Jump to content

Possibly still infected, MB says Real-time protection: no protection


Guest

Recommended Posts

Hi,

I have pasted ttached the FRST scan and Additional scan. Sorry if I was supposed to attach it, I couldn't find the file. I was told to come here after I posted in the Malwarebytes Anti-Malware Help under the title "Please help, It says Real-Time Protection: No Protection" The problem is that my Malwarebytes has no real time protection with the free trial, it says Real time protection: No protection. And the Fix Now button will not work. So I am concerned that my computer is still infected with Malware? Please give me step by step instructions, as I am not a giant computer techy.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2014 03
Ran by Administrator (administrator) on LIFEBOOK on 24-08-2014 10:59:38
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Microsoft Corporation) C:\WINDOWS\vVX3000.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX3000] => C:\WINDOWS\vVX3000.exe [762208 2009-07-24] (Microsoft Corporation)
HKLM\...\Run: [switchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [15691264 2005-12-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MediaFace Integration] => C:\Program Files\Fellowes\MediaFACE 5.0\SetHook.exe [53248 2005-10-27] (Fellowes, Inc.)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [69632 2005-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe [61440 2005-11-01] (FUJITSU LIMITED)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [118640 2009-07-24] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [indicatorUtility] => C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [81920 2005-08-09] (FUJITSU LIMITED)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [ATICCC] => C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056 2005-08-12] (ATI Technologies Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [163840 2004-07-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88203 2005-11-16] (Agere Systems)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [speetItUpFree] => "C:\Program Files\SpeedItup Free\speeditupfree.exe"
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [242688 2005-11-01] (FUJITSU LIMITED)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1927633692-3436522133-1525934431-500\...\Run: [Google Update] => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [135664 2009-11-02] (Google Inc.)
HKU\S-1-5-21-1927633692-3436522133-1525934431-500\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1927633692-3436522133-1525934431-500\...\Run: [spotify] => "C:\Documents and Settings\Administrator\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
HKU\S-1-5-21-1927633692-3436522133-1525934431-500\...\Policies\Explorer: [NoFolderOptions] 0
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
AlternateShell:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x60FCD158B8D9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKCU - {3FC0B5A1-EDC6-4664-9BF0-467CE31BE9A8} URL = http://www.mysearchresults.com/search?&c=2652&t=03&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKCU - No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wotkfvsb.default-1373669488765
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Simon Bünzli)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wotkfvsb.default-1373669488765\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Administrator\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin HKCU: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Simon Bünzli)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Application Data\mozilla\plugins\npo1d.dll (Google)
FF Extension: Star Stable Online - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wotkfvsb.default-1373669488765\Extensions\plugin@starstable.com [2013-09-08]
FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wotkfvsb.default-1373669488765\Extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A} [2013-09-19]
FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wotkfvsb.default-1373669488765\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-23]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVC2310F; C:\WINDOWS\System32\Drivers\avcuwfl.sys [18644 2003-12-22] (Adaptec, Inc) [File not signed]
S3 AvcUWilo; C:\WINDOWS\System32\DRIVERS\avcuwilo.sys [51166 2004-01-02] (Adaptec Inc) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [371712 2005-02-11] (Broadcom Corporation) [File not signed]
R2 BtnHnd; C:\Program Files\Fujitsu\BtnHnd\BtnHnd.sys [21120 2005-11-01] (FUJITSU LIMITED) [File not signed]
S3 CBTNDIS5; C:\WINDOWS\system32\CBTNDIS5.SYS [17142 2003-07-16] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 FUJ02B1; C:\WINDOWS\System32\DRIVERS\FUJ02B1.sys [5248 2001-08-01] (FUJITSU LIMITED)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2004-12-14] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2004-12-14] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2004-12-14] (HP)
S3 IrBus; C:\WINDOWS\System32\DRIVERS\IrBus.sys [46848 2013-07-16] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-24] (Malwarebytes Corporation)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 odysseyIM4; C:\WINDOWS\System32\DRIVERS\odysseyIM4.sys [173056 2004-09-25] (Funk Software, Inc.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
S3 Ser2pl; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [42752 2004-06-27] (Prolific Technology Inc.) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1427200 2005-11-08] (Intel® Corporation)
S3 AVUSBPVR; system32\DRIVERS\avusbpvr.sys [X]
S3 CyUsb; System32\Drivers\CyUsb.sys [X]
S3 DELTAFW; system32\drivers\deltafw.sys [X]
S4 IntelIde; No ImagePath
S3 MAFWBOOT; system32\drivers\mafwboot.sys [X]
S3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
S3 PalmUSBD; system32\drivers\PalmUSBD.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 usb2demon; System32\Drivers\usb2demon.sys [X]
U1 WS2IFSL; No ImagePath
S3 xcpip; \SystemRoot\system32\drivers\xcpip.sys [X]
S3 xpsec; \SystemRoot\system32\drivers\xpsec.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 10:59 - 2014-08-24 10:59 - 00000000 ____D () C:\FRST
2014-08-23 19:31 - 2014-08-24 10:45 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 18:32 - 2014-08-23 18:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-23 18:32 - 2014-08-23 18:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-23 18:32 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-19 11:23 - 2014-08-19 11:23 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\TuneUp Software
2014-08-16 14:37 - 2014-08-16 14:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AVG2014
2014-08-06 10:32 - 2014-08-19 11:23 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-08-06 10:32 - 2014-08-19 11:23 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-08-06 10:32 - 2014-08-06 10:32 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2014-08-06 10:31 - 2014-08-06 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-08-06 10:31 - 2014-08-06 10:31 - 00000000 ___HD () C:\$AVG
2014-08-06 10:30 - 2014-08-06 10:30 - 00000000 ____D () C:\Program Files\AVG
2014-08-06 10:25 - 2014-08-24 10:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-08-06 10:25 - 2014-08-06 10:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2014
2014-08-06 10:25 - 2014-08-06 10:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 11:00 - 2005-12-19 16:17 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-08-24 10:59 - 2014-08-24 10:59 - 00000000 ____D () C:\FRST
2014-08-24 10:56 - 2005-12-19 14:57 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-24 10:48 - 2014-08-06 10:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-08-24 10:45 - 2014-08-23 19:31 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 10:44 - 2013-06-05 18:36 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Dropbox
2014-08-24 10:44 - 2011-08-19 21:23 - 00404747 _____ () C:\WINDOWS\setupapi.log
2014-08-24 10:44 - 2005-12-19 17:11 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-08-24 10:44 - 2005-12-19 16:11 - 02041284 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-24 10:43 - 2010-03-16 16:05 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 10:43 - 2005-12-19 16:09 - 00000000 ____D () C:\WINDOWS\Registration
2014-08-24 10:43 - 2005-12-19 08:08 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-24 10:42 - 2014-03-21 15:15 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-24 10:42 - 2005-12-19 16:16 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-24 10:42 - 2005-12-19 08:08 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-08-23 20:10 - 2006-03-25 11:33 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-08-23 20:10 - 2005-12-19 16:17 - 00000278 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-23 20:10 - 2005-12-19 16:16 - 00032514 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-23 20:08 - 2010-01-05 23:00 - 00001010 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1927633692-3436522133-1525934431-500UA.job
2014-08-23 19:30 - 2013-06-05 18:40 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Dropbox
2014-08-23 19:28 - 2013-09-14 22:16 - 00000803 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
2014-08-23 19:28 - 2005-12-19 08:02 - 00000000 ____D () C:\WINDOWS\Media
2014-08-23 19:28 - 2005-12-19 08:02 - 00000000 ____D () C:\WINDOWS\Help
2014-08-23 19:26 - 2013-09-14 21:55 - 00096681 _____ () C:\WINDOWS\ie8Uninst.log
2014-08-23 19:26 - 2011-08-19 21:24 - 01012636 _____ () C:\WINDOWS\iis6.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00425904 _____ () C:\WINDOWS\tsoc.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00310926 _____ () C:\WINDOWS\comsetup.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00188345 _____ () C:\WINDOWS\ntdtcsetup.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00076178 _____ () C:\WINDOWS\MedCtrOC.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00051642 _____ () C:\WINDOWS\ocmsn.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00051038 _____ () C:\WINDOWS\ehOCGen.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00046961 _____ () C:\WINDOWS\tabletoc.log
2014-08-23 19:26 - 2011-08-19 21:24 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-08-23 19:26 - 2011-08-19 21:02 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-08-23 19:25 - 2011-08-19 21:24 - 00201778 _____ () C:\WINDOWS\updspapi.log
2014-08-23 19:23 - 2011-08-19 21:24 - 00930013 _____ () C:\WINDOWS\FaxSetup.log
2014-08-23 19:23 - 2011-08-19 21:24 - 00446356 _____ () C:\WINDOWS\ocgen.log
2014-08-23 19:23 - 2011-08-19 21:24 - 00286316 _____ () C:\WINDOWS\msmqinst.log
2014-08-23 19:23 - 2011-08-19 21:24 - 00163533 _____ () C:\WINDOWS\netfxocm.log
2014-08-23 19:23 - 2011-08-19 21:24 - 00104039 _____ () C:\WINDOWS\plusoc.log
2014-08-23 19:23 - 2011-08-19 21:24 - 00046659 _____ () C:\WINDOWS\msgsocm.log
2014-08-23 19:22 - 2009-07-03 21:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-08-23 19:15 - 2012-08-03 18:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-23 19:14 - 2010-03-16 16:05 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-23 19:05 - 2010-09-15 18:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2259922$
2014-08-23 19:05 - 2005-12-19 16:17 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-23 18:32 - 2014-08-23 18:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-23 18:32 - 2014-08-23 18:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-23 18:32 - 2009-07-03 21:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-23 16:12 - 2014-01-10 20:59 - 00000272 _____ () C:\WINDOWS\Tasks\DTReg.job
2014-08-22 21:16 - 2013-12-25 21:17 - 00264872 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-08-22 20:12 - 2014-04-22 14:03 - 00000260 _____ () C:\WINDOWS\Tasks\DTChk.job
2014-08-22 19:54 - 2006-10-01 12:58 - 00022528 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-22 19:53 - 2009-12-22 20:28 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files
2014-08-22 13:08 - 2010-01-05 23:00 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1927633692-3436522133-1525934431-500Core.job
2014-08-19 11:23 - 2014-08-19 11:23 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\TuneUp Software
2014-08-19 11:23 - 2014-08-06 10:32 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-08-19 11:23 - 2014-08-06 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-08-16 14:37 - 2014-08-16 14:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2014-08-15 11:39 - 2012-08-03 18:02 - 00699568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-15 11:39 - 2011-06-12 20:01 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-14 12:14 - 2013-07-12 19:24 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 12:07 - 2009-02-09 00:39 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-08 19:12 - 2014-03-21 15:15 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-06 11:22 - 2006-03-28 00:03 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2014-08-06 10:43 - 2014-08-06 10:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2014
2014-08-06 10:42 - 2011-08-19 18:34 - 00001945 _____ () C:\WINDOWS\epplauncher.mif
2014-08-06 10:33 - 2014-08-06 10:33 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AVG2014
2014-08-06 10:32 - 2014-08-06 10:32 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2014-08-06 10:32 - 2014-08-06 10:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-08-06 10:31 - 2014-08-06 10:31 - 00000000 ___HD () C:\$AVG
2014-08-06 10:30 - 2014-08-06 10:30 - 00000000 ____D () C:\Program Files\AVG
2014-08-06 10:25 - 2014-08-06 10:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData
2014-07-26 18:58 - 2014-04-13 16:36 - 00001052 _____ () C:\Documents and Settings\Administrator\Desktop\Dropbox.lnk
2014-07-26 18:58 - 2013-06-05 18:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj3ev06.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\setup.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\spdttm1.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Uninstaller-2960.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:24-08-2014 03
Ran by Administrator at 2014-08-24 11:01:23
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1600 (Version: 47.0.1.000 - Hewlett-Packard) Hidden
1600_Help (Version: 47.1.14.000 - Hewlett-Packard) Hidden
1600Trb (Version: 47.1.14.000 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.3.0.3650 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe ConnectNow Add-in (HKCU\...\Adobe ConnectNow Add-in) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 2.0 (HKLM\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Catalyst Control Center (HKLM\...\{3C0BBE34-F58E-4293-9B64-4C0699999E0E}) (Version: 1.2.2167.2360 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.204-051220a1-029814C-Fujitsu - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4745 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4745 - AVG Technologies) Hidden
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Canon PhotoRecord (HKLM\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
Canon Utilities Digital Photo Professional 2.0 (HKLM\...\InstallShield_{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon)
Canon Utilities Digital Photo Professional 2.0 (Version: 2.0 - Canon) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden
cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Defaulttab (HKLM\...\DefaultTab) (Version: 2.5.0.0 - Search Results, LLC) <==== ATTENTION
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Easy-WebPrint (HKLM\...\Easy-WebPrint) (Version:  - )
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden
File Association Manager 0.2 (HKLM\...\FileAssociationManager) (Version: 0.2 - Amnis Technology Ltd)
Fujitsu Driver Update (HKLM\...\{E0FAA0BA-874E-47C8-9ECA-BB333006CF16}) (Version: 1.1.5.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (HKLM\...\{805BDB3F-6803-45F7-B959-4FE5B921BC55}) (Version:  - )
Fujitsu System Extension Utility (HKLM\...\{04ECD699-9F3A-4F9C-A476-EEAA4E172079}) (Version:  - )
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Image Zone 4.7 (HKLM\...\HP Photo & Imaging) (Version: 4.7 - HP)
HP Image Zone Express (HKLM\...\{8F7A4D82-B168-4F89-99C2-B9873EC877AF}) (Version: 1.1.3.40 - Hewlett-Packard)
HP Product Assistant (Version: 2.0.0.0 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version:  - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InterActual Player (HKLM\...\InterActual Player) (Version:  - )
LifeBook Application Panel (HKLM\...\{70D9A80E-0E58-4F62-951F-D5246E8D6C6C}) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaFACE 5.0 (HKLM\...\InstallShield_{70A3C0E1-1953-4A95-9C66-99FDCDD5E357}) (Version: 5.0 - Fellowes)
MediaFACE 5.0 (Version: 5.0 - Fellowes) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{36C97B5B-5593-45B8-B50E-DAD87036BD9D}) (Version: 3.0.215.0 - Microsoft Corporation)
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMailList & AddressBook (HKLM\...\{4E4A4943-FDBE-45CB-B8FE-C80871030D7F}) (Version: 8.0.0.0 - Avanquest Publishing USA, Inc.)
PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFlite 0.8 (HKLM\...\PDFlite) (Version: 0.8 - Amnis Technology Ltd)
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Pradis Do Not Remove (HKLM\...\{2B6E2126-4438-4CF1-BDDE-3C4355092860}) (Version: 5.17.0014 - Zondervan)
Pradis: NIV with NIV Application Commentary on John (HKLM\...\InstallShield_{DCC0638F-E481-4B2C-AF06-24961FC46127}) (Version: 5.17.0014 - Zondervan)
Pradis: NIV with NIV Application Commentary on John (Version: 5.17.0014 - Zondervan) Hidden
ProductContext (Version: 47.1.14.000 - Hewlett-Packard) Hidden
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 2.02 - Realtek Semiconductor Corp.)
Roxio RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.2 - Roxio)
Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Sonic MyDVD (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 5.2.3 - Sonic Solutions)
Sony Media Manager 2.2 (HKLM\...\{46D96745-1556-4266-B46F-4BA0277708B5}) (Version: 2.2.31 - Sony)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version:  - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB976749) (HKLM\...\KB976749-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows Media Player 10 (KB910393) (Version:  - Microsoft Corporation) Hidden
Update for Windows Media Player 10 (KB913800) (Version:  - Microsoft Corporation) Hidden
Update for Windows Media Player 10 (KB926251) (Version:  - Microsoft Corporation) Hidden
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinZip 11.1 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}) (Version: 11.1.7466 - WinZip Computing, S.L. )
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.99\psus (the data entry has 14 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\psus (the data entry has 14 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.79\psus (the data entry has 14 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.23.9\psuse (the data entry has 13 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.145\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.123\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.153\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.149\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.22.3\psuse (the data entry has 13 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.165\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.115\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.65\psus (the data entry has 14 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> "C:\Documents and Settings\Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dl (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> "C:\Documents and Settings\Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dl (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.22.5\psuse (the data entry has 13 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> "C:\Documents and Settings\Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dl (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> "C:\Documents and Settings\Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dl (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-1927633692-3436522133-1525934431-500_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.24.7\psuse (the data entry has 13 more characters).

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-12-19 14:55 - 2011-08-19 18:39 - 00437174 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1001namen.com
127.0.0.1    1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123simsen.com
127.0.0.1    www.123simsen.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-LIFEBOOK-Administrator.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\DTChk.job => C:\Users\Public\Util\DTChk.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DTReg.job => C:\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1927633692-3436522133-1525934431-500Core.job => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1927633692-3436522133-1525934431-500UA.job => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_vVX3000_exe.job => C:\WINDOWS\vVX3000.exe

==================== Loaded Modules (whitelisted) =============

2013-01-22 22:44 - 2001-10-28 03:42 - 00116224 _____ () C:\WINDOWS\system32\redmonnt.dll
2005-12-19 14:56 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-12-19 14:56 - 2013-01-01 23:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-12-19 14:54 - 2008-04-13 17:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-12-19 14:56 - 2008-04-13 17:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2009-12-22 18:03 - 2009-07-24 16:05 - 00524144 _____ () C:\WINDOWS\system32\LcProxy.ax
2013-07-10 19:31 - 2013-07-10 19:31 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1a1b9642\mscorlib.dll
2013-07-10 19:31 - 2013-07-10 19:31 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_90878d22\system.windows.forms.dll
2013-07-10 14:37 - 2013-07-10 14:37 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f84762cc\system.dll
2013-07-10 19:31 - 2013-07-10 19:31 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_7c816ec6\system.xml.dll
2013-07-10 19:31 - 2013-07-10 19:31 - 00843776 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_49ba4a54\system.drawing.dll
2014-07-22 12:18 - 2014-07-22 12:19 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2014 10:59:56 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/24/2014 10:59:56 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/24/2014 10:42:46 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/24/2014 10:42:46 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/24/2014 10:42:29 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/24/2014 10:42:29 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.


System errors:
=============
Error: (08/24/2014 10:45:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (08/24/2014 10:45:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (08/24/2014 10:45:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (08/24/2014 10:45:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (08/24/2014 10:45:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (08/24/2014 10:45:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (08/24/2014 10:43:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (08/24/2014 10:43:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (08/23/2014 07:36:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (08/23/2014 07:36:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (08/24/2014 10:59:56 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/24/2014 10:59:56 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/24/2014 10:42:46 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/24/2014 10:42:46 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (08/24/2014 10:42:29 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/24/2014 10:42:29 AM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (08/23/2014 07:28:48 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}


==================== Memory info ===========================

Processor: Genuine Intel® CPU T2300 @ 1.66GHz
Percentage of memory in use: 48%
Total physical RAM: 2045.92 MB
Available physical RAM: 1050.67 MB
Total Pagefile: 3937.14 MB
Available Pagefile: 3068.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:69.17 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:149.05 GB) (Free:147.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: EF83EF83)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 40E2D6A5)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Link to post
Share on other sites

I have the free version.

 

I don't know a ton about computer logs, so why does it have strange websites in the Host area on the Additonal FRST log that I posted? Do these host websites indicate a virus or more malware? How can I get rid of them?

Link to post
Share on other sites

  • Staff

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.