Jump to content

Please help remove Positive Finds


Recommended Posts

Please help me get rid of Positive Finds, installed when I updated my AVG. All other efforts have failed. Thank you in advance.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2015
Ran by Sherry Z (administrator) on SHERRY-6ZLQWJ7N on 03-02-2015 19:31:20
Running from C:\Documents and Settings\Sherry Z\Desktop
Loaded Profiles: Sherry Z (Available profiles: Sherry Z & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.adobe.com)
AIM 7 (HKLM\...\AIM_7) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-1645522239-854245398-725345543-1003\...\Akamai) (Version:  - Akamai Technologies, Inc)
AllMyNotes Organizer (HKLM\...\AllMyNotes Organizer) (Version: 2.45 - Vladonai Software)
AM-DeadLink (HKLM\...\AM-DeadLink) (Version:  - )
Any DVD Clone 1.2.7 (HKLM\...\Any DVD Clone_is1) (Version:  - any-dvd-clone.com)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Camera Suite (HKLM\...\{AD708DF0-9F04-4CB3-821A-85804A833B4D}) (Version:  - )
ArtistScope Plugin FX (HKLM\...\ArtistScope Plugin FX4.2.0.3) (Version: 4.2.0.3 - ArtistScope)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
AV Bros. Puzzle Pro 2.0 (Remove Only) (HKLM\...\AV Bros. Puzzle Pro 2.0) (Version:  - )
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5646 - AVG Technologies)
AVG 2015 (Version: 15.0.4281 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5646 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (en-US) (Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (Version: 15.0.1001.238 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BR PC (HKLM\...\InstallShield_{D8DACDAA-DCDE-4704-9594-47F34D9D5967}) (Version: 3.50.02 - Blue Ridge)
BR PC (Version: 3.50.02 - Blue Ridge) Hidden
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Calendar Magic V16.5 (HKLM\...\Calendar Magic_is1) (Version:  - EuroSoft)
Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - Canon Inc.)
Canon Camera Window DS for ZoomBrowser EX (HKLM\...\InstallShield_{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}) (Version: 5.0 - Canon)
Canon Camera Window DVC for ZoomBrowser EX (HKLM\...\InstallShield_{4C96958A-6562-4143-B820-FF4890D3B734}) (Version: 5.0 - Canon)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon PhotoRecord (HKLM\...\{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}) (Version: 02.01.00069 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\InstallShield_{45EF4EE3-F591-4B74-A477-0CAE12934CE7}) (Version: 1.2 - Canon)
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}) (Version: 1.1 - Canon)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.6.18 - Canon Inc.)
Canon Utilities PhotoStitch 3.1 (HKLM\...\InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}) (Version: 3.1.14 - Canon)
Canon Utilities RemoteCapture DC (HKLM\...\RemoteCaptureDC) (Version: 3.1.0.5 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Catalina Savings Printer (HKLM\...\{4956ACE3-F537-4418-BB45-FD52395275A7}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cisco Connect (HKLM\...\Cisco Connect) (Version: 1.4.11266.0 - Cisco Consumer Products LLC)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Cobian Backup 8 (HKLM\...\CobBackup8) (Version:  - )
Compact Wireless-G USB Adapter (HKLM\...\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cookie Monster (HKLM\...\Cookie Monster) (Version:  - )
Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Corel Business Applications (HKLM\...\Corel Remove Program) (Version:  - )
Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.01 - Corel Inc)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.3) (Version: 5.0.1.3 - Coupons.com Incorporated)
CouponPrinterPlugin (HKLM\...\{8AC6566B-131F-4987-82DF-932CED9FCA23}) (Version: 2.0.2.0 - Hopster) <==== ATTENTION
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version:  - )
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version:  - )
Dell Support 5.0.0 (630) (HKLM\...\DellSupport) (Version:  - )
Dell System Detect - 1  (HKU\S-1-5-21-1645522239-854245398-725345543-1003\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Desktop Taipei version 2.2 (HKLM\...\Desktop Taipei_is1) (Version:  - )
Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DNA (HKU\S-1-5-21-1645522239-854245398-725345543-1003\...\BitTorrent DNA) (Version: 2.0.0 (8452) - BitTorrent Inc.)
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION
DriverMax 5 (HKLM\...\DMX5_is1) (Version: 5.6.0.799 - Innovative Solutions)
EasyRecovery Professional (HKLM\...\InstallShield_{A8BB9906-E618-406A-B161-7383AFF46C39}) (Version: 6.03.04 - Ontrack Data International, Inc.)
Elite Mahjong 1.0 (HKLM\...\Elite Mahjong_is1) (Version:  - DoubleGames.com)
ePrompter (HKLM\...\ePrompter) (Version:  - )
F2100_doccd (Version: 90.0.200.000 - Hewlett-Packard) Hidden
Facebook Desktop (HKLM\...\Facebook) (Version:  - )
FaxTools (HKLM\...\{F45298E5-0083-426F-A668-1A2C5F04B8A0}) (Version: 5.08 - BVRP Software)
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
filehippo.com Update Checker (HKLM\...\filehippo.com) (Version:  - )
FoxTab Video Converter (HKU\S-1-5-21-1645522239-854245398-725345543-1003\...\FoxTab Video Converter) (Version:  - ) <==== ATTENTION
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free PS Convert driver 8.15 (HKLM\...\Free PS Convert driver_is1) (Version:  - )
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 8.9.8.8 - Siber Systems)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Gmail Notifier (HKLM\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version:  - Google Inc.)
Google Pack Screensaver (HKLM\...\Google Pack Screensaver) (Version: 1.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Google Video Player (HKLM\...\GoogleVideoPlayer) (Version:  - )
GotVoice Message Center 1.0 (HKLM\...\GotVoice Message Center_is1) (Version: 1.0 - GotVoice, Inc.)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (HKLM\...\{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) (Version: 1.1.1905.1 - Microsoft Corporation)
HP ENVY 4500 series Basic Device Software (HKLM\...\{96E25EB6-6C97-4D50-A94F-1BBAD10EE3E7}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iLivid (HKLM\...\iLivid) (Version: 1.92.0.117387 - Bandoo Media Inc.) <==== ATTENTION
iLivid (Version: 1.92.0.117387 - Bandoo Media Inc.) Hidden <==== ATTENTION
Inpaint 2.0 (HKLM\...\{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1) (Version:  - Teorex)
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version:  - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version:  - )
Intel® PROSet (HKLM\...\{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}) (Version: 6.05.2001 - Intel)
Internet Transporter - NCP Link (HKLM\...\{92BF38A8-5616-4209-87A3-D910B45A1D98}) (Version: 3.2.1 - National Consumer Panel)
Invoke Solutions Participant 5.5.0.1437 (HKLM\...\{D8AA889B-2C65-47C3-8C16-3DCD4EF76A47}_is1) (Version:  - Invoke Solutions)
IrfanView (remove only) (HKLM\...\IrfanView) (Version:  - )
iTunes (HKLM\...\{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}) (Version: 9.0.1.8 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JPG2PDF 2.1 (HKLM\...\JPG2PDF_is1) (Version:  - JPG2PDF Developer Team)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab)
Kaspersky Security Scan (Version: 12.0.1.340 - Kaspersky Lab) Hidden
KeePass Password Safe 2.28 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Kernel for Outlook Express Evaluation ver 9.04.01 (HKLM\...\Kernel for Outlook Express Evaluation Version_is1) (Version:  - Nucleus Data Recovery .com)
LastPass (uninstall only) (HKU\S-1-5-21-1645522239-854245398-725345543-1003\...\LastPass) (Version:  - LastPass)
Macromedia Shockwave Player (HKLM\...\Macromedia Shockwave Player) (Version: 10.1.0.11 - Macromedia, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chat 2.5 (HKLM\...\ComicChat) (Version:  - )
Microsoft IntelliPoint 7.0 (HKLM\...\{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}) (Version: 7.0.260.0 - Microsoft)
Microsoft IntelliType Pro 8.0 (HKLM\...\{D4CFC5F3-481C-40AA-9944-E7E4E732136C}) (Version: 8.0.225.0 - Microsoft)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version:  - )
Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Miraplacid Publisher 6.0 (HKLM\...\MiraplacidPublisher) (Version: 6.0 - Miraplacid)
More Properties 2.03 (HKLM\...\More Properties 2.03) (Version:  - )
Morpheus ACD Plugin v1.85 (HKLM\...\MorpheusSoftware_is1) (Version:  - Morpheus Software, LLC)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version:  - )
Move Media Player (HKU\S-1-5-21-1645522239-854245398-725345543-1003\...\Move Media Player) (Version:  - Move Networks)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 27.0 (x86 en-US) (HKLM\...\Mozilla Thunderbird 27.0 (x86 en-US)) (Version: 27.0 - Mozilla)
MSN Music Assistant (HKLM\...\MSN Music Assistant) (Version:  - )
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
MyPublisher (HKLM\...\MyPublisher) (Version:  - MyPublisher, Inc.)
MyTomTom 3.2.0.802 (HKLM\...\MyTomTom) (Version: 3.2.0.802 - TomTom)
NCP Internet Transporter (HKLM\...\{7CEB5AC4-B6F8-414C-845D-4295C125D17B}) (Version: 3.2.03 - National Consumer Panel)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-1645522239-854245398-725345543-1003\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.1 (HKLM\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
OverDrive Media Console (HKLM\...\{34D6EED8-7650-4E1C-BC26-F5B2DDE185C6}) (Version: 3.1.1 - OverDrive, Inc.)
Owl and Mouse U.S. Map Puzzle (HKLM\...\Owl and Mouse U.S. Map Puzzle) (Version:  - )
P@H-Protocol (HKLM\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
Paint Shop Pro 7 Anniversary Edition (HKLM\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.4.0000 - Jasc Software Inc)
PCMesh Anonymous Web Surfing (HKLM\...\PCMesh Anonymous Web Surfing) (Version:  - PC Mesh)
PDF to Image Converter 2.00 (HKLM\...\PDF to Image Converter_is1) (Version:  - PDF-Convert, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.)
Picture Calendar (HKLM\...\{966B6BA0-5EB2-4E94-99E1-40643B0DEEED}) (Version: 1.0.0 - Biscup Enterprises)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{B886E20C-4C65-4300-96BB-09C0146A7DB1}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5391 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
REALVIZ StitcherEZ ACD (HKLM\...\{2EDC0C39-9F9F-461F-9C43-3D51B58B4C87}) (Version:  - )
Rhapsody Player Engine (HKLM\...\{6A136B9A-1895-436F-83F8-30D9C68BB6EA}) (Version: 1.0.2.636 - RealNetworks)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Signature Creator 1.12 (HKLM\...\Signature Creator_is1) (Version: 1.12 - ErstenWare)
Software Informer 1.3.1031.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.7000 - Analog Devices)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (Version: 90.0.146.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
Swiff Player 1.1 (HKLM\...\Swiff Player_is1) (Version: 1.1 - GlobFX Technologies)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SysTools Outlook Express Restore (HKLM\...\SysTools Outlook Express Restore - Demo Version_is1) (Version:  - )
The Cleaner (HKLM\...\The_Cleaner) (Version:  - )
TomTom HOME (HKLM\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TrayApp (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Tweak Manager 2.1 (HKLM\...\Tweak Manager_is1) (Version: 2.1 - WinGuides.com)
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\2DC0AA065FA83047D7ECD51C7000C1620D79A4C5) (Version: 02/17/2009 2.04.16 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\51A4D522DD31538335EF5736F0E7F588C70BCB12) (Version: 02/17/2009 2.04.16 - FTDI)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip (HKLM\...\WinZip) (Version:  - )
WordPerfect Office 11 (HKLM\...\{54F90B55-BEB3-4F0D-8802-228822FA5921}) (Version: 11.0 - Corel Corporation)
Xara Xtreme (HKLM\...\{E1EAFC17-1D59-4307-82DC-557F609FB203}) (Version: 1.00.0000 - Xara Group Ltd.)
XP Repair Pro 2006 (HKLM\...\{80682344-770B-46CB-B0FF-6A7620B37CBA}) (Version: 3.1.6 - ddXSoftware Inc.)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{5700330B-D97E-5600-959F-2C33DC75C7F0}\InprocServer32 -> C:\Documents and Settings\Sherry Z\Application Data\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll (Hopster)
CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{994B47B9-7DB9-5058-EE22-08DD039ADC4B}\InprocServer32 -> {1FD119FE-9468-D082-A889-A0EE85889A47} No File
CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{AD848A76-F236-5EE2-819B-2BDE7ED40AE7}\InprocServer32 -> C:\Documents and Settings\Sherry Z\Application Data\Catalina – Print Savings\npBcsKtTcHW.dll (Catalina Marketing Corporation)
CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{DD0822EE-9A03-4BDC-B947-4B99B97D5850}\InprocServer32 -> {47F9048E-9468-D082-D894-88B685889A47} No File
CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Documents and Settings\Sherry Z\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Documents and Settings\Sherry Z\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Documents and Settings\Sherry Z\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-1645522239-854245398-725345543-1003_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Documents and Settings\Sherry Z\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

==================== Restore Points  =========================

01-02-2015 23:37:08 System Checkpoint
02-02-2015 13:02:36 Installed AVG 2015
02-02-2015 13:10:58 Removed AVG 2015
02-02-2015 15:54:34 Configured AirPlus G
02-02-2015 19:35:44 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-08-23 05:00 - 2010-06-30 19:01 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\OGALogon.job => C:\WINDOWS\system32\OGAEXEC.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-854245398-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-854245398-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\SpeedyPC Pro.job => C:\Program Files\SpeedyPC Software\SpeedyPC\SpeedyPC.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2002-07-30 11:33 - 2002-07-30 11:33 - 00045056 _____ () C:\WINDOWS\System32\NavLogon.dll
2009-07-23 10:43 - 2007-07-12 21:33 - 00087552 _____ () C:\WINDOWS\system32\cpwmon2k.dll
2010-05-26 12:38 - 2010-05-26 12:38 - 00534528 _____ () C:\Program Files\BLUE RIDGE\BR PC\I5ClientAPI.dll
2015-01-15 08:41 - 2015-01-27 00:41 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2015-01-02 11:28 - 2015-01-02 11:28 - 01020928 _____ () C:\Documents and Settings\Sherry Z\Application Data\Mozilla\Firefox\Profiles\92tsdmdr.default-1407648947328\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2015-01-24 16:36 - 2015-01-24 16:36 - 16844976 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll
2008-12-06 20:15 - 2005-09-01 04:25 - 00045056 ____N () C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\Security.dll
2008-12-06 20:15 - 2002-04-24 00:00 - 00110592 _____ () C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\GEMWEP.DLL
2008-12-06 20:15 - 2003-10-13 15:30 - 00094208 _____ () C:\WINDOWS\system32\GTW32N50.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:264B2CC4

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\52592416.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\52592416.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk => C:\WINDOWS\pss\Billminder.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Desktop Application Director 8.LNK => C:\WINDOWS\pss\Corel Desktop Application Director 8.LNKCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk => C:\WINDOWS\pss\Google Updater.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GotVoice Message Center.lnk => C:\WINDOWS\pss\GotVoice Message Center.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk => C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk => C:\WINDOWS\pss\Quicken Startup.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Sherry Z^Start Menu^Programs^Startup^CNET TechTracker.lnk => C:\WINDOWS\pss\CNET TechTracker.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Sherry Z^Start Menu^Programs^Startup^hpqtra08.exe => C:\WINDOWS\pss\hpqtra08.exeStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Sherry Z^Start Menu^Programs^Startup^Monitor Ink Alerts - HP ENVY 4500 series.lnk => C:\WINDOWS\pss\Monitor Ink Alerts - HP ENVY 4500 series.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Sherry Z^Start Menu^Programs^Startup^Norton Disk Doctor.LNK => C:\WINDOWS\pss\Norton Disk Doctor.LNKStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Sherry Z^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\WINDOWS\pss\OpenOffice.org 3.1.lnkStartup
MSCONFIG\startupreg: 24x7HELP => "C:\Program Files\24x7Help\App24x7Help.exe" /STARTUP
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AIM => "C:\Program Files\AIM7\aim.exe" /d locale=en-US
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Documents and Settings\Sherry Z\Local Settings\Application Data\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: AlcWzrd => ALCWZRD.EXE
MSCONFIG\startupreg: AllMyNotes => C:\Program Files\AllMyNotes Organizer\AllMyNotes.exe -autostartup
MSCONFIG\startupreg: ANIWZCS2Service => C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: D-Link AirPlus G => C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: DellSupport => "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
MSCONFIG\startupreg: DriverFinder => C:\Program Files\DriverFinder\DriverFinder.exe
MSCONFIG\startupreg: DriverMax => "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
MSCONFIG\startupreg: DriverMax_RESTART =>
MSCONFIG\startupreg: DriverScanner => "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000
MSCONFIG\startupreg: ErrorTeck => C:\Program Files\ErrorTeck\ErrorTeck.exe /scan
MSCONFIG\startupreg: eventAuthenticationUsb => rundll32.exe
MSCONFIG\startupreg: filehippo.com => "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Sherry Z\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: itype => "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: KSS => "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
MSCONFIG\startupreg: MegaPanel => C:\Program Files\National Consumer Panel\NCP Internet Transporter\HSTrans.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MsmqIntCert => regsvr32 /s mqrt.dll
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe"
MSCONFIG\startupreg: MyTomTomSA.exe => "C:\Program Files\MyTomTom 3\MyTomTomSA.exe"
MSCONFIG\startupreg: NielsenOnline => C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
MSCONFIG\startupreg: NSWatchDog => C:\PROGRA~1\NETRAT~2\NetSight\NIELSE~1\NIELSE~1.EXE &PT=MP&MI=61031371365&OS=Microsoft_Windows_XP_version_5.1
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: nwiz => nwiz.exe /install
MSCONFIG\startupreg: PCFix => C:\Program Files\PCFix\PCFix.exe
MSCONFIG\startupreg: PCFixSpeed => "C:\Program Files\PCFixSpeed\PCFixTray.exe" /startup
MSCONFIG\startupreg: Picasa Media Detector => C:\Program Files\Picasa2\PicasaMediaDetector.exe
MSCONFIG\startupreg: PRONoMgr.exe => C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoboForm => "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: RunIt => "C:\Program Files\Mozilla Firefox\firefox.exe" about:newaddon?id={64d64833-9296-421b-a362-83cfbd6291b6}
MSCONFIG\startupreg: SearchProtect => C:\Documents and Settings\Sherry Z\Application Data\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SkyTel => SkyTel.EXE
MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
MSCONFIG\startupreg: Software Informer => "C:\Program Files\Software Informer\softinfo.exe" -autorun
MSCONFIG\startupreg: SoundMan => SOUNDMAN.EXE
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Spyware Doctor => C:\Documents and Settings\Sherry Z\Desktop\sdsetup_aff.exe -min
MSCONFIG\startupreg: Staples Easy Button => "C:\Program Files\Staples Easy Button\EasyButton.exe" /BOOT
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TexTally => "C:\Program Files\NCH Software\TexTally\textally.exe" -logon
MSCONFIG\startupreg: TkBellExe => "C:\program files\real\realplayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: UserFaultCheck => %systemroot%\system32\dumprep 0 -u
MSCONFIG\startupreg: Windows Defender => "C:\Program Files\Windows Defender\MSASCui.exe" -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1645522239-854245398-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1645522239-854245398-725345543-1005 - Limited - Enabled)
Guest (S-1-5-21-1645522239-854245398-725345543-501 - Limited - Disabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-1645522239-854245398-725345543-1000 - Limited - Disabled)
Sherry Z (S-1-5-21-1645522239-854245398-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Sherry Z
SUPPORT_388945a0 (S-1-5-21-1645522239-854245398-725345543-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2015 07:34:18 PM) (Source: crypt32) (EventID: 3) (User: )
Description: Failed auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>with error: This operation returned because the timeout period expired.

Error: (02/03/2015 06:18:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 1.0.1.711, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/03/2015 06:18:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 1.0.1.711, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/03/2015 06:05:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 1.0.1.711, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/03/2015 06:05:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mbam.exe, version 1.0.1.711, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/03/2015 00:15:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/02/2015 08:35:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 10.0.6866.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/02/2015 08:35:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 10.0.6866.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/02/2015 08:35:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 10.0.6866.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/02/2015 10:46:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 10.0.6866.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (02/03/2015 06:28:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Real-time Scanner service failed to start due to the following error:
%%3

Error: (02/03/2015 06:28:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Security Scan Service service failed to start due to the following error:
%%1053

Error: (02/03/2015 06:28:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Kaspersky Security Scan Service service to connect.

Error: (02/03/2015 06:28:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053

Error: (02/03/2015 06:28:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the HP Support Solutions Framework Service service to connect.

Error: (02/03/2015 06:28:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service terminated with the following error:
%%31

Error: (02/03/2015 06:26:52 PM) (Source: Print) (EventID: 23) (User: NT AUTHORITY)
Description: Printer Corel Barista failed to initialize because a suitable Corel Barista driver could not be found.

Error: (02/03/2015 10:46:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Mgr PositiveFinds service failed to start due to the following error:
%%3

Error: (02/03/2015 10:46:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Mgr PositiveFinds service failed to start due to the following error:
%%3

Error: (02/03/2015 10:46:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Real-time Scanner service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (02/03/2015 07:34:18 PM) (Source: crypt32) (EventID: 3) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThisoperation returned because the timeout period expired.

Error: (02/03/2015 06:18:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.1.711hungapp0.0.0.000000000

Error: (02/03/2015 06:18:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.1.711hungapp0.0.0.000000000

Error: (02/03/2015 06:05:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.1.711hungapp0.0.0.000000000

Error: (02/03/2015 06:05:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.1.711hungapp0.0.0.000000000

Error: (02/03/2015 00:15:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (02/02/2015 08:35:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000

Error: (02/02/2015 08:35:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000

Error: (02/02/2015 08:35:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000

Error: (02/02/2015 10:46:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000


==================== Memory info ===========================

Processor:  Intel® Pentium® 4 CPU 3.00GHz
Percentage of memory in use: 93%
Total physical RAM: 1023 MB
Available physical RAM: 67.87 MB
Total Pagefile: 2461.89 MB
Available Pagefile: 1252.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:127.99 GB) (Free:27.92 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (ZIP-100) (Removable) (Total:0.09 GB) (Free:0.03 GB) FAT
Drive e: (HP EN4500) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:3.73 GB) (Free:3.67 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 96 MB) (Disk ID: 726A014E)
Partition 4: (Active) - (Size=96 MB) - (Type=06)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: F52BCF0E)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Open Malwarebytes Anti-Malware, from the Dashboard please Check for Updates by clicking the Update Now... link

When the update completes select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

 

When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

 

In most cases, a restart will be required.

 

 

Wait for the prompt to restart the computer to appear, then click on Yes.

 

 

When the scan is completed from the main GUI click on History > Application Logs. Find your Scan log, the date when run will identify it. Checkmark "select" box > then hit the "view" button. The history log window will open. At the bottom of that window are two options, "Copy to clipboard" and "Export"

Select > "Copy to clipboard" that copies the full log to the windows clipboard, so at your reply you right click into the text field and select "Paste" the log is pasted (copied) to  your reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

  • Download Norton Power Eraser from here: https://security.symantec.com/nbrt/npe.aspx? and save direct to your Desktop.
     
  • Double click on NPE.exe to start the tool. Vista, Windows 7/8/8.1 right click, select "Run as Administrator" accept UAC.
     
     
    NPE1.png
     
     
  • The EULA will open, accept that to move on...
     
     
    NPE2.png
     
     
  • The tool will check for updates/latest version
     
     
    NPE3.png
     
     
  • The GUI will open, select "Scan for Risks"
     
     
    NPE4.png
     
     
  • Rootkit scan alert will open, select "Restart"
     
     
    NPE5.png
     
     
  • Rootkit scan preparations will time out and Reboot the system.
     
     
    NPE6.png
     
     
  • Tool will will restart and check for update, do nothing.
     
     
    NPE7.png
     
     
  • System scan will start, do nothing.
     
     
    NPE8.png
     
     
  • If infections are found a list will be produced, make sure to checkmark "Create System Restore Point" then select "Fix Now" if nothing is found select "Exit" to close out the tool.
     
     
    NPE9.png
     
     
  • To remove "found entries" the system will need to restart, select that option.
     
     
    NPE10.png
     
     
  • If applicable select "Locate Log" attach to reply. Select "Done" when complete....

 

Let me see those logs, also give an update on any remaining issues or concerns...

 

Kevin...

 

Fixlist.txt

Link to post
Share on other sites

Okay. I think I found ATTACH.

 

I have not had an opportunity to test how my cpmputer is running but, so far, it seems to be fine now. One additional problem is that, recently, Dell System Detect's icon showed up in my tray and keeps sending error messages. Yet, when I go to Add/ Remove Programs, it's listed there (as Dell Detect - 1) but the uninstall fails due to these details:

 

PLATFORM VERSION INFO
    Windows             : 5.1.2600.196608 (Win32NT)
    Common Language Runtime     : 4.0.30319.1022
    System.Deployment.dll         : 4.0.30319.1 (RTMRel.030319-0100)
    clr.dll             : 4.0.30319.1022 (RTMGDR.030319-1000)
    dfdll.dll             : 4.0.30319.1 (RTMRel.030319-0100)
    dfshim.dll             : 4.0.31106.0 (Main.031106-0000)

IDENTITIES
    Deployment Identity        : DellSystemDetect.application, Culture=neutral, PublicKeyToken=0f612f649c4a10af, processorArchitecture=msil

ERROR SUMMARY
    Below is a summary of the errors, details of these errors are listed later in the log.
    * Error occurred during store lookup, component store may have been corrupted. Following failure messages were detected:
        + Application is not installed.
    * Error occurred during uninstall of the application. Following failure messages were detected:
        + Application is not installed.
    * Exception occurred during uninstall of application DellSystemDetect.application, Culture=neutral, PublicKeyToken=0f612f649c4a10af, processorArchitecture=msil. Following failure messages were detected:
        + ARP entry 9204f5692a8faf3b does not exist.
        + Cannot delete a subkey tree because the subkey does not exist.

COMPONENT STORE TRANSACTION FAILURE SUMMARY
    No transaction error was detected.

WARNINGS
    There were no warnings during this operation.

OPERATION PROGRESS STATUS
    * [2/4/2015 5:56:32 PM] : Looking up information from component store.
    * [2/4/2015 5:56:32 PM] : Uninstall of application DellSystemDetect.application, Culture=neutral, PublicKeyToken=0f612f649c4a10af, processorArchitecture=msil did not succeed.

ERROR DETAILS
    Following errors were detected during this operation.
    * [2/4/2015 5:56:32 PM] System.Deployment.Application.DeploymentException (SubscriptionState)
        - Application is not installed.
        - Source: System.Deployment
        - Stack trace:
            at System.Deployment.Application.SubscriptionStore.CheckInstalled(SubscriptionState subState)
            at System.Deployment.Application.SubscriptionStore.CheckInstalledAndShellVisible(SubscriptionState subState)
            at System.Deployment.Application.DeploymentServiceCom.MaintainSubscriptionInternal(String textualSubId)
    * [2/4/2015 5:56:32 PM] System.Deployment.Application.DeploymentException (SubscriptionState)
        - Application is not installed.
        - Source: System.Deployment
        - Stack trace:
            at System.Deployment.Application.SubscriptionStore.CheckInstalled(SubscriptionState subState)
            at System.Deployment.Application.SubscriptionStore.UninstallSubscription(SubscriptionState subState)
            at System.Deployment.Application.DeploymentServiceCom.MaintainSubscriptionInternal(String textualSubId)
    * [2/4/2015 5:56:32 PM] System.Deployment.Application.DeploymentException (InvalidARPEntry)
        - ARP entry 9204f5692a8faf3b does not exist.
        - Source: System.Deployment
        - Stack trace:
            at System.Deployment.Application.ShellExposure.RemoveArpEntry(DefinitionIdentity subId)
            at System.Deployment.Application.ShellExposure.RemoveSubscriptionShellExposure(SubscriptionState subState)
            at System.Deployment.Application.DeploymentServiceCom.MaintainSubscriptionInternal(String textualSubId)
        --- Inner Exception ---
        System.ArgumentException
        - Cannot delete a subkey tree because the subkey does not exist.
        - Source: mscorlib
        - Stack trace:
            at System.ThrowHelper.ThrowArgumentException(ExceptionResource resource)
            at Microsoft.Win32.RegistryKey.DeleteSubKeyTree(String subkey, Boolean throwOnMissingSubKey)
            at Microsoft.Win32.RegistryKey.DeleteSubKeyTree(String subkey)
            at System.Deployment.Application.ShellExposure.RemoveArpEntry(DefinitionIdentity subId)

COMPONENT STORE TRANSACTION DETAILS
    No transaction information is available.
 

Link to post
Share on other sites

I have no experience with Dell specific functions and tools, you will need to go to the Dell forum direct with that issue...

 

Have a look at the following link: http://en.community.dell.com/support-forums/laptop/f/3518/t/19509920 scroll to 5th or 6 th reply...

 

Let me know the status of your system other than Dell specific tool issues...

 

Thank you...

 

Kevin..

Link to post
Share on other sites

To access the log from NPE do the following:

 

The log is saved to this folder: C:\User\user name\Appdata\Local\NPE\INFOyyyymmddhhmmss

 

The date and time listed against INFO identify the log. Right click on that log, Select > Send to > Compressed (Zipped) Folder. Attach that folder to your next reply, it maybe easier to locate if you drag the zip folder to your Desktop….

Link to post
Share on other sites

Kevin, my computer is functioning smoothly and I thank you enormously. Because all the data from my password management program was deleted in the process, I have been busy online recreating online accounts which is giving me an excellent opportunity to determine the functionality of my computer since the removal of the virus. It is perfect. Thank you so much!

Link to post
Share on other sites

Thanks for the update, if all is well run the following to clean up.....

 

Download "Delfix by Xplode" and save it to your desktop.

 

Or use the following if first link is down:

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 

 


    Remove disinfection tools
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Any remnant files/logs from tools we have used can be deleted…

 

Let me know if we are ok to close out....

 

Thank you,

 

Kevin.....

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.