Jump to content

The ordinal 791


beepbeep
 Share

Recommended Posts

I did a system restore after I had a problem with Skype. But after the system restore I get this message: The ordinal 791 could not be located in the dynamic link library iertutil.dll. This shows uo in windows live mail and it won't show me the email messages.

How can I address this.

 

Link to post
Share on other sites

Hi:
 
Until one of the more expert members arrives, have you tried a Google search for "The ordinal 791 could not be located in the dynamic link library iertutil.dll" -- it looks like a corrupt/broken driver file that resulted from the system restore? :)

http://pcsupport.about.com/od/findbyerrormessage/a/iertutil-dll-not-found-missing-error.htm

 
Also, it would help us to better assist you if we could learn a wee bit of basic system information, such as the version of Windows OS. ;)

 

Please run the following tools and attach the resulting logs (there will be 4 log files altogether, unless you are running Win8, in which case there will only be the 2 FRST logs).

 

Thanks,

-----------------------------------

 

STEP 1
Please run the DDS scanner and send back both logs as attachments to your next reply.
If you are running Windows 8.1, please skip this step.

Download DDS from one of the locations below and save it to your Desktop:
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include both of the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.

 

STEP 2
Please run the FRST tool and send back both logs as attachments to your next reply.

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. The one that runs will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your next reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your next reply.
Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 04/07/2012 15:17:29
System Uptime: 11/08/2014 07:10:21 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | P5G41T-M LX
Processor: Pentium® Dual-Core  CPU      E5700  @ 3.00GHz | LGA775 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 785.032 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP258: 30/07/2014 06:58:17 - Windows Update
RP259: 31/07/2014 04:06:10 - Windows Update
RP260: 05/08/2014 06:59:06 - Windows Update
RP261: 09/08/2014 05:38:13 - Windows Update
RP262: 10/08/2014 11:22:34 - Removed Skype Click to Call
RP263: 10/08/2014 11:23:13 - Removed Skype™ 6.18
RP264: 10/08/2014 11:31:27 - Removed Skype™ 6.18
RP265: 10/08/2014 12:40:10 - Windows Modules Installer
RP266: 10/08/2014 13:55:39 - Windows Modules Installer
RP267: 10/08/2014 15:12:50 - Removed Skype™ 6.18
RP268: 10/08/2014 15:18:37 - Restore Operation
RP269: 10/08/2014 16:02:23 - avast! antivirus system restore point
RP270: 10/08/2014 16:07:48 - Windows Update
RP271: 10/08/2014 18:34:47 - Installed DirectX
RP272: 10/08/2014 18:35:11 - Installed DirectX
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader XI (11.0.07)
Adobe Stock Photos 1.0
Amazon Kindle
Apple Application Support
Apple Software Update
Artisteer 2
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
µTorrent
avast! Free Antivirus
Camtasia Studio 7
CCleaner
CoffeeCup Free FTP
D3DX10
Dropbox
Evernote v. 4.5.7
FileZilla Client 3.8.0
FreshKey
Google Chrome
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 5.8.0.1189
Intel® Graphics Media Accelerator Driver
Java 7 Update 60
Java 7 Update 65 (64-bit)
Java Auto Updater
Java 6 Update 45 (64-bit)
Junk Mail filter update
Keyword Optimizer Pro 2
Macromedia Dreamweaver 8
Macromedia Extension Manager
Malwarebytes Anti-Malware version 1.75.0.1300
Market Samurai
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Camera Codec Pack
Microsoft IntelliPoint 8.2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft PowerPoint Viewer
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 31.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Pdf995
PDFCreator
QuickTime 7
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Skype Click to Call
Skype™ 6.18
Switch Sound File Converter
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vision Defense
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Windows Driver Package - Hewlett-Packard Image  (12/28/2006 8.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPatrol
Wise Care 365 2.99
Wise Registry Cleaner 8.03
.
==== Event Viewer Messages From Past Week ========
.
10/08/2014 13:47:10, Error: Service Control Manager [7023]  - The Windows Modules Installer service terminated with the following error:  The object specified could not be created or opened, because its associated TransactionManager is not online.  The TransactionManager must be brought fully Online by calling RecoverTransactionManager to recover to the end of its LogFile before objects in its Transaction or ResourceManager namespaces can be opened.  In addition, errors in writing records to its LogFile can cause a TransactionManager to go offline.
10/08/2014 13:47:01, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================
 

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.60.2
Run by User at 8:32:05 on 2014-08-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.4061.2303 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TalkTalk Setup CD Reporting Tool.exe
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VISION~1.LNK - C:\Program Files (x86)\Vision Defense\Vision Defense.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{68F549D3-7AA5-415F-8635-239532367632} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fbp11f7m.default\
FF - prefs.js: browser.startup.homepage - www.google.co.uk
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-6-2 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-6-2 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-6-2 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-6-2 427360]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-23 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-6-2 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-6-2 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-11 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-7-4 77936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2014-5-28 580232]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-10 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-6 1255736]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2014-1-12 29288]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2014-1-12 29288]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2014-1-12 29288]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2014-1-12 29288]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2014-1-12 29288]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L"
.
=============== Created Last 30 ================
.
2014-08-11 06:47:25    --------    d-----w-    C:\Users\User\AppData\Local\{978C1CCD-C7E2-4F4B-BF58-B277ED124726}
2014-08-10 15:08:36    10924376    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{911446B9-D608-4906-A78A-C551EA65ADF9}\mpengine.dll
2014-08-10 15:07:05    --------    d-----w-    C:\Users\User\AppData\Local\{31E75C00-6ADF-4103-987B-D3F6CAF0BAFB}
2014-08-10 07:43:06    --------    d-----w-    C:\Users\User\AppData\Local\{69B4AD83-BAA5-4E48-BBAA-8FC633574B9B}
2014-08-09 19:42:41    --------    d-----w-    C:\Users\User\AppData\Local\{2537390F-61AA-40E2-8C4A-39CDC2EB1B56}
2014-08-09 07:42:25    --------    d-----w-    C:\Users\User\AppData\Local\{C79AB55A-62EF-40BC-A041-1A22DD368CFB}
2014-08-08 19:42:00    --------    d-----w-    C:\Users\User\AppData\Local\{1E417506-EAE0-4CA0-BD76-C1AFAC6040E3}
2014-08-08 07:41:48    --------    d-----w-    C:\Users\User\AppData\Local\{E93612CA-022A-40F4-AF8C-43E5EBDABD24}
2014-08-07 19:41:23    --------    d-----w-    C:\Users\User\AppData\Local\{47394201-543C-4638-9149-D13C5A0690E5}
2014-08-07 07:41:10    --------    d-----w-    C:\Users\User\AppData\Local\{853F9A4B-2D04-4FEF-909B-018970FC030E}
2014-08-06 19:40:45    --------    d-----w-    C:\Users\User\AppData\Local\{25A5D269-238C-470B-BE16-268F3AEC5A92}
2014-08-06 07:40:08    --------    d-----w-    C:\Users\User\AppData\Local\{D3B2A5F7-655C-4E9E-98BF-9AF9713374F8}
2014-08-05 19:39:43    --------    d-----w-    C:\Users\User\AppData\Local\{55916C93-6244-452C-BA38-27F9E2105DA7}
2014-08-05 07:39:31    --------    d-----w-    C:\Users\User\AppData\Local\{FBEB232A-B783-4F89-934D-674C669DAF67}
2014-08-04 19:39:05    --------    d-----w-    C:\Users\User\AppData\Local\{38B82AFF-38FC-4412-9062-F2E712C99898}
2014-08-04 07:38:53    --------    d-----w-    C:\Users\User\AppData\Local\{D6778506-5A31-4222-8824-326D294CF641}
2014-08-03 19:38:28    --------    d-----w-    C:\Users\User\AppData\Local\{F04C2325-EB2B-4D59-B677-18CA7DC3CBF4}
2014-08-03 07:38:16    --------    d-----w-    C:\Users\User\AppData\Local\{72BB4C27-948E-4448-BC43-9A7046D1A544}
2014-08-02 19:37:52    --------    d-----w-    C:\Users\User\AppData\Local\{EA983E21-1EBE-45B1-9A9F-63AAE80ABE0A}
2014-08-02 07:37:40    --------    d-----w-    C:\Users\User\AppData\Local\{0A2CA0C7-5BE3-4F30-82EE-2EA453FC6045}
2014-08-01 19:37:15    --------    d-----w-    C:\Users\User\AppData\Local\{A90A0B75-2A0B-4404-9BC9-F02F35E770B2}
2014-08-01 07:37:02    --------    d-----w-    C:\Users\User\AppData\Local\{2E281637-8D11-4CB2-8F37-8A66F3C160E9}
2014-07-31 19:36:37    --------    d-----w-    C:\Users\User\AppData\Local\{1B218C7E-00E5-4088-93DE-A6F764A7D2C2}
2014-07-31 07:36:25    --------    d-----w-    C:\Users\User\AppData\Local\{734C47F4-8B17-4D64-B18A-C8E356F01548}
2014-07-30 19:35:59    --------    d-----w-    C:\Users\User\AppData\Local\{9A529490-352B-452A-82C8-8AB6DFA8F69D}
2014-07-30 07:35:47    --------    d-----w-    C:\Users\User\AppData\Local\{93C5A0CE-7077-4296-B59B-9979435ACABD}
2014-07-29 19:35:23    --------    d-----w-    C:\Users\User\AppData\Local\{14B52461-FCB3-4EB6-ABD4-EDA0380A70B2}
2014-07-29 07:34:58    --------    d-----w-    C:\Users\User\AppData\Local\{3FBEDCF5-0102-4282-B79A-6AA48391F89A}
2014-07-28 19:34:33    --------    d-----w-    C:\Users\User\AppData\Local\{35CE915D-9DD2-413E-8A27-B09F007ABC73}
2014-07-28 07:34:21    --------    d-----w-    C:\Users\User\AppData\Local\{0CC3042D-BFC8-4BA1-8B56-E12507D5639F}
2014-07-27 19:33:57    --------    d-----w-    C:\Users\User\AppData\Local\{C2A665F8-6D6F-48E0-BE73-D31B67D1BC5E}
2014-07-27 07:33:31    --------    d-----w-    C:\Users\User\AppData\Local\{AFB813BB-337E-4781-A97D-F3D079C71202}
2014-07-26 19:33:07    --------    d-----w-    C:\Users\User\AppData\Local\{E6555A06-E4F7-473E-A142-499EE3FC1002}
2014-07-26 07:32:55    --------    d-----w-    C:\Users\User\AppData\Local\{95EFCA16-0880-4D8D-A8D6-E4A1D6783366}
2014-07-25 19:26:35    --------    d-----w-    C:\Users\User\AppData\Local\{89A1B035-E81A-4BF8-A90C-1240D9D15D2A}
2014-07-25 07:26:10    --------    d-----w-    C:\Users\User\AppData\Local\{696B8B77-022A-4166-92D8-28247415019A}
2014-07-24 19:25:46    --------    d-----w-    C:\Users\User\AppData\Local\{C6A19A19-8FDA-423D-8865-B6F668E68B90}
2014-07-24 07:25:22    --------    d-----w-    C:\Users\User\AppData\Local\{F88E373A-997E-44EA-96A5-A4B43B9F1134}
2014-07-23 19:24:57    --------    d-----w-    C:\Users\User\AppData\Local\{4F89C185-D7AF-41A4-975A-8AB4620572BB}
2014-07-23 10:09:13    111016    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-07-23 07:24:32    --------    d-----w-    C:\Users\User\AppData\Local\{B93F3412-8F01-4D81-8D67-999CF1F971C8}
2014-07-22 19:24:08    --------    d-----w-    C:\Users\User\AppData\Local\{95E7AD8E-0C70-401A-B805-38DC2605FD71}
2014-07-22 07:23:56    --------    d-----w-    C:\Users\User\AppData\Local\{99C6B4F6-3F05-4F2C-8136-0BCF0B57F592}
2014-07-21 19:23:31    --------    d-----w-    C:\Users\User\AppData\Local\{311C97D2-32B7-4014-8CE8-473747FA57F1}
2014-07-21 07:23:19    --------    d-----w-    C:\Users\User\AppData\Local\{5B4CC727-AEE9-48E4-AC78-9E4C47A09DB1}
2014-07-20 19:22:54    --------    d-----w-    C:\Users\User\AppData\Local\{E8CAB33C-9991-40E4-A0B7-4FA32D003C44}
2014-07-20 07:22:42    --------    d-----w-    C:\Users\User\AppData\Local\{C1B5BFB2-BEEE-478F-8918-47929037721A}
2014-07-19 19:22:30    --------    d-----w-    C:\Users\User\AppData\Local\{96DB0404-B93A-40DC-B472-9FAD9AD4214B}
2014-07-19 07:22:17    --------    d-----w-    C:\Users\User\AppData\Local\{BB118FAD-5807-4700-BCA1-4C95BB253F3A}
2014-07-18 19:21:53    --------    d-----w-    C:\Users\User\AppData\Local\{F7F41CA6-DDA6-43F4-9C7C-510DF864A93D}
2014-07-18 07:20:48    --------    d-----w-    C:\Users\User\AppData\Local\{EA71133B-A32D-4535-B414-62B439AFD652}
2014-07-17 19:20:24    --------    d-----w-    C:\Users\User\AppData\Local\{ED34583A-9302-44F0-AC23-6E07CD8ED050}
2014-07-17 07:19:31    --------    d-----w-    C:\Users\User\AppData\Local\{2F33F488-E1FB-4E99-8046-716344C897D0}
2014-07-16 19:19:06    --------    d-----w-    C:\Users\User\AppData\Local\{AC6611B0-134F-4161-BCC3-8119988AE8D4}
2014-07-16 07:18:54    --------    d-----w-    C:\Users\User\AppData\Local\{CCC090DF-01DD-4753-819F-F14022909E94}
2014-07-15 19:18:29    --------    d-----w-    C:\Users\User\AppData\Local\{96DD099B-9457-45DF-9DDF-D48AA7A6A85B}
2014-07-15 07:18:17    --------    d-----w-    C:\Users\User\AppData\Local\{A9882D1A-B19B-497F-86D1-9B3641B0E8DA}
2014-07-14 19:17:52    --------    d-----w-    C:\Users\User\AppData\Local\{BF74A961-3ADC-45BA-8F80-70A01D6BC2F6}
2014-07-14 07:17:40    --------    d-----w-    C:\Users\User\AppData\Local\{6647C923-A635-4F67-B663-9F5224A460A2}
2014-07-13 19:17:18    --------    d-----w-    C:\Users\User\AppData\Local\{0D66674A-5B6F-418B-A0D4-984AE3270635}
2014-07-13 07:17:03    --------    d-----w-    C:\Users\User\AppData\Local\{EAEEF6BD-B079-4063-8712-94CF3950CDF7}
2014-07-12 07:46:25    --------    d-----w-    C:\Users\User\AppData\Local\{8FC90E9A-76F5-4B05-B0A6-BCB87725B6D4}
.
==================== Find3M  ====================
.
2014-07-11 13:02:33    93568    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2014-07-11 13:02:33    92008    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2014-07-11 13:02:33    79184    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-11 13:02:33    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-07-11 13:02:33    29208    ----a-w-    C:\Windows\System32\drivers\aswHwid.sys
2014-07-11 13:02:33    224896    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-07-11 13:02:33    1041168    ----a-w-    C:\Windows\System32\drivers\aswsnx.sys
2014-07-11 13:02:32    43152    ----a-w-    C:\Windows\avastSS.scr
2014-07-09 12:42:11    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 12:42:11    699056    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-04 05:17:31    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-30 02:09:33    519168    ----a-w-    C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-06-19 01:06:55    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:48:18    2768384    ----a-w-    C:\Windows\System32\iertutil(57).dll
2014-06-19 00:42:57    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38    5721088    ----a-w-    C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55    62464    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:32:55    2179072    ----a-w-    C:\Windows\SysWow64\iertutil(65).dll
2014-06-18 23:27:45    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27    2266112    ----a-w-    C:\Windows\System32\wininet(61).dll
2014-06-18 22:52:18    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:34:25    1393664    ----a-w-    C:\Windows\System32\urlmon(59).dll
2014-06-18 22:13:59    1791488    ----a-w-    C:\Windows\SysWow64\wininet(68).dll
2014-06-18 22:09:34    1139200    ----a-w-    C:\Windows\SysWow64\urlmon(67).dll
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36    3157504    ----a-w-    C:\Windows\System32\win32k.sys
2014-06-06 10:10:34    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-05-30 08:08:41    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-05-30 07:52:51    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
.
============= FINISH:  8:32:27.02 ===============
 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by User (administrator) on USER-PC on 11-08-2014 08:36:36
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-10] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1474768639-1737181589-514141678-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-05] (Google Inc.)
HKU\S-1-5-21-1474768639-1737181589-514141678-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1474768639-1737181589-514141678-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
HKU\S-1-5-21-1474768639-1737181589-514141678-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TalkTalk Setup CD Reporting Tool.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\visiondefense.lnk
ShortcutTarget: visiondefense.lnk -> C:\Program Files (x86)\Vision Defense\Vision Defense.exe (Multidmedia Limited                 )
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {81D594C2-04A0-4259-90F4-BD7B25340AAC} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN16397273002052910&UM=1
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fbp11f7m.default
FF Homepage: www.google.co.uk
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: PageRank for Firefox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fbp11f7m.default\Extensions\pagerank@any-tech.ws.xpi [2012-08-02]
FF Extension: StumbleUpon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fbp11f7m.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-04-20]
FF Extension: Property Bee - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fbp11f7m.default\Extensions\{da8bd68d-8e90-41cd-8345-a71b294e72e6}.xpi [2012-09-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-02]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 6 U35) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.350.10) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-24]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-24]
CHR Extension: (cconatinuaeeteosavve) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfomdijgjiomlfpmgbneopffnlemlljl [2013-06-04]
CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-02]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-11-19] (Adobe Systems) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U3 Anetatoaaic; No ImagePath
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 08:36 - 2014-08-11 08:37 - 00020730 _____ () C:\Users\User\Downloads\FRST.txt
2014-08-11 08:36 - 2014-08-11 08:36 - 00000000 ____D () C:\FRST
2014-08-11 08:35 - 2014-08-11 08:35 - 02099712 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-08-11 08:32 - 2014-08-11 08:32 - 00025141 _____ () C:\Users\User\Desktop\dds.txt
2014-08-11 08:32 - 2014-08-11 08:32 - 00008575 _____ () C:\Users\User\Desktop\attach.txt
2014-08-11 08:31 - 2014-08-11 08:31 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.scr
2014-08-11 07:47 - 2014-08-11 07:47 - 00000000 ____D () C:\Users\User\AppData\Local\{978C1CCD-C7E2-4F4B-BF58-B277ED124726}
2014-08-10 18:37 - 2014-08-10 18:37 - 00000020 _____ () C:\Windows\Øø¿
2014-08-10 18:35 - 2014-08-10 18:35 - 00000359 _____ () C:\Windows\DirectX.log
2014-08-10 17:05 - 2014-08-10 17:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-10 16:07 - 2014-08-10 16:07 - 00000000 ____D () C:\Users\User\AppData\Local\{31E75C00-6ADF-4103-987B-D3F6CAF0BAFB}
2014-08-10 16:04 - 2014-08-10 16:04 - 00001926 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-10 13:56 - 2014-08-10 13:56 - 00000134 _____ () C:\Users\User\Desktop\Internet Explorer Troubleshooting.url
2014-08-10 11:59 - 2014-08-10 11:59 - 02077392 _____ (Microsoft Corporation) C:\Users\User\Downloads\IE11-Windows6.1.exe
2014-08-10 11:32 - 2014-08-10 11:32 - 01551008 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\skypesetup(1).exe
2014-08-10 11:32 - 2014-08-10 11:32 - 00003134 _____ () C:\Windows\System32\Tasks\{C6477BE5-03D4-4918-AC82-E44D44A370C2}
2014-08-10 11:28 - 2014-08-10 11:28 - 00000561 _____ () C:\Users\User\Downloads\css.zip
2014-08-10 08:43 - 2014-08-10 08:43 - 00000000 ____D () C:\Users\User\AppData\Local\{69B4AD83-BAA5-4E48-BBAA-8FC633574B9B}
2014-08-09 20:42 - 2014-08-09 20:42 - 00000000 ____D () C:\Users\User\AppData\Local\{2537390F-61AA-40E2-8C4A-39CDC2EB1B56}
2014-08-09 08:42 - 2014-08-09 08:42 - 00000000 ____D () C:\Users\User\AppData\Local\{C79AB55A-62EF-40BC-A041-1A22DD368CFB}
2014-08-08 20:42 - 2014-08-08 20:42 - 00000000 ____D () C:\Users\User\AppData\Local\{1E417506-EAE0-4CA0-BD76-C1AFAC6040E3}
2014-08-08 08:41 - 2014-08-08 08:41 - 00000000 ____D () C:\Users\User\AppData\Local\{E93612CA-022A-40F4-AF8C-43E5EBDABD24}
2014-08-07 20:41 - 2014-08-07 20:41 - 00000000 ____D () C:\Users\User\AppData\Local\{47394201-543C-4638-9149-D13C5A0690E5}
2014-08-07 08:41 - 2014-08-07 08:41 - 00000000 ____D () C:\Users\User\AppData\Local\{853F9A4B-2D04-4FEF-909B-018970FC030E}
2014-08-06 20:40 - 2014-08-06 20:40 - 00000000 ____D () C:\Users\User\AppData\Local\{25A5D269-238C-470B-BE16-268F3AEC5A92}
2014-08-06 10:24 - 2014-08-06 10:24 - 00115432 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-06 08:40 - 2014-08-06 08:40 - 00000000 ____D () C:\Users\User\AppData\Local\{D3B2A5F7-655C-4E9E-98BF-9AF9713374F8}
2014-08-05 20:39 - 2014-08-05 20:39 - 00000000 ____D () C:\Users\User\AppData\Local\{55916C93-6244-452C-BA38-27F9E2105DA7}
2014-08-05 08:39 - 2014-08-05 08:39 - 00000000 ____D () C:\Users\User\AppData\Local\{FBEB232A-B783-4F89-934D-674C669DAF67}
2014-08-04 20:39 - 2014-08-04 20:39 - 00000000 ____D () C:\Users\User\AppData\Local\{38B82AFF-38FC-4412-9062-F2E712C99898}
2014-08-04 12:59 - 2014-08-04 13:00 - 129610521 _____ () C:\Users\User\Desktop\Final PP Course - final.pptx
2014-08-04 12:14 - 2014-08-04 12:14 - 00000000 ____D () C:\Users\User\Documents\Updater
2014-08-04 08:38 - 2014-08-04 08:39 - 00000000 ____D () C:\Users\User\AppData\Local\{D6778506-5A31-4222-8824-326D294CF641}
2014-08-03 20:38 - 2014-08-03 20:38 - 00000000 ____D () C:\Users\User\AppData\Local\{F04C2325-EB2B-4D59-B677-18CA7DC3CBF4}
2014-08-03 08:38 - 2014-08-03 08:38 - 00000000 ____D () C:\Users\User\AppData\Local\{72BB4C27-948E-4448-BC43-9A7046D1A544}
2014-08-02 20:37 - 2014-08-02 20:38 - 00000000 ____D () C:\Users\User\AppData\Local\{EA983E21-1EBE-45B1-9A9F-63AAE80ABE0A}
2014-08-02 08:37 - 2014-08-02 08:37 - 00000000 ____D () C:\Users\User\AppData\Local\{0A2CA0C7-5BE3-4F30-82EE-2EA453FC6045}
2014-08-01 20:37 - 2014-08-01 20:37 - 00000000 ____D () C:\Users\User\AppData\Local\{A90A0B75-2A0B-4404-9BC9-F02F35E770B2}
2014-08-01 08:37 - 2014-08-01 08:37 - 00000000 ____D () C:\Users\User\AppData\Local\{2E281637-8D11-4CB2-8F37-8A66F3C160E9}
2014-07-31 20:36 - 2014-07-31 20:36 - 00000000 ____D () C:\Users\User\AppData\Local\{1B218C7E-00E5-4088-93DE-A6F764A7D2C2}
2014-07-31 08:36 - 2014-07-31 08:36 - 00000000 ____D () C:\Users\User\AppData\Local\{734C47F4-8B17-4D64-B18A-C8E356F01548}
2014-07-31 04:06 - 2014-05-14 17:23 - 00700384 ____N (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 04:06 - 2014-05-14 17:23 - 00044512 ____N (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 04:06 - 2014-05-14 17:23 - 00038880 ____N (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-30 20:35 - 2014-07-30 20:36 - 00000000 ____D () C:\Users\User\AppData\Local\{9A529490-352B-452A-82C8-8AB6DFA8F69D}
2014-07-30 08:35 - 2014-07-30 08:35 - 00000000 ____D () C:\Users\User\AppData\Local\{93C5A0CE-7077-4296-B59B-9979435ACABD}
2014-07-29 20:35 - 2014-07-29 20:35 - 00000000 ____D () C:\Users\User\AppData\Local\{14B52461-FCB3-4EB6-ABD4-EDA0380A70B2}
2014-07-29 08:34 - 2014-07-29 08:35 - 00000000 ____D () C:\Users\User\AppData\Local\{3FBEDCF5-0102-4282-B79A-6AA48391F89A}
2014-07-28 20:34 - 2014-07-28 20:34 - 00000000 ____D () C:\Users\User\AppData\Local\{35CE915D-9DD2-413E-8A27-B09F007ABC73}
2014-07-28 08:34 - 2014-07-28 08:34 - 00000000 ____D () C:\Users\User\AppData\Local\{0CC3042D-BFC8-4BA1-8B56-E12507D5639F}
2014-07-27 20:33 - 2014-07-27 20:34 - 00000000 ____D () C:\Users\User\AppData\Local\{C2A665F8-6D6F-48E0-BE73-D31B67D1BC5E}
2014-07-27 08:33 - 2014-07-27 08:33 - 00000000 ____D () C:\Users\User\AppData\Local\{AFB813BB-337E-4781-A97D-F3D079C71202}
2014-07-26 20:33 - 2014-07-26 20:33 - 00000000 ____D () C:\Users\User\AppData\Local\{E6555A06-E4F7-473E-A142-499EE3FC1002}
2014-07-26 08:32 - 2014-07-26 08:33 - 00000000 ____D () C:\Users\User\AppData\Local\{95EFCA16-0880-4D8D-A8D6-E4A1D6783366}
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\Users\User\AppData\Local\{89A1B035-E81A-4BF8-A90C-1240D9D15D2A}
2014-07-25 09:08 - 2014-08-11 07:10 - 00000672 _____ () C:\Windows\setupact.log
2014-07-25 09:08 - 2014-07-25 09:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 08:26 - 2014-07-25 08:26 - 00000000 ____D () C:\Users\User\AppData\Local\{696B8B77-022A-4166-92D8-28247415019A}
2014-07-25 08:11 - 2014-07-23 12:42 - 299567486 _____ () C:\Users\User\Desktop\Audio.zip
2014-07-24 20:25 - 2014-07-24 20:25 - 00000000 ____D () C:\Users\User\AppData\Local\{C6A19A19-8FDA-423D-8865-B6F668E68B90}
2014-07-24 08:25 - 2014-07-24 08:25 - 00000000 ____D () C:\Users\User\AppData\Local\{F88E373A-997E-44EA-96A5-A4B43B9F1134}
2014-07-23 20:24 - 2014-07-23 20:25 - 00000000 ____D () C:\Users\User\AppData\Local\{4F89C185-D7AF-41A4-975A-8AB4620572BB}
2014-07-23 12:38 - 2014-07-23 12:42 - 299567486 _____ () C:\Users\User\Downloads\Audio.zip
2014-07-23 11:09 - 2014-07-23 11:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-23 11:09 - 2014-07-23 11:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-23 08:24 - 2014-07-23 08:24 - 00000000 ____D () C:\Users\User\AppData\Local\{B93F3412-8F01-4D81-8D67-999CF1F971C8}
2014-07-22 20:24 - 2014-07-22 20:24 - 00000000 ____D () C:\Users\User\AppData\Local\{95E7AD8E-0C70-401A-B805-38DC2605FD71}
2014-07-22 08:23 - 2014-07-22 08:24 - 00000000 ____D () C:\Users\User\AppData\Local\{99C6B4F6-3F05-4F2C-8136-0BCF0B57F592}
2014-07-21 20:23 - 2014-07-21 20:23 - 00000000 ____D () C:\Users\User\AppData\Local\{311C97D2-32B7-4014-8CE8-473747FA57F1}
2014-07-21 16:38 - 2014-07-21 16:38 - 12231958 _____ () C:\Users\User\Downloads\DP Mar 2014 - updated by Andrew.pptx
2014-07-21 08:23 - 2014-07-21 08:23 - 00000000 ____D () C:\Users\User\AppData\Local\{5B4CC727-AEE9-48E4-AC78-9E4C47A09DB1}
2014-07-20 20:22 - 2014-07-20 20:23 - 00000000 ____D () C:\Users\User\AppData\Local\{E8CAB33C-9991-40E4-A0B7-4FA32D003C44}
2014-07-20 08:22 - 2014-07-20 08:22 - 00000000 ____D () C:\Users\User\AppData\Local\{C1B5BFB2-BEEE-478F-8918-47929037721A}
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\User\AppData\Local\{96DB0404-B93A-40DC-B472-9FAD9AD4214B}
2014-07-19 08:22 - 2014-07-19 08:22 - 00000000 ____D () C:\Users\User\AppData\Local\{BB118FAD-5807-4700-BCA1-4C95BB253F3A}
2014-07-18 20:21 - 2014-07-18 20:22 - 00000000 ____D () C:\Users\User\AppData\Local\{F7F41CA6-DDA6-43F4-9C7C-510DF864A93D}
2014-07-18 08:20 - 2014-07-18 08:20 - 00000000 ____D () C:\Users\User\AppData\Local\{EA71133B-A32D-4535-B414-62B439AFD652}
2014-07-17 20:20 - 2014-07-17 20:20 - 00000000 ____D () C:\Users\User\AppData\Local\{ED34583A-9302-44F0-AC23-6E07CD8ED050}
2014-07-17 08:19 - 2014-07-17 08:19 - 00000000 ____D () C:\Users\User\AppData\Local\{2F33F488-E1FB-4E99-8046-716344C897D0}
2014-07-16 20:19 - 2014-07-16 20:19 - 00000000 ____D () C:\Users\User\AppData\Local\{AC6611B0-134F-4161-BCC3-8119988AE8D4}
2014-07-16 08:18 - 2014-07-16 08:19 - 00000000 ____D () C:\Users\User\AppData\Local\{CCC090DF-01DD-4753-819F-F14022909E94}
2014-07-15 20:18 - 2014-07-15 20:18 - 00000000 ____D () C:\Users\User\AppData\Local\{96DD099B-9457-45DF-9DDF-D48AA7A6A85B}
2014-07-15 08:18 - 2014-07-15 08:18 - 00000000 ____D () C:\Users\User\AppData\Local\{A9882D1A-B19B-497F-86D1-9B3641B0E8DA}
2014-07-14 20:17 - 2014-07-14 20:18 - 00000000 ____D () C:\Users\User\AppData\Local\{BF74A961-3ADC-45BA-8F80-70A01D6BC2F6}
2014-07-14 08:17 - 2014-07-14 08:17 - 00000000 ____D () C:\Users\User\AppData\Local\{6647C923-A635-4F67-B663-9F5224A460A2}
2014-07-13 20:17 - 2014-07-13 20:17 - 00000000 ____D () C:\Users\User\AppData\Local\{0D66674A-5B6F-418B-A0D4-984AE3270635}
2014-07-13 08:17 - 2014-07-13 08:17 - 00000000 ____D () C:\Users\User\AppData\Local\{EAEEF6BD-B079-4063-8712-94CF3950CDF7}
2014-07-12 08:46 - 2014-07-12 08:46 - 00000000 ____D () C:\Users\User\AppData\Local\{8FC90E9A-76F5-4B05-B0A6-BCB87725B6D4}
2014-07-12 07:30 - 2014-08-11 07:14 - 00563538 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 08:37 - 2014-08-11 08:36 - 00020730 _____ () C:\Users\User\Downloads\FRST.txt
2014-08-11 08:36 - 2014-08-11 08:36 - 00000000 ____D () C:\FRST
2014-08-11 08:35 - 2014-08-11 08:35 - 02099712 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-08-11 08:32 - 2014-08-11 08:32 - 00025141 _____ () C:\Users\User\Desktop\dds.txt
2014-08-11 08:32 - 2014-08-11 08:32 - 00008575 _____ () C:\Users\User\Desktop\attach.txt
2014-08-11 08:31 - 2014-08-11 08:31 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.scr
2014-08-11 08:30 - 2012-07-06 08:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-08-11 08:15 - 2012-07-05 18:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-11 07:47 - 2014-08-11 07:47 - 00000000 ____D () C:\Users\User\AppData\Local\{978C1CCD-C7E2-4F4B-BF58-B277ED124726}
2014-08-11 07:42 - 2012-08-04 12:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-11 07:18 - 2009-07-14 05:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-11 07:18 - 2009-07-14 05:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-11 07:16 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-11 07:14 - 2014-07-12 07:30 - 00563538 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 07:11 - 2014-06-21 17:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 07:11 - 2014-05-28 08:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\Wise Care 365
2014-08-11 07:10 - 2014-07-25 09:08 - 00000672 _____ () C:\Windows\setupact.log
2014-08-11 07:10 - 2014-05-28 08:26 - 00000420 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-08-11 07:10 - 2012-07-06 10:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-11 07:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-10 20:15 - 2012-07-06 10:12 - 00000000 ____D () C:\Users\User\Documents\PASSWORDS
2014-08-10 18:37 - 2014-08-10 18:37 - 00000020 _____ () C:\Windows\Øø¿
2014-08-10 18:37 - 2012-07-05 16:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-08-10 18:37 - 2012-07-05 16:20 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-08-10 18:37 - 2012-07-05 16:18 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-08-10 18:37 - 2012-07-05 16:16 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-08-10 18:37 - 2012-07-05 16:15 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-08-10 18:35 - 2014-08-10 18:35 - 00000359 _____ () C:\Windows\DirectX.log
2014-08-10 17:56 - 2012-07-06 08:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-10 17:56 - 2012-07-06 08:42 - 00000000 ____D () C:\ProgramData\Skype
2014-08-10 17:05 - 2014-08-10 17:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-10 16:07 - 2014-08-10 16:07 - 00000000 ____D () C:\Users\User\AppData\Local\{31E75C00-6ADF-4103-987B-D3F6CAF0BAFB}
2014-08-10 16:04 - 2014-08-10 16:04 - 00001926 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-10 16:04 - 2013-06-12 09:35 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-10 16:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-10 16:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-10 15:59 - 2014-04-26 05:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-10 15:59 - 2012-07-13 10:36 - 00000000 ____D () C:\ProgramData\pdf995
2014-08-10 15:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-08-10 15:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-10 13:56 - 2014-08-10 13:56 - 00000134 _____ () C:\Users\User\Desktop\Internet Explorer Troubleshooting.url
2014-08-10 13:48 - 2012-07-05 07:20 - 00000000 ____D () C:\Windows\Panther
2014-08-10 11:59 - 2014-08-10 11:59 - 02077392 _____ (Microsoft Corporation) C:\Users\User\Downloads\IE11-Windows6.1.exe
2014-08-10 11:32 - 2014-08-10 11:32 - 01551008 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\skypesetup(1).exe
2014-08-10 11:32 - 2014-08-10 11:32 - 00003134 _____ () C:\Windows\System32\Tasks\{C6477BE5-03D4-4918-AC82-E44D44A370C2}
2014-08-10 11:28 - 2014-08-10 11:28 - 00000561 _____ () C:\Users\User\Downloads\css.zip
2014-08-10 08:43 - 2014-08-10 08:43 - 00000000 ____D () C:\Users\User\AppData\Local\{69B4AD83-BAA5-4E48-BBAA-8FC633574B9B}
2014-08-09 20:42 - 2014-08-09 20:42 - 00000000 ____D () C:\Users\User\AppData\Local\{2537390F-61AA-40E2-8C4A-39CDC2EB1B56}
2014-08-09 08:42 - 2014-08-09 08:42 - 00000000 ____D () C:\Users\User\AppData\Local\{C79AB55A-62EF-40BC-A041-1A22DD368CFB}
2014-08-08 20:42 - 2014-08-08 20:42 - 00000000 ____D () C:\Users\User\AppData\Local\{1E417506-EAE0-4CA0-BD76-C1AFAC6040E3}
2014-08-08 08:41 - 2014-08-08 08:41 - 00000000 ____D () C:\Users\User\AppData\Local\{E93612CA-022A-40F4-AF8C-43E5EBDABD24}
2014-08-07 20:41 - 2014-08-07 20:41 - 00000000 ____D () C:\Users\User\AppData\Local\{47394201-543C-4638-9149-D13C5A0690E5}
2014-08-07 08:41 - 2014-08-07 08:41 - 00000000 ____D () C:\Users\User\AppData\Local\{853F9A4B-2D04-4FEF-909B-018970FC030E}
2014-08-06 20:40 - 2014-08-06 20:40 - 00000000 ____D () C:\Users\User\AppData\Local\{25A5D269-238C-470B-BE16-268F3AEC5A92}
2014-08-06 10:24 - 2014-08-06 10:24 - 00115432 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-06 08:40 - 2014-08-06 08:40 - 00000000 ____D () C:\Users\User\AppData\Local\{D3B2A5F7-655C-4E9E-98BF-9AF9713374F8}
2014-08-05 20:39 - 2014-08-05 20:39 - 00000000 ____D () C:\Users\User\AppData\Local\{55916C93-6244-452C-BA38-27F9E2105DA7}
2014-08-05 08:39 - 2014-08-05 08:39 - 00000000 ____D () C:\Users\User\AppData\Local\{FBEB232A-B783-4F89-934D-674C669DAF67}
2014-08-04 20:39 - 2014-08-04 20:39 - 00000000 ____D () C:\Users\User\AppData\Local\{38B82AFF-38FC-4412-9062-F2E712C99898}
2014-08-04 19:52 - 2014-01-22 16:06 - 00000000 ____D () C:\Users\User\Documents\Averil
2014-08-04 13:00 - 2014-08-04 12:59 - 129610521 _____ () C:\Users\User\Desktop\Final PP Course - final.pptx
2014-08-04 12:14 - 2014-08-04 12:14 - 00000000 ____D () C:\Users\User\Documents\Updater
2014-08-04 08:39 - 2014-08-04 08:38 - 00000000 ____D () C:\Users\User\AppData\Local\{D6778506-5A31-4222-8824-326D294CF641}
2014-08-03 20:38 - 2014-08-03 20:38 - 00000000 ____D () C:\Users\User\AppData\Local\{F04C2325-EB2B-4D59-B677-18CA7DC3CBF4}
2014-08-03 08:38 - 2014-08-03 08:38 - 00000000 ____D () C:\Users\User\AppData\Local\{72BB4C27-948E-4448-BC43-9A7046D1A544}
2014-08-02 20:38 - 2014-08-02 20:37 - 00000000 ____D () C:\Users\User\AppData\Local\{EA983E21-1EBE-45B1-9A9F-63AAE80ABE0A}
2014-08-02 08:37 - 2014-08-02 08:37 - 00000000 ____D () C:\Users\User\AppData\Local\{0A2CA0C7-5BE3-4F30-82EE-2EA453FC6045}
2014-08-01 20:37 - 2014-08-01 20:37 - 00000000 ____D () C:\Users\User\AppData\Local\{A90A0B75-2A0B-4404-9BC9-F02F35E770B2}
2014-08-01 08:37 - 2014-08-01 08:37 - 00000000 ____D () C:\Users\User\AppData\Local\{2E281637-8D11-4CB2-8F37-8A66F3C160E9}
2014-07-31 20:36 - 2014-07-31 20:36 - 00000000 ____D () C:\Users\User\AppData\Local\{1B218C7E-00E5-4088-93DE-A6F764A7D2C2}
2014-07-31 16:38 - 2012-09-26 14:05 - 00000000 ____D () C:\Users\User\Documents\Beep
2014-07-31 08:36 - 2014-07-31 08:36 - 00000000 ____D () C:\Users\User\AppData\Local\{734C47F4-8B17-4D64-B18A-C8E356F01548}
2014-07-30 20:36 - 2014-07-30 20:35 - 00000000 ____D () C:\Users\User\AppData\Local\{9A529490-352B-452A-82C8-8AB6DFA8F69D}
2014-07-30 08:35 - 2014-07-30 08:35 - 00000000 ____D () C:\Users\User\AppData\Local\{93C5A0CE-7077-4296-B59B-9979435ACABD}
2014-07-30 08:00 - 2014-05-28 08:26 - 00000400 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-07-29 20:35 - 2014-07-29 20:35 - 00000000 ____D () C:\Users\User\AppData\Local\{14B52461-FCB3-4EB6-ABD4-EDA0380A70B2}
2014-07-29 08:35 - 2014-07-29 08:34 - 00000000 ____D () C:\Users\User\AppData\Local\{3FBEDCF5-0102-4282-B79A-6AA48391F89A}
2014-07-28 20:34 - 2014-07-28 20:34 - 00000000 ____D () C:\Users\User\AppData\Local\{35CE915D-9DD2-413E-8A27-B09F007ABC73}
2014-07-28 08:34 - 2014-07-28 08:34 - 00000000 ____D () C:\Users\User\AppData\Local\{0CC3042D-BFC8-4BA1-8B56-E12507D5639F}
2014-07-27 20:34 - 2014-07-27 20:33 - 00000000 ____D () C:\Users\User\AppData\Local\{C2A665F8-6D6F-48E0-BE73-D31B67D1BC5E}
2014-07-27 08:33 - 2014-07-27 08:33 - 00000000 ____D () C:\Users\User\AppData\Local\{AFB813BB-337E-4781-A97D-F3D079C71202}
2014-07-26 20:33 - 2014-07-26 20:33 - 00000000 ____D () C:\Users\User\AppData\Local\{E6555A06-E4F7-473E-A142-499EE3FC1002}
2014-07-26 08:33 - 2014-07-26 08:32 - 00000000 ____D () C:\Users\User\AppData\Local\{95EFCA16-0880-4D8D-A8D6-E4A1D6783366}
2014-07-25 20:26 - 2014-07-25 20:26 - 00000000 ____D () C:\Users\User\AppData\Local\{89A1B035-E81A-4BF8-A90C-1240D9D15D2A}
2014-07-25 09:08 - 2014-07-25 09:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 08:26 - 2014-07-25 08:26 - 00000000 ____D () C:\Users\User\AppData\Local\{696B8B77-022A-4166-92D8-28247415019A}
2014-07-25 06:26 - 2013-03-14 21:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 06:26 - 2013-03-14 21:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 21:15 - 2013-03-14 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 20:25 - 2014-07-24 20:25 - 00000000 ____D () C:\Users\User\AppData\Local\{C6A19A19-8FDA-423D-8865-B6F668E68B90}
2014-07-24 08:25 - 2014-07-24 08:25 - 00000000 ____D () C:\Users\User\AppData\Local\{F88E373A-997E-44EA-96A5-A4B43B9F1134}
2014-07-23 20:25 - 2014-07-23 20:24 - 00000000 ____D () C:\Users\User\AppData\Local\{4F89C185-D7AF-41A4-975A-8AB4620572BB}
2014-07-23 12:42 - 2014-07-25 08:11 - 299567486 _____ () C:\Users\User\Desktop\Audio.zip
2014-07-23 12:42 - 2014-07-23 12:38 - 299567486 _____ () C:\Users\User\Downloads\Audio.zip
2014-07-23 11:09 - 2014-07-23 11:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-23 11:09 - 2014-07-23 11:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-23 11:09 - 2013-06-17 14:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-23 11:09 - 2013-06-17 14:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-23 11:09 - 2012-10-16 18:37 - 00000000 ____D () C:\Program Files\Java
2014-07-23 08:24 - 2014-07-23 08:24 - 00000000 ____D () C:\Users\User\AppData\Local\{B93F3412-8F01-4D81-8D67-999CF1F971C8}
2014-07-22 20:24 - 2014-07-22 20:24 - 00000000 ____D () C:\Users\User\AppData\Local\{95E7AD8E-0C70-401A-B805-38DC2605FD71}
2014-07-22 08:24 - 2014-07-22 08:23 - 00000000 ____D () C:\Users\User\AppData\Local\{99C6B4F6-3F05-4F2C-8136-0BCF0B57F592}
2014-07-21 20:23 - 2014-07-21 20:23 - 00000000 ____D () C:\Users\User\AppData\Local\{311C97D2-32B7-4014-8CE8-473747FA57F1}
2014-07-21 16:38 - 2014-07-21 16:38 - 12231958 _____ () C:\Users\User\Downloads\DP Mar 2014 - updated by Andrew.pptx
2014-07-21 08:23 - 2014-07-21 08:23 - 00000000 ____D () C:\Users\User\AppData\Local\{5B4CC727-AEE9-48E4-AC78-9E4C47A09DB1}
2014-07-20 20:23 - 2014-07-20 20:22 - 00000000 ____D () C:\Users\User\AppData\Local\{E8CAB33C-9991-40E4-A0B7-4FA32D003C44}
2014-07-20 08:22 - 2014-07-20 08:22 - 00000000 ____D () C:\Users\User\AppData\Local\{C1B5BFB2-BEEE-478F-8918-47929037721A}
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\User\AppData\Local\{96DB0404-B93A-40DC-B472-9FAD9AD4214B}
2014-07-19 08:22 - 2014-07-19 08:22 - 00000000 ____D () C:\Users\User\AppData\Local\{BB118FAD-5807-4700-BCA1-4C95BB253F3A}
2014-07-18 20:22 - 2014-07-18 20:21 - 00000000 ____D () C:\Users\User\AppData\Local\{F7F41CA6-DDA6-43F4-9C7C-510DF864A93D}
2014-07-18 13:46 - 2012-07-06 10:03 - 00000000 ____D () C:\Users\User\Documents\Copywriting Jobs Done
2014-07-18 11:23 - 2014-06-23 12:47 - 00000000 ____D () C:\Users\User\Desktop\Rob Moore
2014-07-18 11:18 - 2013-09-30 09:28 - 00000000 ____D () C:\Users\User\Documents\Clickbank-Articles
2014-07-18 10:04 - 2012-07-06 09:59 - 00000000 ____D () C:\Users\User\Documents\My Webs
2014-07-18 10:02 - 2014-06-24 13:22 - 00000000 ____D () C:\Users\User\Documents\Property
2014-07-18 10:00 - 2014-01-08 13:28 - 00000000 ____D () C:\Users\User\Documents\AFFILIATE-CPA
2014-07-18 08:20 - 2014-07-18 08:20 - 00000000 ____D () C:\Users\User\AppData\Local\{EA71133B-A32D-4535-B414-62B439AFD652}
2014-07-18 06:38 - 2012-07-06 10:13 - 00000000 ____D () C:\Users\User\Documents\address
2014-07-17 20:20 - 2014-07-17 20:20 - 00000000 ____D () C:\Users\User\AppData\Local\{ED34583A-9302-44F0-AC23-6E07CD8ED050}
2014-07-17 08:19 - 2014-07-17 08:19 - 00000000 ____D () C:\Users\User\AppData\Local\{2F33F488-E1FB-4E99-8046-716344C897D0}
2014-07-16 20:19 - 2014-07-16 20:19 - 00000000 ____D () C:\Users\User\AppData\Local\{AC6611B0-134F-4161-BCC3-8119988AE8D4}
2014-07-16 08:19 - 2014-07-16 08:18 - 00000000 ____D () C:\Users\User\AppData\Local\{CCC090DF-01DD-4753-819F-F14022909E94}
2014-07-15 20:18 - 2014-07-15 20:18 - 00000000 ____D () C:\Users\User\AppData\Local\{96DD099B-9457-45DF-9DDF-D48AA7A6A85B}
2014-07-15 08:18 - 2014-07-15 08:18 - 00000000 ____D () C:\Users\User\AppData\Local\{A9882D1A-B19B-497F-86D1-9B3641B0E8DA}
2014-07-14 20:18 - 2014-07-14 20:17 - 00000000 ____D () C:\Users\User\AppData\Local\{BF74A961-3ADC-45BA-8F80-70A01D6BC2F6}
2014-07-14 08:17 - 2014-07-14 08:17 - 00000000 ____D () C:\Users\User\AppData\Local\{6647C923-A635-4F67-B663-9F5224A460A2}
2014-07-13 20:17 - 2014-07-13 20:17 - 00000000 ____D () C:\Users\User\AppData\Local\{0D66674A-5B6F-418B-A0D4-984AE3270635}
2014-07-13 08:17 - 2014-07-13 08:17 - 00000000 ____D () C:\Users\User\AppData\Local\{EAEEF6BD-B079-4063-8712-94CF3950CDF7}
2014-07-12 08:46 - 2014-07-12 08:46 - 00000000 ____D () C:\Users\User\AppData\Local\{8FC90E9A-76F5-4B05-B0A6-BCB87725B6D4}

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-07 07:20

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2014 01
Ran by User at 2014-08-11 08:37:32
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artisteer 2 (HKLM-x32\...\Artisteer 2) (Version: 2.4 - Extensoft)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
CoffeeCup Free FTP (HKLM-x32\...\{66F43DBE-6D46-4BCE-831D-0D4C13639BE8}) (Version: 4.5.12 - CoffeeCup Software Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
FreshKey (HKLM-x32\...\FreshKey) (Version: 1.0.0 - Infomastery, LLC)
FreshKey (x32 Version: 1.0.0 - Infomastery, LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 5.8.0.1189 (HKCU\...\GoToMeeting) (Version: 5.8.0.1189 - CitrixOnline)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyword Optimizer Pro 2 (HKLM-x32\...\Keyword Optimizer Pro 22.0.1.6) (Version: 2.0.1.6 - InnAnTech Industries Inc.) <==== ATTENTION
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.88.77 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.88.77 - Alliance Software Pty Ltd) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{601B8608-C901-428C-8125-53585CA54124}) (Version: 16.3.1483.0410 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Publisher 2002 (HKLM-x32\...\{90190409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.52 - NCH Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Vision Defense (HKLM-x32\...\{FEAB15DC-2074-4CB0-B624-1229404A578F}_is1) (Version:  - Vision Defense)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Driver Package - Hewlett-Packard Image  (12/28/2006 8.0.0.0) (HKLM\...\4C806F98217A7FD4E853F458FF399F052625F21C) (Version: 12/28/2006 8.0.0.0 - Hewlett-Packard)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.9.2014.0 - BillP Studios)
Wise Care 365 2.99 (HKLM-x32\...\Wise Care 365_is1) (Version: 2.99 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 8.03 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.03 - WiseCleaner.com, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1474768639-1737181589-514141678-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1474768639-1737181589-514141678-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1189\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1474768639-1737181589-514141678-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1474768639-1737181589-514141678-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1474768639-1737181589-514141678-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1474768639-1737181589-514141678-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

30-07-2014 05:58:17 Windows Update
31-07-2014 03:06:10 Windows Update
05-08-2014 05:59:06 Windows Update
09-08-2014 04:38:13 Windows Update
10-08-2014 10:22:34 Removed Skype Click to Call
10-08-2014 10:23:13 Removed Skype™ 6.18
10-08-2014 10:31:27 Removed Skype™ 6.18
10-08-2014 11:40:10 Windows Modules Installer
10-08-2014 12:55:39 Windows Modules Installer
10-08-2014 14:12:50 Removed Skype™ 6.18
10-08-2014 14:18:37 Restore Operation
10-08-2014 15:02:23 avast! antivirus system restore point
10-08-2014 15:07:48 Windows Update
10-08-2014 17:34:47 Installed DirectX
10-08-2014 17:35:11 Installed DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B50BF15-5A4D-474D-9E57-A878CFB94401} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1474768639-1737181589-514141678-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {1A953EDF-E440-4236-BB43-46A50698C4CE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {332D8213-1C2F-479B-92D8-7257B3EBC97C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1474768639-1737181589-514141678-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {63035793-F026-46A8-A90C-4CE7D65450A0} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-01-21] (WiseCleaner.COM)
Task: {73ECCE27-9ED1-4BA6-B435-A073AF394324} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-05] (Google Inc.)
Task: {9822EF93-F660-477F-91B9-BE9B16EB71E7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1474768639-1737181589-514141678-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {9E088F55-7448-42E5-B30F-8FDD57E07E37} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-12-09] (WiseCleaner.com)
Task: {A452B784-3A79-4275-A3FF-91A765228AA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {A4CBE281-6020-4A8B-A1A6-AA4CD8967A48} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1474768639-1737181589-514141678-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A73AD801-80D2-4BAE-9658-AF008873BABF} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A80B31F4-EE09-4D35-B599-CF1610B9FE7D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1474768639-1737181589-514141678-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {CE5F267F-1333-4336-8907-E99F09ABD968} - System32\Tasks\RealCreateProcessScheduledTask8035393S-1-5-21-1474768639-1737181589-514141678-1000 => c:\program files (x86)\real\realplayer\realplay.exe
Task: {CECA2DA4-D5C5-493E-A984-33F205D69C05} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F369923E-4EFD-458B-A6CE-B958A54154B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-05] (Google Inc.)
Task: {F6ACBA8B-7F23-47B9-AF51-E682D6509A34} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1474768639-1737181589-514141678-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FB2AEF0F-E083-4741-A5E7-DABF73297F74} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2012-07-13 10:36 - 2012-04-26 15:51 - 00040448 _____ () C:\Windows\System32\pdf995mon64.dll
2012-07-18 10:25 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-07-11 14:02 - 2014-07-11 14:02 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-10 19:12 - 2014-08-10 19:12 - 02795520 _____ () C:\Program Files\AVAST Software\Avast\defs\14081001\algo.dll
2014-08-11 08:35 - 2014-08-11 08:35 - 02795520 _____ () C:\Program Files\AVAST Software\Avast\defs\14081100\algo.dll
2014-05-28 09:03 - 2014-04-22 19:39 - 00645592 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2014-07-11 14:02 - 2014-07-11 14:02 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-10 17:05 - 2014-08-10 17:05 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-09 13:42 - 2014-07-09 13:42 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2014 07:11:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2014 07:08:12 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700b6).

Error: (08/10/2014 07:03:58 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700b6).

Error: (08/10/2014 05:56:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2014 04:34:46 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700b6).

Error: (08/10/2014 04:12:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SoftwareUpdate.exe, version: 2.1.3.127, time stamp: 0x4de6dd5a
Faulting module name: SoftwareUpdate.exe, version: 2.1.3.127, time stamp: 0x4de6dd5a
Exception code: 0xc0000005
Fault offset: 0x000052e6
Faulting process id: 0x119c
Faulting application start time: 0xSoftwareUpdate.exe0
Faulting application path: SoftwareUpdate.exe1
Faulting module path: SoftwareUpdate.exe2
Report Id: SoftwareUpdate.exe3

Error: (08/10/2014 04:06:49 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700b6).

Error: (08/10/2014 04:03:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2014 04:02:34 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700b6).

Error: (08/10/2014 04:02:26 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0xc0000022.


System errors:
=============
Error: (08/10/2014 01:47:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%6719

Error: (08/10/2014 01:47:01 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

Error: (08/06/2014 07:17:48 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (07/25/2014 09:09:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (07/25/2014 09:08:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/25/2014 09:08:32 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (07/21/2014 09:53:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (07/18/2014 08:59:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (07/09/2014 09:51:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 for x64-based Systems (KB2971850).

Error: (07/09/2014 09:51:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 4061.12 MB
Available physical RAM: 2106.41 MB
Total Pagefile: 8120.41 MB
Available Pagefile: 5992.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:784.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 758E44BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Hello and Welcome to Malwarebytes

Your logs show signs of an infection and you also have some services failing...

To get this computer cleaned up, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.