! Free Antivirus
AVerMedia M791 PCIe Combo NTSC/ATSC 6.104.0.5
Bamboo
Bamboo Dock
BigFix
BitTorrent
Bonjour
Browser Address Error Redirector
BufferChm
C5100
c5100_Help
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP250 series MP Drivers
Canon MP250 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner
Color Efex Pro 3.0 Wacom Edition 3
Digital Media Reader
ErrorEND
Fax
Gateway Connect
Gateway Game Console
Gateway Recovery Center Installer
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photosmart.All-In-One Driver Software 8.0 .A
iTunes
LAME v3.99.3 (for Windows)
LameACM
Malwarebytes Anti-Malware version 1.75.0.1300
Marvell Miniport Driver
Microsoft .NET Framework 3.5 SP1
Microsoft Corporation
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft LifeCam
Microsoft Money 2006
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Napster
Napster Burn Engine
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
NVIDIA Drivers
Origin
Power2Go 5.0
PS2 Multimedia Keyboard Driver
Realtek High Definition Audio Driver
Revo Uninstaller Pro 3.0.8
Scan
swMSM
The Elder Scrolls Online Beta
The Sims™ 3
Toolbox
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg
WebTablet FB Plugin
WebTablet IE Plugin
WebTablet Netscape Plugin
WinRAR 4.11 (32-bit)
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

  • Root Admin

Let me get an updated scan please.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-02-2014 02

Ran by Bibanan (administrator) on BIBANAN-PC on 25-02-2014 15:25:24

Running from C:\Users\Bibanan\Desktop

Microsoft® Windows Vista™ Home Premium  (X86) OS Language: English(US)

Internet Explorer Version 7

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Microsoft Corporation

) C:\WINDOWS\vVX6000.exe

(Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe

(Napster) C:\Program Files\Napster\napster.exe

(Chicony) C:\WINDOWS\ModPS2Key.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

() C:\WINDOWS\zHotkey.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(BigFix Inc.) C:\Program Files\BigFix\bigfix.exe

() C:\Program Files\Bamboo Dock\BambooCore.exe

(Google Inc.) C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe

() C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe

() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe

() C:\Windows\system32\PSIService.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

() C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

(Google Inc.) C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\chrome.exe

(ZeniMax Online Studios) C:\Program Files\Zenimax Online\Launcher\Bethesda.net_Launcher.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-23] (AVAST Software)

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1006264 2012-02-29] (Microsoft Corporation)

HKLM\...\Run: [VX6000] - C:\Windows\vVX6000.exe [764784 2010-01-29] (Microsoft Corporation

)

HKLM\...\Run: [showWnd] - C:\Windows\ShowWnd.exe [36864 2005-01-27] ()

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4349952 2007-01-18] (Realtek Semiconductor)

HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2008-06-20] (NVIDIA Corporation)

HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13535776 2008-06-20] (NVIDIA Corporation)

HKLM\...\Run: [NapsterShell] - C:\Program Files\Napster\napster.exe [323216 2006-09-06] (Napster)

HKLM\...\Run: [ModPS2] - C:\Windows\ModPS2Key.exe [53248 2006-11-07] (Chicony)

HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)

HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)

HKLM\...\Run: [CHotkey] - C:\Windows\zHotkey.exe [547840 2006-11-07] ()

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-07-26] (CANON INC.)

HKLM\...\Run: [bigFix] - c:\program files\Bigfix\bigfix.exe [2348584 2006-11-16] (BigFix Inc.)

HKLM\...\Run: [bambooCore] - C:\Program Files\Bamboo Dock\BambooCore.exe [646232 2011-09-26] ()

HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)

HKLM\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\82bad5bb-ac83-42ba-b2f2-ca90453b985b.exe [180184 2013-11-21] (AVAST Software)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-3293900412-849232833-49195623-1000\...\Run: [Google Update] - C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-28] (Google Inc.)

HKU\S-1-5-21-3293900412-849232833-49195623-1000\...\MountPoints2: {09d14c99-6bb6-11e1-b12d-001bb9581be3} - M:\LaunchU3.exe -a

HKU\S-1-5-21-3293900412-849232833-49195623-1000\...\MountPoints2: {1156da41-627d-11e1-8db3-806e6f6e6963} - E:\Autorun.exe

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5472

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5472

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5472

SearchScopes: HKLM - DefaultScope {7650355F-E43A-408F-9BEC-CD9E5DB705E0} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

SearchScopes: HKLM - {7650355F-E43A-408F-9BEC-CD9E5DB705E0} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

SearchScopes: HKCU - DefaultScope {A30ECCCA-6C3F-433B-BF09-82DE980C9967} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

SearchScopes: HKCU - {A30ECCCA-6C3F-433B-BF09-82DE980C9967} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.6.1

 

FireFox:

========

FF ProfilePath: C:\Users\Bibanan\AppData\Roaming\Mozilla\Firefox\Profiles\xan65c4y.default

FF user.js: detected! => C:\Users\Bibanan\AppData\Roaming\Mozilla\Firefox\Profiles\xan65c4y.default\user.js

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bibanan\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bibanan\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-28]

 

Chrome: 

=======


CHR Plugin: (Shockwave Flash) - C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (WacomTabletPlugin) - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Google Update) - C:\Users\Bibanan\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (YouTube) - C:\Users\Bibanan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-28]

CHR Extension: (Google Search) - C:\Users\Bibanan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-28]

CHR Extension: (Google Wallet) - C:\Users\Bibanan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]

CHR Extension: (Gmail) - C:\Users\Bibanan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-28]

CHR StartMenuInternet: Google Chrome - C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\chrome.exe

 

========================== Services (Whitelisted) =================

 

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-05-19] ()

R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-23] (AVAST Software)

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

U2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()

R2 WSWNDA3100v2; C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()

 

==================== Drivers (Whitelisted) ====================

 

S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2006-11-02] (Intel Corporation)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-02-23] (AVAST Software)

R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-02-23] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-11-03] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-02-23] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-02-23] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-02-23] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-02-23] ()

R3 AVer88xHD; C:\Windows\System32\drivers\AVer88xHD.sys [401408 2007-04-08] (AVerMedia TECHNOLOGIES, Inc.)

R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1074944 2011-12-12] (Broadcom Corporation)

S1 Cdr4_xp; C:\Windows\system32\Drivers\Cdr4_xp.sys [44288 2005-09-07] (Sonic Solutions)

S1 Cdralw2k; C:\Windows\system32\Drivers\Cdralw2k.sys [24960 2005-09-07] (Sonic Solutions)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)

S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)

R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)

S3 VX6000; C:\Windows\System32\DRIVERS\VX6000Xp.sys [2074480 2010-01-29] (Microsoft Corporation

)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S1 ISODrive; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

U3 mbr; \??\C:\Users\Bibanan\AppData\Local\Temp\mbr.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-25 15:24 - 2014-02-25 15:25 - 00015875 _____ () C:\Users\Bibanan\Desktop\FRST.txt

2014-02-25 12:00 - 2014-02-25 12:00 - 00004593 _____ () C:\Users\Bibanan\Desktop\attach.txt

2014-02-25 12:00 - 2014-02-25 11:59 - 00012870 _____ () C:\Users\Bibanan\Desktop\dds.txt

2014-02-25 11:55 - 2014-02-25 11:55 - 00688992 ____R (Swearware) C:\Users\Bibanan\Desktop\dds.scr

2014-02-25 05:56 - 2014-02-25 05:56 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51 (3).exe

2014-02-25 04:45 - 2014-02-25 04:45 - 00000000 ____D () C:\Users\Bibanan\AppData\Roaming\Malwarebytes

2014-02-25 04:44 - 2014-02-25 04:44 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-25 04:44 - 2014-02-25 04:44 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-25 04:44 - 2014-02-25 04:44 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-02-25 04:44 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-25 04:41 - 2014-02-25 04:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bibanan\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-25 03:31 - 2014-02-25 03:31 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51 (2).exe

2014-02-25 00:23 - 2014-02-25 00:23 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51 (1).exe

2014-02-25 00:15 - 2014-02-25 00:15 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51.exe

2014-02-25 00:13 - 2014-02-25 00:35 - 00000000 ____D () C:\Windows\pss

2014-02-25 00:01 - 2014-02-25 00:17 - 00000386 _____ () C:\Windows\Tasks\ErrorEND.job

2014-02-25 00:01 - 2014-02-25 00:01 - 00000000 ____D () C:\Users\Bibanan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ErrorEND

2014-02-25 00:01 - 2014-02-25 00:01 - 00000000 ____D () C:\ProgramData\ErrorEND

2014-02-25 00:01 - 2014-02-25 00:01 - 00000000 ____D () C:\Program Files\ErrorEND

2014-02-24 23:59 - 2014-02-25 00:00 - 03891312 _____ () C:\Users\Bibanan\Downloads\ErrorEND_Pro_Installer.exe

2014-02-24 22:17 - 2014-02-24 22:17 - 00000000 ____D () C:\Users\Bibanan\AppData\Local\VS Revo Group

2014-02-24 22:17 - 2014-02-24 22:17 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-02-24 22:17 - 2014-02-24 22:17 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-02-24 22:17 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys

2014-02-24 22:13 - 2014-02-24 22:15 - 10619688 _____ (VS Revo Group ) C:\Users\Bibanan\Downloads\RevoUninProSetup.exe

2014-02-24 21:14 - 2014-02-24 21:17 - 00000000 ____D () C:\Program Files\Zenimax Online

2014-02-24 21:14 - 2014-02-24 21:14 - 00001974 _____ () C:\Users\Bibanan\Desktop\The Elder Scrolls Online Beta.lnk

2014-02-24 21:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll

2014-02-24 21:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll

2014-02-24 21:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll

2014-02-24 21:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll

2014-02-24 21:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll

2014-02-24 21:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll

2014-02-24 21:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll

2014-02-24 21:09 - 2014-02-24 21:13 - 55903624 _____ ( ) C:\Users\Bibanan\Downloads\Install_ESO_Beta.exe

2014-02-24 19:38 - 2014-02-25 15:25 - 00000000 ____D () C:\FRST

2014-02-24 19:36 - 2014-02-24 19:36 - 01143808 _____ (Farbar) C:\Users\Bibanan\Desktop\FRST.exe

2014-02-24 19:07 - 2014-02-24 19:09 - 00268574 _____ () C:\Users\Bibanan\Documents\cc_20140224_190712.reg

2014-02-24 19:04 - 2014-02-24 19:04 - 00000000 ____D () C:\Program Files\CCleaner

2014-02-24 19:02 - 2014-02-24 19:03 - 04765152 _____ (Piriform Ltd) C:\Users\Bibanan\Downloads\ccsetup411.exe

2014-02-24 17:12 - 2014-02-24 17:12 - 00156058 _____ () C:\Users\Bibanan\Downloads\JavaRa-2.5.zip

2014-02-24 15:07 - 2014-02-24 15:07 - 00165483 _____ () C:\Users\Bibanan\Downloads\JavaRa-1.16-28-5-13.zip

2014-02-23 22:43 - 2014-02-23 22:43 - 00000000 ____D () C:\Users\Bibanan\Documents\Electronic Arts

2014-02-23 22:16 - 2014-02-23 22:16 - 00000000 ____D () C:\Windows\Sun

2014-02-23 22:00 - 2014-02-23 22:00 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell

2014-02-23 21:58 - 2014-02-23 21:58 - 01507328 _____ () C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl

2014-02-23 21:58 - 2014-02-23 21:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Bibanan\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.12316896523760817.1.1.Run.exe

2014-02-23 21:58 - 2014-02-23 21:58 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2014-02-23 21:58 - 2014-02-23 21:58 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2014-02-23 21:49 - 2014-02-25 06:00 - 00000000 ____D () C:\ProgramData\Oracle

2014-02-23 21:40 - 2014-02-23 21:40 - 00675988 _____ () C:\Users\Bibanan\Downloads\Minecraft.exe

2014-02-23 20:46 - 2014-02-23 20:46 - 00001859 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk

2014-02-23 20:36 - 2014-02-23 20:36 - 00675988 _____ () C:\Users\Bibanan\Desktop\Minecraft.exe

2014-02-23 20:33 - 2014-02-23 20:33 - 00000000 ____D () C:\Program Files\Electronic Arts

 

==================== One Month Modified Files and Folders =======

 

2014-02-25 15:25 - 2014-02-25 15:24 - 00015875 _____ () C:\Users\Bibanan\Desktop\FRST.txt

2014-02-25 15:25 - 2014-02-24 19:38 - 00000000 ____D () C:\FRST

2014-02-25 15:24 - 2012-02-28 22:10 - 00000000 ____D () C:\Users\Bibanan\Desktop\Everything

2014-02-25 15:21 - 2012-02-28 23:02 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA.job

2014-02-25 15:20 - 2012-02-28 22:29 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-25 14:44 - 2006-11-02 07:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-25 14:44 - 2006-11-02 07:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-25 12:00 - 2014-02-25 12:00 - 00004593 _____ () C:\Users\Bibanan\Desktop\attach.txt

2014-02-25 11:59 - 2014-02-25 12:00 - 00012870 _____ () C:\Users\Bibanan\Desktop\dds.txt

2014-02-25 11:55 - 2014-02-25 11:55 - 00688992 ____R (Swearware) C:\Users\Bibanan\Desktop\dds.scr

2014-02-25 11:50 - 2006-11-02 05:33 - 00716948 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-25 11:49 - 2012-02-28 21:32 - 01299074 _____ () C:\Windows\WindowsUpdate.log

2014-02-25 11:45 - 2012-02-28 22:29 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-25 11:44 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-25 06:00 - 2014-02-23 21:49 - 00000000 ____D () C:\ProgramData\Oracle

2014-02-25 06:00 - 2006-11-02 08:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-02-25 05:59 - 2013-11-03 17:54 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-02-25 05:56 - 2014-02-25 05:56 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51 (3).exe

2014-02-25 05:52 - 2012-02-28 22:22 - 00228366 _____ () C:\Windows\PFRO.log

2014-02-25 04:45 - 2014-02-25 04:45 - 00000000 ____D () C:\Users\Bibanan\AppData\Roaming\Malwarebytes

2014-02-25 04:44 - 2014-02-25 04:44 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-25 04:44 - 2014-02-25 04:44 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-25 04:44 - 2014-02-25 04:44 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-02-25 04:42 - 2014-02-25 04:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bibanan\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-25 03:31 - 2014-02-25 03:31 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51 (2).exe

2014-02-25 00:35 - 2014-02-25 00:13 - 00000000 ____D () C:\Windows\pss

2014-02-25 00:23 - 2014-02-25 00:23 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51 (1).exe

2014-02-25 00:17 - 2014-02-25 00:01 - 00000386 _____ () C:\Windows\Tasks\ErrorEND.job

2014-02-25 00:15 - 2014-02-25 00:15 - 00921000 _____ (Oracle Corporation) C:\Users\Bibanan\Downloads\chromeinstall-7u51.exe

2014-02-25 00:01 - 2014-02-25 00:01 - 00000000 ____D () C:\Users\Bibanan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ErrorEND

2014-02-25 00:01 - 2014-02-25 00:01 - 00000000 ____D () C:\ProgramData\ErrorEND

2014-02-25 00:01 - 2014-02-25 00:01 - 00000000 ____D () C:\Program Files\ErrorEND

2014-02-25 00:00 - 2014-02-24 23:59 - 03891312 _____ () C:\Users\Bibanan\Downloads\ErrorEND_Pro_Installer.exe

2014-02-24 22:17 - 2014-02-24 22:17 - 00000000 ____D () C:\Users\Bibanan\AppData\Local\VS Revo Group

2014-02-24 22:17 - 2014-02-24 22:17 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-02-24 22:17 - 2014-02-24 22:17 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-02-24 22:15 - 2014-02-24 22:13 - 10619688 _____ (VS Revo Group ) C:\Users\Bibanan\Downloads\RevoUninProSetup.exe

2014-02-24 21:17 - 2014-02-24 21:14 - 00000000 ____D () C:\Program Files\Zenimax Online

2014-02-24 21:14 - 2014-02-24 21:14 - 00001974 _____ () C:\Users\Bibanan\Desktop\The Elder Scrolls Online Beta.lnk

2014-02-24 21:13 - 2014-02-24 21:09 - 55903624 _____ ( ) C:\Users\Bibanan\Downloads\Install_ESO_Beta.exe

2014-02-24 20:43 - 2012-02-28 21:58 - 00000000 ____D () C:\Program Files\Java

2014-02-24 20:22 - 2012-02-28 23:02 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core.job

2014-02-24 19:36 - 2014-02-24 19:36 - 01143808 _____ (Farbar) C:\Users\Bibanan\Desktop\FRST.exe

2014-02-24 19:09 - 2014-02-24 19:07 - 00268574 _____ () C:\Users\Bibanan\Documents\cc_20140224_190712.reg

2014-02-24 19:04 - 2014-02-24 19:04 - 00000000 ____D () C:\Program Files\CCleaner

2014-02-24 19:03 - 2014-02-24 19:02 - 04765152 _____ (Piriform Ltd) C:\Users\Bibanan\Downloads\ccsetup411.exe

2014-02-24 17:12 - 2014-02-24 17:12 - 00156058 _____ () C:\Users\Bibanan\Downloads\JavaRa-2.5.zip

2014-02-24 15:07 - 2014-02-24 15:07 - 00165483 _____ () C:\Users\Bibanan\Downloads\JavaRa-1.16-28-5-13.zip

2014-02-23 22:43 - 2014-02-23 22:43 - 00000000 ____D () C:\Users\Bibanan\Documents\Electronic Arts

2014-02-23 22:23 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-02-23 22:16 - 2014-02-23 22:16 - 00000000 ____D () C:\Windows\Sun

2014-02-23 22:00 - 2014-02-23 22:00 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell

2014-02-23 21:58 - 2014-02-23 21:58 - 01507328 _____ () C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl

2014-02-23 21:58 - 2014-02-23 21:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Bibanan\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.12316896523760817.1.1.Run.exe

2014-02-23 21:58 - 2014-02-23 21:58 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf

2014-02-23 21:58 - 2014-02-23 21:58 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx

2014-02-23 21:40 - 2014-02-23 21:40 - 00675988 _____ () C:\Users\Bibanan\Downloads\Minecraft.exe

2014-02-23 21:26 - 2006-11-02 07:47 - 03658448 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-02-23 20:53 - 2012-02-28 19:33 - 00071840 _____ () C:\Users\Bibanan\AppData\Local\GDIPFONTCACHEV1.DAT

2014-02-23 20:46 - 2014-02-23 20:46 - 00001859 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk

2014-02-23 20:45 - 2013-11-08 19:31 - 00000000 ____D () C:\Windows\system32\MRT

2014-02-23 20:40 - 2012-02-28 21:52 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-02-23 20:37 - 2012-02-28 21:55 - 00000000 ____D () C:\Program Files\Microsoft Works

2014-02-23 20:37 - 2006-11-02 06:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-02-23 20:36 - 2014-02-23 20:36 - 00675988 _____ () C:\Users\Bibanan\Desktop\Minecraft.exe

2014-02-23 20:33 - 2014-02-23 20:33 - 00000000 ____D () C:\Program Files\Electronic Arts

2014-02-23 20:33 - 2012-02-28 21:44 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

2014-02-23 19:37 - 2012-02-28 23:07 - 00002052 _____ () C:\Users\Bibanan\Desktop\Google Chrome.lnk

2014-02-23 19:26 - 2012-02-28 22:28 - 00001873 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2014-02-23 19:25 - 2013-03-03 21:27 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-02-23 19:25 - 2012-02-28 22:28 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2014-02-23 19:25 - 2012-02-28 22:28 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-02-23 19:25 - 2012-02-28 22:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-02-23 19:25 - 2012-02-28 22:28 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2014-02-23 19:25 - 2012-02-28 22:28 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys

2014-02-23 19:25 - 2012-02-28 22:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-02-23 19:25 - 2012-02-28 22:24 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-02-11 17:49 - 2013-02-18 09:50 - 00000472 _____ () C:\Windows\setupact.log

2014-02-04 19:09 - 2006-11-02 05:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

 

==================== Bamital & volsnap Check =================

 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-25 11:51

 

==================== End Of Log ============================

 

 


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-02-2014 02

Ran by Bibanan at 2014-02-25 15:25:50

Running from C:\Users\Bibanan\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

 

==================== Installed Programs ======================

 

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden

7-Zip 9.20 (HKLM\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)

Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)

Adobe AIR (Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden

Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)

Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)

Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)

Adobe Photoshop Elements 6.0 (HKLM\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems Inc.)

Adobe Photoshop Elements 6.0 (Version: 6.0 - Adobe Systems Inc.) Hidden

Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A80000000002}) (Version: 8.0.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)

AIO_CDA_ProductContext (Version: 82.0.233.000 - Hewlett-Packard) Hidden

AIO_CDA_Software (Version: 82.0.233.000 - Hewlett-Packard) Hidden

AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden

Apple Application Support (HKLM\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{8153ED9A-C94A-426E-9880-5E6775C08B62}) (Version: 4.0.0.97 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)

Audiosurf (HKLM\...\{6D316D67-DA52-4659-9C98-F479963534D6}) (Version: 1.00.0000 - BestGameEver)

avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2013 - Avast Software)

AVerMedia M791 PCIe Combo NTSC/ATSC 6.104.0.5 (HKLM\...\AVerMedia M791 PCIe Combo NTSC/ATSC) (Version: 6.104.0.5 - AVerMedia TECHNOLOGIES, Inc.)

Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)

Bamboo Dock (HKLM\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)

Bamboo Dock (Version: 4.0.0 - Wacom Europe GmbH) Hidden

BigFix (HKLM\...\{34FF0741-EC67-4C05-AC2A-6D257123DF2E}) (Version: 2.1.1.03 - BigFix)

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )

BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden

C5100 (Version: 82.0.233.000 - Hewlett-Packard) Hidden

c5100_Help (Version: 82.0.233.000 - Hewlett-Packard) Hidden

Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version:  - )

Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version:  - )

Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )

Canon MP250 series User Registration (HKLM\...\Canon MP250 series User Registration) (Version:  - )

Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )

Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )

Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)

Color Efex Pro 3.0 Wacom Edition 3 (HKLM\...\Color Efex Pro 3.0 Wacom Edition 3) (Version: 3.0.0.1 - Nik Software, Inc.)

Digital Media Reader (HKLM\...\InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}) (Version: 2.01.03.01 - AlcorMicro)

Digital Media Reader (Version: 2.01.03.01 - AlcorMicro) Hidden

ErrorEND (HKLM\...\ErrorEND) (Version: 1.0.9.3 - Seven Servos Software, Inc.)

Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden

Gateway Connect (HKLM\...\{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}) (Version: 1.1.0 - Acceller)

Gateway Game Console (HKLM\...\Gateway Game Console) (Version:  - WildTangent)

Gateway Recovery Center Installer (HKLM\...\{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}) (Version: 1.01.025 - Gateway)

Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)

Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden

HP Photosmart.All-In-One Driver Software 8.0 .A (HKLM\...\{282E5AB2-8E47-4571-B6FA-6B512555B557}) (Version: 8.0 - HP)

iTunes (HKLM\...\{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}) (Version: 10.5.3.3 - Apple Inc.)

LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )

LameACM (HKLM\...\LameACM) (Version:  - )

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.0.4.3 - Marvell)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden

Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000 - Microsoft Corporation) Hidden

Microsoft Digital Image Starter Edition 2006 (HKLM\...\PictureItSuiteTrial_v12) (Version: 11.0.2018 - Microsoft Corporation)

Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.2018 - Microsoft Corporation) Hidden

Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.2018 - Microsoft Corporation) Hidden

Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)

Microsoft Money 2006 (HKLM\...\Money2006b) (Version: 15 - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 16.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Napster (HKLM\...\{BBBCAE4B-B416-4182-A6F2-438180894A81}) (Version: 3.7.3.3 - Napster)

Napster Burn Engine (Version: 3.5.0000 - Roxio) Hidden

NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )

Origin (HKLM\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)

Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )

PS2 Multimedia Keyboard Driver (HKLM\...\{FF262740-C85A-11D5-BBEC-00D0B740900A}) (Version:  - )

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5361 - Realtek Semiconductor Corp.)

Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)

Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

The Elder Scrolls Online Beta (HKLM\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )

The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)

Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden

UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)

Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)

WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden

WebTablet FB Plugin (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)

WebTablet IE Plugin (HKLM\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)

WebTablet Netscape Plugin (HKLM\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)

WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

 

==================== Restore Points  =========================

 

24-02-2014 05:00:00 Scheduled Checkpoint

24-02-2014 20:03:43 Installed The Sims 3

25-02-2014 01:43:20 Installed Java 7 Update 51

25-02-2014 02:14:30 Installed DirectX

25-02-2014 03:19:01 Revo Uninstaller Pro's restore point - Power2Go 5.0

25-02-2014 03:56:17 Installed Java 7 Update 51

25-02-2014 04:04:12 Revo Uninstaller Pro's restore point - Java

25-02-2014 04:35:23 Installed Java 7 Update 51

25-02-2014 04:41:23 Revo Uninstaller Pro's restore point - java

25-02-2014 04:47:54 Revo Uninstaller Pro's restore point - Power2Go 5.0

25-02-2014 05:29:19 Installed Java 7 Update 51

25-02-2014 08:35:51 Installed Java 7 Update 51

25-02-2014 10:58:06 Installed Java 7 Update 51

 

==================== Hosts content: ==========================

 

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {15219CF9-84C8-4761-9DCB-140E77CE707A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {1D54914C-D614-4F05-84EE-C176BD386A63} - System32\Tasks\ErrorEND => C:\Program Files\ErrorEND\ERROREND.exe [2013-11-21] (Seven Servos Software Inc.)

Task: {219863EB-8EEE-4835-BDF0-B0B4F25A2AF1} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2006-11-02] (Microsoft Corporation)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2006-11-02] (Microsoft Corporation)

Task: {570179EE-6C4F-465C-BCB7-284CBA6CEFDF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

Task: {5714D329-8783-4923-8372-4C5B7C5E1053} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-23] (AVAST Software)

Task: {645B2E8A-1293-4A97-A579-233D104DCC85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

Task: {78AB51A7-DC88-4F6D-ADB5-C6C54960896D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {7DCB0605-3B85-48F1-986C-95380066039D} - System32\Tasks\AdobeAAMUpdater-1.0-Bibanan-PC-Bibanan => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)

Task: {9EB44560-63F6-4CA3-8294-048D3F7D340B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {CFBA93B0-6C77-40B0-BD39-211BEEFE6D37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2006-11-02] ()

Task: {F1FF58B3-F194-4DE9-941B-53CF66AC127F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

Task: C:\Windows\Tasks\ErrorEND.job => C:\Program Files\ErrorEND\ErrorEND.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core.job => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA.job => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-02-25 05:54 - 2014-02-28 04:29 - 02186240 _____ () C:\Program Files\AVAST Software\Avast\defs\14022800\algo.dll

2012-05-18 05:50 - 2012-02-17 19:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll

2012-03-11 15:32 - 2011-09-08 16:48 - 00962936 _____ () C:\Program Files\Tablet\Pen\libxml2.dll

2013-11-03 17:59 - 2013-11-03 18:00 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2012-02-28 21:46 - 2006-11-07 17:08 - 00547840 _____ () C:\WINDOWS\zHotkey.exe

2011-09-26 22:45 - 2011-09-26 22:45 - 00646232 _____ () C:\Program Files\Bamboo Dock\BambooCore.exe

2012-02-28 19:44 - 2011-12-14 17:55 - 08453376 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe

2012-02-28 19:45 - 2011-12-14 10:43 - 00278528 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll

2007-09-10 23:45 - 2007-09-10 23:45 - 00124832 _____ () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

2007-06-05 12:20 - 2007-06-05 12:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe

2012-02-28 19:45 - 2011-12-14 17:53 - 00303360 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe

2012-02-28 19:45 - 2011-12-14 10:22 - 00368640 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll

2014-02-23 19:37 - 2014-02-19 20:02 - 00051016 _____ () C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll

2014-02-23 19:37 - 2014-02-19 20:03 - 04060488 _____ () C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll

2014-02-23 19:37 - 2014-02-19 20:03 - 00394568 _____ () C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll

2014-02-23 19:37 - 2014-02-19 20:02 - 01647432 _____ () C:\Users\Bibanan\AppData\Local\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll

2014-02-24 21:14 - 2014-02-05 22:52 - 22908928 _____ () C:\Program Files\Zenimax Online\Launcher\libcef.dll

2014-02-24 21:17 - 2014-02-05 22:52 - 00028192 _____ () C:\Program Files\Zenimax Online\Launcher\MinSpecDetectionInterop.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== Disabled items from MSCONFIG ==============

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/24/2014 11:57:03 PM) (Source: MsiInstaller) (User: Bibanan-PC)

Description: Product: Java 7 Update 51 -- Error 25025.  A previous Java uninstallation was never completed.  You need to restart your computer before installing Java.

 

Error: (02/24/2014 11:47:53 PM) (Source: VSS) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.

This is often caused by incorrect security settings in either the writer or requestor process.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {d15427f5-05e9-44c9-9f6c-0671d64ebdd7}

 

Error: (02/24/2014 11:41:22 PM) (Source: VSS) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.

This is often caused by incorrect security settings in either the writer or requestor process.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {d15427f5-05e9-44c9-9f6c-0671d64ebdd7}

 

Error: (02/24/2014 11:22:27 PM) (Source: MsiInstaller) (User: Bibanan-PC)

Description: Product: Java 7 Update 51 -- Error 25025.  A previous Java uninstallation was never completed.  You need to restart your computer before installing Java.

 

Error: (02/24/2014 11:04:04 PM) (Source: VSS) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.

This is often caused by incorrect security settings in either the writer or requestor process.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {5edc34b9-e38c-4538-932c-55129338fc8d}

 

Error: (02/24/2014 10:19:01 PM) (Source: VSS) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.

This is often caused by incorrect security settings in either the writer or requestor process.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {5edc34b9-e38c-4538-932c-55129338fc8d}

 

Error: (02/24/2014 09:14:47 PM) (Source: System Restore) (User: )

Description: Failed to create restore point on volume (Process = C:\Program Files\Zenimax Online\Launcher\directx\DXSETUP.exe Files\Zenimax Online\Launcher\directx\DXSETUP.exe"; Descripton = dCw; Hr = 0x80070057).

 

Error: (02/24/2014 09:14:29 PM) (Source: VSS) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.

This is often caused by incorrect security settings in either the writer or requestor process.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {5edc34b9-e38c-4538-932c-55129338fc8d}

 

Error: (02/24/2014 07:25:01 PM) (Source: MsiInstaller) (User: Bibanan-PC)

Description: Product: Java 7 Update 51 -- Error 25025.  A previous Java uninstallation was never completed.  You need to restart your computer before installing Java.

 

Error: (02/24/2014 07:14:19 PM) (Source: MsiInstaller) (User: Bibanan-PC)

Description: Product: Java 7 Update 51 -- Error 25025.  A previous Java uninstallation was never completed.  You need to restart your computer before installing Java.

 

 

System errors:

=============

Error: (02/25/2014 11:43:48 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 12, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 11:43:48 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 11, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 11:43:48 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 9, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 05:54:52 AM) (Source: Service Control Manager) (User: )

Description: Cdr4_xp

i8042prt

 

Error: (02/25/2014 05:52:45 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 12, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 05:52:45 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 11, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 05:52:45 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 9, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 03:25:42 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 12, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 03:25:42 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 11, function 0.

Please contact your system vendor for technical assistance.

 

Error: (02/25/2014 03:25:42 AM) (Source: ACPI) (User: )

Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 9, function 0.

Please contact your system vendor for technical assistance.

 

 

Microsoft Office Sessions:

=========================

 

CodeIntegrity Errors:

===================================

  Date: 2014-02-25 05:48:35.588

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:48:35.541

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:48:35.492

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:48:35.444

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:48:35.395

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:48:35.347

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:29:40.371

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:29:40.329

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:29:40.285

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-02-25 05:29:40.243

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 53%

Total physical RAM: 1917.88 MB

Available physical RAM: 886.65 MB

Total Pagefile: 4045.95 MB

Available Pagefile: 2687.11 MB

Total Virtual: 2047.88 MB

Available Virtual: 1947.55 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:455.94 GB) (Free:397.31 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVERY) (Fixed) (Total:9.82 GB) (Free:3.86 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 230BD73D)

Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=456 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Please download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

Once this has completed please restart the computer.

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-02-2014 02

Ran by Bibanan at 2014-02-25 16:21:17 Run:1

Running from C:\Users\Bibanan\Desktop

Boot Mode: Normal

 

==============================================

 

Content of fixlist:

*****************

BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

C:\Program Files\Java

CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GM5472

HKLM\...\Run: [bigFix] - c:\program files\Bigfix\bigfix.exe [2348584 2006-11-16] (BigFix Inc.)

HKLM\...\Run: [NapsterShell] - C:\Program Files\Napster\napster.exe [323216 2006-09-06] (Napster)

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GM5472

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GM5472

HKU\S-1-5-21-3293900412-849232833-49195623-1000\...\MountPoints2: {09d14c99-6bb6-11e1-b12d-001bb9581be3} - M:\LaunchU3.exe -a

HKU\S-1-5-21-3293900412-849232833-49195623-1000\...\MountPoints2: {1156da41-627d-11e1-8db3-806e6f6e6963} - E:\Autorun.exe

HKU\S-1-5-21-3293900412-849232833-49195623-1000\...\Run: [Google Update] - C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-28] (Google Inc.)

SearchScopes: HKCU - DefaultScope {A30ECCCA-6C3F-433B-BF09-82DE980C9967} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

SearchScopes: HKCU - {A30ECCCA-6C3F-433B-BF09-82DE980C9967} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

SearchScopes: HKLM - DefaultScope {7650355F-E43A-408F-9BEC-CD9E5DB705E0} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

SearchScopes: HKLM - {7650355F-E43A-408F-9BEC-CD9E5DB705E0} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}

Task: C:\Windows\Tasks\ErrorEND.job => C:\Program Files\ErrorEND\ErrorEND.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core.job => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA.job => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {1D54914C-D614-4F05-84EE-C176BD386A63} - System32\Tasks\ErrorEND => C:\Program Files\ErrorEND\ERROREND.exe [2013-11-21] (Seven Servos Software Inc.)

Task: {219863EB-8EEE-4835-BDF0-B0B4F25A2AF1} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2006-11-02] (Microsoft Corporation)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2006-11-02] (Microsoft Corporation)

Task: {570179EE-6C4F-465C-BCB7-284CBA6CEFDF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

Task: {645B2E8A-1293-4A97-A579-233D104DCC85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

Task: {78AB51A7-DC88-4F6D-ADB5-C6C54960896D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {7DCB0605-3B85-48F1-986C-95380066039D} - System32\Tasks\AdobeAAMUpdater-1.0-Bibanan-PC-Bibanan => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)

Task: {CFBA93B0-6C77-40B0-BD39-211BEEFE6D37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

Task: {F1FF58B3-F194-4DE9-941B-53CF66AC127F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA => C:\Users\Bibanan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)

U3 mbr; \??\C:\Users\Bibanan\AppData\Local\Temp\mbr.sys [X]

 

*****************

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.

HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.

HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.

C:\Program Files\Java => Moved successfully.

C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll not found.

C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll not found.

HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2 => Key deleted successfully.

C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll not found.

HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2 => Key deleted successfully.

C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll not found.

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BigFix => Value deleted successfully.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NapsterShell => Value deleted successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09d14c99-6bb6-11e1-b12d-001bb9581be3} => Key not found.

HKCR\CLSID\{09d14c99-6bb6-11e1-b12d-001bb9581be3} => Key not found.

HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1156da41-627d-11e1-8db3-806e6f6e6963} => Key not found.

HKCR\CLSID\{1156da41-627d-11e1-8db3-806e6f6e6963} => Key not found.

HKU\S-1-5-21-3293900412-849232833-49195623-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A30ECCCA-6C3F-433B-BF09-82DE980C9967} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{A30ECCCA-6C3F-433B-BF09-82DE980C9967} => Key not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7650355F-E43A-408F-9BEC-CD9E5DB705E0} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{7650355F-E43A-408F-9BEC-CD9E5DB705E0} => Key not found.

C:\Windows\Tasks\ErrorEND.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA.job => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D54914C-D614-4F05-84EE-C176BD386A63} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D54914C-D614-4F05-84EE-C176BD386A63} => Key deleted successfully.

C:\Windows\System32\Tasks\ErrorEND => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ErrorEND => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{219863EB-8EEE-4835-BDF0-B0B4F25A2AF1} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{219863EB-8EEE-4835-BDF0-B0B4F25A2AF1} => Key deleted successfully.

C:\Windows\System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TabletPC\InputPersonalization => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.

C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{44980BEE-7809-44A9-AC24-D6E578A3B7DF} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44980BEE-7809-44A9-AC24-D6E578A3B7DF} => Key deleted successfully.

C:\Windows\System32\Tasks\Microsoft\Windows\RAC\RACAgent => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RACAgent => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{570179EE-6C4F-465C-BCB7-284CBA6CEFDF} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{570179EE-6C4F-465C-BCB7-284CBA6CEFDF} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{645B2E8A-1293-4A97-A579-233D104DCC85} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{645B2E8A-1293-4A97-A579-233D104DCC85} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000Core => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78AB51A7-DC88-4F6D-ADB5-C6C54960896D} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78AB51A7-DC88-4F6D-ADB5-C6C54960896D} => Key deleted successfully.

C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DCB0605-3B85-48F1-986C-95380066039D} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DCB0605-3B85-48F1-986C-95380066039D} => Key deleted successfully.

C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Bibanan-PC-Bibanan => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Bibanan-PC-Bibanan => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CFBA93B0-6C77-40B0-BD39-211BEEFE6D37} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFBA93B0-6C77-40B0-BD39-211BEEFE6D37} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1FF58B3-F194-4DE9-941B-53CF66AC127F} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1FF58B3-F194-4DE9-941B-53CF66AC127F} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3293900412-849232833-49195623-1000UA => Key deleted successfully.

mbr => Service not found.

 

==== End of Fixlog ====

Link to post
Share on other sites

  • Root Admin

Please run this one more time and restart the computer when it's done.

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Then run the following

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites

I give up.

I've tried twice to run TFC. I ran it and clicked start. It did nothing for quite a while so I left it overnight. Nothing still. I move the mouse and click exit, but it turns out it was frozen the whole time. I couldn't get it to work so I had to turn it off by holding down the power button. Then the computer just wouldn't even turn on. I had to unplug the cord from the tower and wait a while until I heard a spark when I plugged it back in. It did the same thing the second time.

I think I'll just toss this one and wait until I can purchase a new desktop computer. I'm done with it.

 

As for you, I would like to give you my thanks for helping me as best you can. I have no money to give but I do have the ability to make something for you. If you're interested, I can draw an image for you?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.