Jump to content

Redirects to proxy server isnt responding


audra
 Share

Recommended Posts

Hi I found your site by this thread

https://forums.malwa...rver-not-found/

 

I am trying to repair a friends computer and they had many problems and this one is the biggest so far that haven't be able to conquer. 

 

the proxy error is 127.0.0.1:49169

 

I have cleaned up all of the spyware, junk, removed files, hopefully successfully removed the driver performer threat that was downloaded.  but now i am not able to conquer this one and need your help.

 

I downloaded and scanned the roguekiller 32 bit and this is the report. Please help

 

RogueKiller V10.0.5.0 [Nov 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : user [Administrator]
Mode : Scan -- Date : 11/11/2014  13:07:34

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 20 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} -> Found
[PUP] HKEY_CLASSES_ROOT\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} -> Found
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} -> Found
[suspicious.Path] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | snp2uvc : C:\Windows\vsnp2uvc.exe  -> Found
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CltMngSvc (C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe) -> Found
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CltMngSvc (C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe) -> Found
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\CltMngSvc (C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe) -> Found
[PUM.Proxy] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> Found
[PUM.Proxy] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49169;https=127.0.0.1:49169  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{073E698D-3D8B-435F-B169-267847DFD891} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7CD6D6E7-87E5-48F4-B82B-1DC53BB0D34D} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{073E698D-3D8B-435F-B169-267847DFD891} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7CD6D6E7-87E5-48F4-B82B-1DC53BB0D34D} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{073E698D-3D8B-435F-B169-267847DFD891} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7CD6D6E7-87E5-48F4-B82B-1DC53BB0D34D} | DhcpNameServer : 209.18.47.61 209.18.47.62 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3091518469-1345478979-959343681-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> Found
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3091518469-1345478979-959343681-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3091518469-1345478979-959343681-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD1600BEVT-22ZCT0 +++++
--- User ---
[MBR] f5bfffae8366345e0e2d27f36b56ffe5
[bSP] bd21da049e19e2309e613595902b038e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 152525 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! ([32] The request is not supported. )
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: SanDisk Cruzer USB Device +++++
--- User ---
[MBR] a124dc1f32b91ceacb765c7a5ad6ec2e
[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 15266 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

Link to post
Share on other sites

I have ran the makwarebytes scan and here is the log

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/11/2014
Scan Time: 1:43:17 PM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.11.07
Rootkit Database: v2014.11.10.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: user

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 283595
Time Elapsed: 5 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 10
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3091518469-1345478979-959343681-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [c2c12d0dfc80fa3cec51caea0bf757a9],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-3091518469-1345478979-959343681-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, , [295a53e777055fd7111010a56f93ae52],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test.BackgroundHostObject, , [4e3548f2f983f73f44bdf8aad62e0cf4],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test.BackgroundHostObject.1, , [335067d388f4df574eb39b07986c1fe1],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [7b0803371a6273c3bb2b2a7c21e311ef],
PUP.Optional.DriverPerformer.A, HKLM\SOFTWARE\PERFORMERSOFT\Driver Performer, , [374c60da78048bab67985e4313f153ad],
PUP.Optional.ConduitSearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, , [6a1935057dff44f29732057a37cde818],
PUP.Optional.FourFinders.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Four Finders, , [651e3ffb9ae2270f42c14e4eeb1951af],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-3091518469-1345478979-959343681-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [ccb793a74e2e280efc185aef2cd74eb2],
PUP.Optional.DriverPerformer.A, HKU\S-1-5-21-3091518469-1345478979-959343681-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PERFORMERSOFT\Driver Performer, , [b7ccda60c4b882b4bf526a1c4cb8e51b],

Registry Values: 2
PUP.Optional.SettingsManager, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, c:\program files\settings manager\smdmf\x64\sysapcrt.dll, , [424174c687f554e2f14a093926ddef11]
PUP.Optional.SpeedTest, HKU\S-1-5-21-3091518469-1345478979-959343681-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest199@BestOffers, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, , [137009310b719c9a0fb343ff05fe1ce4]

Registry Data: 0
(No malicious items detected)

Folders: 5
PUP.Optional.Datamngr.A, C:\Users\user\AppData\LocalLow\DataMngr, , [632013277ffdf244185a1dea81820af6],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin, , [bdc6281245376acc5af738e143c025db],

Files: 39
PUP.Optional.PastaQuotes.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PastaQuotes.lnk, , [80038dad7309142265f208302dd6aa56],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{ba5bdfa6-01ff-443c-b8f1-b66ac8b14b6c}Gw.sys, , [32511c1e3e3e092d41c36cd7e51eec14],
PUP.Optional.DriverPerformer.A, C:\Windows\Tasks\DriverPerformer_UPDATES.job, , [1b68f743215b072f718c9b0624e0e020],
PUP.Optional.DriverPerformer.A, C:\Windows\System32\Tasks\DriverPerformer_UPDATES, , [3d46cb6fb5c71224817db8e947bd9f61],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{8b31bbf0-14db-49f2-9a2a-7c84629a9d8c}w.sys, , [780b0436156740f65b18168c030154ac],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{ba5bdfa6-01ff-443c-b8f1-b66ac8b14b6c}w.sys, , [eb9873c7710bc472462d336f56ae35cb],
PUP.Optional.PastaLeads, C:\Windows\System32\Tasks\PastaQuotes, , [a0e34eec6f0dce68e99404a3c3410ff1],
PUP.Optional.Datamngr.A, C:\Users\user\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, , [632013277ffdf244185a1dea81820af6],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome.manifest, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\icon.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\install.rdf, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\background.html, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.js, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.xml, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\config.js, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\content.js, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.js, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.xul, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.ico, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.ico, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.ico, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.ico, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.ico, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.ico, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.ico, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.png, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\jquery-1.9.1.min.js, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\options.xul, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\rjs.js, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\settings.json, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\subscriptloader.js, , [bdc6281245376acc5af738e143c025db],
PUP.Optional.SpeedTest.A, C:\Users\user\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin\framework.css, , [bdc6281245376acc5af738e143c025db],

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2014
Ran by user (administrator) on USER-PC on 11-11-2014 14:03:40
Running from E:\
Loaded Profile: user (Available profiles: user)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktop.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [sMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1458176 2009-10-26] (Motorola Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] ()
HKU\S-1-5-21-3091518469-1345478979-959343681-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3091518469-1345478979-959343681-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-10-01] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x18CA17E16F16CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2537} URL = http://www.default-search.net/search?sid=537&aid=100&itype=n&ver=14009&tm=491&src=ds&p={searchTerms}
SearchScopes: HKLM - {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {8993D23F-B641-4F9F-9F14-350E52BA4E44} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2537} URL = http://www.default-search.net/search?sid=537&aid=100&itype=n&ver=14009&tm=491&src=ds&p={searchTerms}
SearchScopes: HKCU - {EC01059D-3418-4D8F-A442-004D493073AC} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=BA7CEF07-B74A-4D36-9BCF-F96867EC9369&apn_sauid=49075586-5865-4061-9C9E-C6DC91D47A3D
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1401805000170
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-16]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1678040 2013-10-02] (Broadcom Corporation.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-08] (Hewlett-Packard Co.) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [250072 2013-10-16] (Realtek Semiconductor)
S2 Util Four Finders; "C:\Program Files\Four Finders\bin\utilFourFinders.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [174936 2013-10-02] (Broadcom Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [144600 2013-10-02] (Broadcom Corporation.)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [165744 2014-07-10] (BitDefender LLC)
R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-10] (Hewlett-Packard Development Company, L.P.)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-17] (Intel Corporation)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [40736 2013-11-26] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3568896 2012-02-29] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-10-27] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07-10] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-11 14:03 - 2014-11-11 14:03 - 00000000 ____D () C:\FRST
2014-11-11 13:41 - 2014-11-11 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-11 13:41 - 2014-11-11 13:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-11 13:41 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-11 13:41 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-11 13:01 - 2014-11-11 13:03 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-11 13:01 - 2014-11-11 13:01 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-11 11:52 - 2014-11-11 11:52 - 158348868 _____ () C:\Users\user\Documents\reg-bak-file.reg
2014-11-04 19:44 - 2014-11-04 19:44 - 00000000 ____D () C:\SUPERDelete
2014-11-04 19:43 - 2014-11-04 20:53 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c59bc868-3d52-42ea-a1dc-5172a264bf46.job
2014-11-04 19:43 - 2014-11-04 20:53 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 18759099-deb3-41ca-ab22-b5a363731d80.job
2014-11-04 19:43 - 2014-11-04 19:43 - 00000000 ____D () C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
2014-11-04 19:40 - 2014-11-04 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-04 19:40 - 2014-11-04 19:43 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-04 19:40 - 2014-11-04 19:40 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-11-01 13:12 - 2014-11-11 14:00 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-11-01 11:41 - 2014-11-11 13:59 - 00367576 _____ () C:\Windows\PFRO.log
2014-11-01 11:18 - 2014-11-01 13:09 - 00000000 ____D () C:\Users\user\AppData\Local\Lavasoft
2014-11-01 11:18 - 2014-11-01 11:18 - 00004688 _____ () C:\Windows\system32\LavasoftTcpService.ini
2014-11-01 11:18 - 2014-11-01 11:18 - 00002520 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-01 11:18 - 2014-10-30 15:15 - 00312424 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2014-11-01 11:17 - 2014-11-01 13:09 - 00000000 ____D () C:\Users\user\AppData\Roaming\Lavasoft
2014-11-01 11:17 - 2014-11-01 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-11-01 11:16 - 2014-11-01 13:09 - 00000000 ____D () C:\Program Files\Lavasoft
2014-11-01 11:14 - 2014-11-01 11:14 - 00000000 ____D () C:\Users\user\AppData\Roaming\LavasoftStatistics
2014-11-01 11:10 - 2014-11-01 13:09 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-11-01 11:10 - 2014-11-01 11:10 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-27 20:54 - 2014-11-11 13:59 - 00001242 _____ () C:\Windows\setupact.log
2014-10-27 20:54 - 2014-10-27 20:54 - 00000000 _____ () C:\Windows\setuperr.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-11 14:04 - 2012-07-21 20:04 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-11 14:04 - 2012-04-06 15:45 - 02090553 _____ () C:\Windows\WindowsUpdate.log
2014-11-11 13:59 - 2014-02-19 08:44 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2d78b31dd077.job
2014-11-11 13:59 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-11 13:41 - 2014-01-03 03:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-11 13:02 - 2012-04-06 12:18 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-11 12:49 - 2009-07-13 23:34 - 00015952 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-11 12:49 - 2009-07-13 23:34 - 00015952 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-11 12:25 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-11 12:12 - 2014-07-09 21:51 - 00000000 ____D () C:\Users\user\AppData\Roaming\PerformerSoft
2014-11-04 20:58 - 2012-04-09 11:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-01 13:15 - 2014-07-09 21:51 - 00000000 ____D () C:\Program Files\FreePDFReader
2014-11-01 12:44 - 2014-09-06 12:44 - 00000364 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - user).job
2014-11-01 11:52 - 2009-07-13 23:53 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-01 11:33 - 2014-06-02 16:36 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-11-01 10:24 - 2014-01-03 03:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-30 06:24 - 2012-04-06 12:38 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 00:52 - 2014-10-04 21:30 - 00000000 ____D () C:\Users\user\Documents\PCSpeedClean
2014-10-28 00:52 - 2014-10-04 21:30 - 00000000 ____D () C:\Program Files\Four Finders
2014-10-28 00:52 - 2014-09-06 12:44 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-10-28 00:52 - 2014-06-03 08:42 - 00000000 ____D () C:\Users\user\Documents\Windows Updates Downloader
2014-10-28 00:52 - 2014-01-03 03:05 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-10-28 00:52 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-10-28 00:52 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\registration
2014-10-27 19:54 - 2009-07-13 21:04 - 00000580 _____ () C:\Windows\win.ini
2014-10-27 19:46 - 2014-10-03 02:11 - 00013464 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-01 13:56

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2014
Ran by user at 2014-11-11 14:04:28
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510nz_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Plus! for Windows XP (HKLM\...\{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}) (Version: 1.00.01.0732 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
Network (Version: 130.0.550.000 - Hewlett-Packard) Hidden
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Updates Downloader (HKLM\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-10-2014 02:42:15 Before PC Speed Clean fix
08-10-2014 23:02:10 Windows Update
12-10-2014 06:55:45 Windows Update
28-10-2014 01:00:31 Windows Update
28-10-2014 01:12:28 Removed DriverUpdate
28-10-2014 01:13:36 Removed SlimCleaner Plus
01-11-2014 15:24:31 avast! antivirus system restore point
01-11-2014 15:46:54 Windows Update
01-11-2014 16:10:07 AA11
01-11-2014 16:15:34 AA11
01-11-2014 16:17:19 LavasoftWeCompanion
01-11-2014 16:37:50 AA11
01-11-2014 18:08:16 LavasoftWeCompanion
01-11-2014 18:10:27 Removed SlimCleaner Plus

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2014-03-03 16:24 - 00000845 ____A C:\Windows\system32\Drivers\etc\hosts






















==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {108B4BAC-6698-429D-AA2D-1333777D1E30} - \DriverPerformer_UPDATES No Task File <==== ATTENTION
Task: {22AAD000-6444-4EEA-9463-B74C5E315919} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - user) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {7D4982AF-CB5E-4C57-A1E6-EC256AD17C57} - System32\Tasks\GoogleUpdateTaskMachineCore1cf2d78b31dd077 => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {845E8E53-BE90-48AA-BF42-BB78616E8914} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {8E7D8968-B746-4C0C-9D07-D785DECE3BAA} - System32\Tasks\SUPERAntiSpyware Scheduled Task c59bc868-3d52-42ea-a1dc-5172a264bf46 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {9783E761-AF6B-48E2-9FB8-58BE94D2F9CF} - \PastaQuotes No Task File <==== ATTENTION
Task: {A6BD5872-86FA-4066-8145-85B6F38D5591} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {A9CC8E31-C576-4136-A201-471BAFFABCA0} - System32\Tasks\PCSpeedClean_Start => C:\Program Files\PC Speed Clean\PCSpeedClean.exe
Task: {BD7F52A9-050E-48C4-9E09-6E87D4C54E56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-28] (Adobe Systems Incorporated)
Task: {BFB6913A-4CA4-43C1-97FB-6A944B5DFB98} - System32\Tasks\SUPERAntiSpyware Scheduled Task 18759099-deb3-41ca-ab22-b5a363731d80 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C9F4E82E-C932-4056-B4D6-8776770A3565} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {D0AF3F43-E512-4535-A886-565EA4EA6051} - System32\Tasks\PCSpeedClean_Popup => C:\Program Files\PC Speed Clean\Splash.exe
Task: {E48E8896-2288-474A-85C5-9C571847492F} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2d78b31dd077.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - user).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 18759099-deb3-41ca-ab22-b5a363731d80.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c59bc868-3d52-42ea-a1dc-5172a264bf46.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2014-06-02 16:35 - 2014-05-19 19:04 - 00106840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 14135104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktop.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00371056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_program_options-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 09304920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktopDefaultSkin.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3091518469-1345478979-959343681-500 - Administrator - Disabled)
Guest (S-1-5-21-3091518469-1345478979-959343681-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3091518469-1345478979-959343681-1002 - Limited - Enabled)
user (S-1-5-21-3091518469-1345478979-959343681-1000 - Administrator - Enabled) => C:\Users\user

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/01/2014 01:10:38 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: user-PC)
Description: Application or service 'SlimWare Utility Service Launcher' could not be restarted.

Error: (11/01/2014 01:07:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SlimCleanerPlus.exe, version: 1.0.22723.18328, time stamp: 0x53dfdc62
Faulting module name: SlimCleanerPlus.exe, version: 1.0.22723.18328, time stamp: 0x53dfdc62
Exception code: 0x80000003
Fault offset: 0x00110e60
Faulting process id: 0xe80
Faulting application start time: 0xSlimCleanerPlus.exe0
Faulting application path: SlimCleanerPlus.exe1
Faulting module path: SlimCleanerPlus.exe2
Report Id: SlimCleanerPlus.exe3

Error: (11/01/2014 11:52:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000005
Fault offset: 0x0000dec5
Faulting process id: 0x454
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (11/01/2014 11:37:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.

System Error:
The system cannot find the file specified.
.

Error: (11/01/2014 11:37:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
The system cannot find the file specified.
.

Error: (11/01/2014 11:37:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
The system cannot find the file specified.
.

Error: (11/01/2014 11:37:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
The system cannot find the file specified.
.

Error: (11/01/2014 11:37:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
The system cannot find the file specified.
.

Error: (11/01/2014 11:17:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.

System Error:
The system cannot find the file specified.
.

Error: (11/01/2014 11:17:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (11/11/2014 01:59:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Four Finders service failed to start due to the following error:
%%2

Error: (11/11/2014 00:21:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Four Finders service failed to start due to the following error:
%%2

Error: (11/11/2014 00:21:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Four Finders service failed to start due to the following error:
%%2

Error: (11/11/2014 00:14:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (11/11/2014 11:41:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/11/2014 11:41:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/11/2014 11:41:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/11/2014 11:41:47 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (11/11/2014 11:41:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/11/2014 11:41:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-01 13:55:16.801
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 13:44:22.961
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 12:53:08.188
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 12:41:33.141
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 12:37:45.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 12:08:28.324
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 12:03:04.532
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 11:37:12.885
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-01 11:21:14.703
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-27 21:54:31.482
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU T9300 @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 3070.43 MB
Available physical RAM: 1480.62 MB
Total Pagefile: 6139.15 MB
Available Pagefile: 4264.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:119.55 GB) NTFS
Drive e: () (Removable) (Total:14.9 GB) (Free:14.82 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: EB2A277E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

  • 3 months later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.

Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.