Inactive Slow Laptop - No Internet Connection - Suspect Malware

virginia · 2014/09/23

[Inactive] Slow Laptop - No Internet Connection - Suspect Malware

Hello again Broni. I'm helping my son's fiance with her laptop and it is extremely slow and we can't get it to connect to internet (WiFi only in the building where I live). I did a clean boot which didn't seem to improve the startup at all. We get a number of dialog boxes that pop up during startup - some as follow:

fm3023 - Unable to locate
Application failed to start because Ltwvc215u.dll was not found. Reinstalling may resolve the problem

Catalyst Control Center Host Application Stopped Working.

QuickSet has stopped.

.NET Runtime Optimization Service has stopped.

FAXMAN Server has stopped working.

On Screen Keyboard displays on Startup.

I found several suspect programs in the Control Panel however, I couldn't uninstall any of them. What's my next step?

I was able to put Malwarebytes and DDS on a flash drive and run them. Here are the logs:

MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/23/2014
Scan Time: 7:54:28 PM
Logfile: MBAM Log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Melanie

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 361580
Time Elapsed: 13 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 21
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods, Delete-on-Reboot, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods\Funmoods, Delete-on-Reboot, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods\Funmoods\us, Delete-on-Reboot, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods\Funmoods\us\20101003, Quarantined, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, Delete-on-Reboot, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.13591, Quarantined, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, Quarantined, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates, Delete-on-Reboot, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\100oupdate, Quarantined, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jacob.Melanie-PC\AppData\Roaming\Systweak\Advanced System Protector, Delete-on-Reboot, [da6f53acf189ea4c7fe7bfc747bbec14],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jacob.Melanie-PC\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.13591, Quarantined, [da6f53acf189ea4c7fe7bfc747bbec14],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Melanie\AppData\Roaming\Systweak\Advanced System Protector, Delete-on-Reboot, [3c0db14e37434de97ee8f096f60ca957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Melanie\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.13591, Quarantined, [3c0db14e37434de97ee8f096f60ca957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Melanie\AppData\Roaming\Systweak\Advanced System Protector\Logs, Quarantined, [3c0db14e37434de97ee8f096f60ca957],
PUP.Optional.OpenCandy, C:\Users\Melanie\AppData\Roaming\OpenCandy, Delete-on-Reboot, [ad9c758a0278bd790a81632350b28080],
PUP.Optional.OpenCandy, C:\Users\Melanie\AppData\Roaming\OpenCandy\49B3FE671879457197120447B4E2EF85, Quarantined, [ad9c758a0278bd790a81632350b28080],
PUP.Optional.RegCleanerPro.A, C:\Users\Melanie\AppData\Roaming\Systweak\RegClean Pro, Delete-on-Reboot, [0a3f3ec14f2b70c6f119ceb962a0f907],
PUP.Optional.RegCleanerPro.A, C:\Users\Melanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1, Quarantined, [0a3f3ec14f2b70c6f119ceb962a0f907],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, Quarantined, [2c1d1ce3364481b572c2d9afc042bf41],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Quarantined, [1a2ff30cd2a85dd9092c6523c83a2ed2],
PUP.Optional.ArcadeFrontier.A, C:\Users\Melanie\AppData\Local\ArcadeFrontier, Quarantined, [f55431cec4b689adc70b96f3837fb34d],

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

DDS Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vistaâ„¢ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 3/31/2009 1:42:47 AM
System Uptime: 9/23/2014 7:31:13 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0U785D
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz | U2E1 | 800/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 328.668 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 6.959 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #2
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0002
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #3
PNP Device ID: ROOT\*6TO4MP\0002
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0003
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0003
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0004
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0004
Service: tunnel
.
Class GUID:
Description:
Device ID: ROOT\*ISATAP\0001
Manufacturer:
Name:
PNP Device ID: ROOT\*ISATAP\0001
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0003
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #4
PNP Device ID: ROOT\*ISATAP\0003
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0004
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #5
PNP Device ID: ROOT\*ISATAP\0004
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0005
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #6
PNP Device ID: ROOT\*ISATAP\0005
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0006
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #7
PNP Device ID: ROOT\*ISATAP\0006
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0007
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #8
PNP Device ID: ROOT\*ISATAP\0007
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0009
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #9
PNP Device ID: ROOT\*ISATAP\0009
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0012
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #11
PNP Device ID: ROOT\*ISATAP\0012
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0013
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #12
PNP Device ID: ROOT\*ISATAP\0013
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0015
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #13
PNP Device ID: ROOT\*ISATAP\0015
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0016
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #14
PNP Device ID: ROOT\*ISATAP\0016
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0017
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #14
PNP Device ID: ROOT\*ISATAP\0017
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0018
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #15
PNP Device ID: ROOT\*ISATAP\0018
Service: tunnel
.
Class GUID:
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0020
Manufacturer: Microsoft
Name: isatap.{6D97E1C7-6F0E-4E93-B0F0-CE8FD8080B9E}
PNP Device ID: ROOT\*ISATAP\0020
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0021
Manufacturer: Microsoft
Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
PNP Device ID: ROOT\*ISATAP\0021
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0022
Manufacturer: Microsoft
Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
PNP Device ID: ROOT\*ISATAP\0022
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0023
Manufacturer: Microsoft
Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
PNP Device ID: ROOT\*ISATAP\0023
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0024
Manufacturer: Microsoft
Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
PNP Device ID: ROOT\*ISATAP\0024
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0025
Manufacturer: Microsoft
Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
PNP Device ID: ROOT\*ISATAP\0025
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0026
Manufacturer: Microsoft
Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
PNP Device ID: ROOT\*ISATAP\0026
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0027
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0027
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0028
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0028
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0029
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0029
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0030
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0030
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0031
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0031
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0032
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0032
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0033
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0033
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0034
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0034
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0035
Manufacturer: Microsoft
Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
PNP Device ID: ROOT\*ISATAP\0035
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0036
Manufacturer: Microsoft
Name: isatap.{6CFEEC2C-C47A-4BFC-AAAD-2D672F948E13}
PNP Device ID: ROOT\*ISATAP\0036
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0037
Manufacturer: Microsoft
Name: isatap.{839842B4-661D-4A9B-8940-AC80E1BCE0C2}
PNP Device ID: ROOT\*ISATAP\0037
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0000
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Description: Microsoft eHome Infrared Transceiver
Device ID: CIRCLASS\IRDEVICE\1&79F5D87&0&PORT2
Manufacturer: Microsoft
Name: Microsoft eHome Infrared Transceiver
PNP Device ID: CIRCLASS\IRDEVICE\1&79F5D87&0&PORT2
Service: HidIr
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Ad-Aware Security Toolbar
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.5
ATI Catalyst Install Manager
avast! Free Antivirus
Bing Rewards Client Installer
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
Choice Guard
Citrix Authentication Manager
Citrix Online Launcher
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver Updater
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
Complete Care Consumer Service Agreement
Cortona3D Viewer
Creative Media Toolbox 6
Creative Media Toolbox 6 (Shared Components)
Creative MediaSource 5
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Online
Dell Dock
Dell Driver Download Manager
Dell Edoc Viewer
Dell Getting Started Guide
Dell Touchpad
Dell V505
Dropbox
EA Download Manager
EuxttraiSSHopeper
FastAccess
Google Chrome
Google Drive
Google Earth
Google Update Helper
Google Updater
GoToMeeting 5.4.0.1082
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual C# 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2548139)
Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2635973)
hp officejet v series
HP Photo Printing Software
IDT Audio
Integrated Webcam Driver (1.05.02.1227)
Java 7 Update 21
Java Auto Updater
Junk Mail filter update
LG USB Modem driver
Line Rider 2
LiveAction Client 2.63
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
Microsoft Default Manager
Microsoft Help Viewer 1.1
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Communicator 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Small Business 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2007
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft UI Engine
Microsoft Visio Premium 2010
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft Web Platform Installer 3.0
Mobile Broadband Generic Drivers
Mozilla Firefox 22.0 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MySQL Server 5.5
NETGEAR A6200 Genie
Nmap 5.61-Spiceworks
Online Plug-in
Optimizer Pro v3.2
PDFlite 0.8
PL-2303 USB-to-Serial
PowerDVD
PowerInbox
PureLeads
Quickset
QuickTime
RedMon - Redirection Port Monitor
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition
Segoe UI
Self-service Plug-in
Service Pack 1 for SQL Server 2008 R2 (KB2528583)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64
Skins
Spiceworks
SPOREâ„¢
SQL Server 2008 R2 SP1 Common Files
SQL Server 2008 R2 SP1 Database Engine Services
SQL Server 2008 R2 SP1 Database Engine Shared
SQL Server 2008 R2 SP1 Management Studio
Sql Server Customer Experience Improvement Program
TeamViewer 9
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
WCF RIA Services V1.0 SP1
Web Deployment Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live Upload Tool
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
WinPcap 4.1.2-Spiceworks
Wizard101
.
==== End Of File ===========================

DDS Notepad

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16545
Run by Melanie at 19:42:52 on 2014-09-23
.
============== Running Processes ================
.
C:\Windows\SysWOW64\rundll32.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Windows\SysWOW64\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://speedial.com/?f=1&a=spd_softdl4u_14_23_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtB0F0BtAtBtDyCtA0C0EtC0C0EtN0D0Tzu0SzzzzyCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0AyEtA0D0AtByCtGyE0AtDyDtGzztA0DyDtGzytA0EzytGtDzy0F0Bzz0CyE0CyDzyyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0F0A0FyCzyyB0AtGtAtCyDzytGzytD0ByEtG0D0AzyzytGyBtAyD0Ezz0A0DtD0CyD0FtD2Q&cr=956281966&ir=
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: PowerInbox: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
mRun: [FAStartup] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\Windows\System32\wpclsp.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vpn3.phh.com/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~2.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli FAPassSync
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://speedial.com/?f=1&a=spd_softdl4u_14_23_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtB0F0BtAtBtDyCtA0C0EtC0C0EtN0D0Tzu0SzzzzyCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0AyEtA0D0AtByCtGyE0AtDyDtGzztA0DyDtGzytA0EzytGtDzy0F0Bzz0CyE0CyDzyyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0F0A0FyCzyyB0AtGtAtCyDzytGzytD0ByEtG0D0AzyzytGyBtAyD0Ezz0A0DtD0CyD0FtD2Q&cr=956281966&ir=
x64-mWinlogon: Userinit = userinit.exe,
x64-BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: PowerInbox: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO64.dll
x64-TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?gd=&ctid=CT3322520&octid=EB_ORIGINAL_CTID&ISID=MF0A2E9A9-D0D3-42EA-B3A9-6E672AE91B16&SearchSource=55&CUI=&UM=5&UP=SP62B4C81C-A397-4DBA-9B0E-F0095886A027&SSPV=
FF - prefs.js: keyword.URL - hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=394&systemid=406&v=a9396-115&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=2363152454084512&o=APN10645&q=
.
---- FIREFOX POLICIES ----
.
user_pref(extensions.autoDisableScopes,14);
FF - user.js: extensions.nspdlsd.aflt - spd_softdl4u_14_23_ch
FF - user.js: extensions.nspdlsd.instlRef - 142905_b
FF - user.js: extensions.nspdlsd.cr - 956281966
FF - user.js: extensions.nspdlsd.cd - 2XzuyEtN2Y1L1QzutDtDtBtB0F0BtAtBtDyCtA0C0EtC0C0EtN0D0Tzu0SzzzzyCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0AyEtA0D0AtByCtGyE0AtDyDtGzztA0DyDtGzytA0EzytGtDzy0F0Bzz0CyE0CyDzyyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0F0A0FyCzyyB0AtGtAtCyDzytGzytD0ByEtG0D0AzyzytGyBtAyD0Ezz0A0DtD0CyD0FtD2Q
.
============= SERVICES / DRIVERS ===============
.
R? A6200;NETGEAR A6200 WiFi Adapter Driver
R? AESTFilters;Andrea ST Filters Service
R? avast! Antivirus;avast! Antivirus
R? clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service
R? dldw_device;dldw_device
R? dldwCATSCustConnectService;dldwCATSCustConnectService
R? DockLoginService;Dock Login Service
R? FACAP;facap, FastAccess Video Capture
R? FAService;FAService
R? FontCache;Windows Font Cache Service
R? gupdate1c9b8aba8273bbc;Google Update Service (gupdate1c9b8aba8273bbc)
R? MBAMSwissArmy;MBAMSwissArmy
R? motccgp;Motorola USB Composite Device Driver
R? motccgpfl;MotCcgpFlService
R? motport;Motorola USB Diagnostic Port
R? MSSQLServerADHelper100;SQL Active Directory Helper Service
R? NWUSBPort2;Novatel Wireless USB Status2 Port Driver
R? PerfHost;Performance Counter DLL Host
R? PlsvcV2;PlsvcV2
R? spiceworks;spiceworks
R? SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS)
R? SWDUMon;SWDUMon
R? TeamViewer9;TeamViewer 9
R? Update webget;Update webget
R? USBAAPL64;Apple Mobile USB Driver
R? Util webget;Util webget
R? WNDA6200;NETGEAR A6200 Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? {55685567-4840-4a91-962b-49a412e9485a}Gt64;{55685567-4840-4a91-962b-49a412e9485a}Gt64
S? 70e6ca8c;Optimizer Pro Crash Monitor
S? aswHwid;avast! HardwareID
S? aswMonFlt;aswMonFlt
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? ctxusbm;Citrix USB Monitor Driver
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit
S? npf;NetGroup Packet Filter Driver
S? OA001Ufd;Creative Camera OA001 Upper Filter Driver
S? OA001Vid;Creative Camera OA001 Function Driver
S? RLDesignVirtualAudioCableWdm;Live! Cam Virtual
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2014-09-23 17:00:32 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-05 13:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-07-04 00:20:32 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2014-02-08 01:10:07 49940480 ----a-w- C:\Program Files (x86)\GUT4A27.tmp
.
============= FINISH: 19:44:43.38 ===============

broni · 2014/09/23

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.

If you're stuck, or you're not sure about certain step, always ask before doing anything else.

Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.

Never run more than one scan at a time.

Keep updating me regarding your computer behavior, good, or bad.

The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.

If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.

I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs

Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator

Otherwise just double-click on RogueKiller.exe

Pre-scan will start. Let it finish.

Click on SCAN button.

Wait until the Status box shows Scan Finished

Click on Delete.

Wait until the Status box shows Deleting Finished.

Click on Report and copy/paste the content of the Notepad into your next reply.

RKreport.txt could also be found on your desktop.

If more than one log is produced post all logs.

If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download [img=http://www.imgdumper.nl/uploads6/51a5f31352f71/51a5f31352b88-icon_MBAR.png]Malwarebytes Anti-Rootkit to your desktop.

Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.

Double click on downloaded file. OK self extracting prompt.

MBAR will start. Click "Next" to continue.

Click in the following screen "Update" to obtain the latest malware definitions.

Once the update is complete select "Next" and click "Scan ".

When the scan is finished and no malware has been found select "Exit ".

If malware was detected, make sure to check all the items and click "Cleanup ". Reboot your computer.

Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:

"mbar-log-{date} (xx-xx-xx).txt "

"system-log.txt "

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:

Internet Services

Windows Firewall

System Restore

Security Center/Action Center

Windows Update

Windows Defender

Other Services

Press "Scan ".

It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

virginia · 2014/09/24

Broni,

When I booted the computer this morning, I got a black screen recommending a "Startup Repair" which I did - but haven't noticed any change.

Below are the logs. Should note that I ran the Malwarebytes Anti-Root Kit without update as we still can't get on the internet. When I mouse over the internet icon on the Task Bar, I get this message "The dependency or service group failed to start ". When I right click on the icon and then left click on "Connect to a Network ", I get a message that Windows cannot find any networks.

RKReport

RogueKiller V9.2.12.0 [Sep 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User : Melanie [Admin rights]
Mode : Remove -- Date : 09/23/2014 20:56:03

¤¤¤ Bad processes : 1 ¤¤¤
[Suspicious.Path] rundll32.exe -- C:\Users\Melanie\AppData\Roaming\ipCommonInit\ipCommonInit.dll[-] -> UNLOADED

¤¤¤ Registry Entries : 8 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

¤¤¤ Scheduled tasks : 3 ¤¤¤
[Suspicious.Path] \\4880 -- wscript.exe (C:\Users\Melanie\AppData\Local\Temp\launchie.vbs //B) -> DELETED
[Suspicious.Path] \\Advanced System Protector_startup -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (autolaunch) -> DELETED
[Suspicious.Path] \\ArcadeFrontier -- C:\Users\Melanie\AppData\Local\ArcadeFrontier\veragent.exe -> DELETED

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 4aoyaso8.default : user_pref( "browser.startup.homepage ", "http://search.conduit.com/?gd=&ctid=CT3322520&octid=EB_ORIGINAL_CTID&ISID=MF0A2E9A9-D0D3-42EA-B3A9-6E672AE91B16&SearchSource=55&CUI=&UM=5&UP=SP62B4C81C-A397-4DBA-9B0E-F0095886A027&SSPV= "); -> NOT SELECTED

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 1394707c680c3b2b1e8e7a541c285b96
[BSP] 7d4755e7c820a24a8f2162a6ed0543bc : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 156 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 321536 | Size: 15360 MB
2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 31778816 | Size: 461422 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 0baddabba6caa0f1cd85a50b067eb07a
[BSP] 43df9bb776bcf7f829b75b21df21a6ba : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 30156 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

============================================
RKreport_SCN_09232014_205538.log

MBAntiRootKit

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/23/2014
Scan Time: 7:54:28 PM
Logfile: MBAM Log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Melanie

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 361580
Time Elapsed: 13 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 21
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods, Delete-on-Reboot, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods\Funmoods, Delete-on-Reboot, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods\Funmoods\us, Delete-on-Reboot, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.FunMoods.A, C:\Users\Melanie\AppData\LocalLow\Funmoods\Funmoods\us\20101003, Quarantined, [02472bd426542e087235a1e4ec1659a7],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, Delete-on-Reboot, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.13591, Quarantined, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, Quarantined, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates, Delete-on-Reboot, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\100oupdate, Quarantined, [fc4de51a1b5f74c24a1cc7bfbf4302fe],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jacob.Melanie-PC\AppData\Roaming\Systweak\Advanced System Protector, Delete-on-Reboot, [da6f53acf189ea4c7fe7bfc747bbec14],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jacob.Melanie-PC\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.13591, Quarantined, [da6f53acf189ea4c7fe7bfc747bbec14],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Melanie\AppData\Roaming\Systweak\Advanced System Protector, Delete-on-Reboot, [3c0db14e37434de97ee8f096f60ca957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Melanie\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.13591, Quarantined, [3c0db14e37434de97ee8f096f60ca957],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Melanie\AppData\Roaming\Systweak\Advanced System Protector\Logs, Quarantined, [3c0db14e37434de97ee8f096f60ca957],
PUP.Optional.OpenCandy, C:\Users\Melanie\AppData\Roaming\OpenCandy, Delete-on-Reboot, [ad9c758a0278bd790a81632350b28080],
PUP.Optional.OpenCandy, C:\Users\Melanie\AppData\Roaming\OpenCandy\49B3FE671879457197120447B4E2EF85, Quarantined, [ad9c758a0278bd790a81632350b28080],
PUP.Optional.RegCleanerPro.A, C:\Users\Melanie\AppData\Roaming\Systweak\RegClean Pro, Delete-on-Reboot, [0a3f3ec14f2b70c6f119ceb962a0f907],
PUP.Optional.RegCleanerPro.A, C:\Users\Melanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1, Quarantined, [0a3f3ec14f2b70c6f119ceb962a0f907],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, Quarantined, [2c1d1ce3364481b572c2d9afc042bf41],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Quarantined, [1a2ff30cd2a85dd9092c6523c83a2ed2],
PUP.Optional.ArcadeFrontier.A, C:\Users\Melanie\AppData\Local\ArcadeFrontier, Quarantined, [f55431cec4b689adc70b96f3837fb34d],

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

FARBAR

Farbar Service Scanner Version: 21-07-2014
Ran by Melanie (administrator) on 24-09-2014 at 07:52:35
Running from "C:\Users\Melanie\Desktop "
Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcsvc.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

broni · 2014/09/24

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.

Close any open browsers.

Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
If the connection is not there use restore point you created prior to running Combofix.

Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results ". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

Double-click on the Rkill desktop icon to run the tool.

If using Vista or Windows 7 right-click on it and choose Run As Administrator.

A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

If not, delete the file, then download and use the one provided in Link 2.

Do not reboot until instructed.

If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

virginia · 2014/09/25

Broni,

ComboFix wouldn't run the first time but it did after I renamed it. It took several hours to run and produce the log. Also, when I rebooted the computer, CheckDisk ran. I didn't notice it in time to stop it. I tried to access the network adapters using Device Manager but it wouldn't open. Got a dialog box "Can't open Device - MMC could not create the snap-in. The snap-in might not have been installed correctly. CLSID{74246BFC-4C96-11D0-ABEF-0020AF6B0B7A

Here is the log:

ComboFix 14-09-22.01 - Melanie 09/24/2014 20:15:49.1.2 - x64
Running from: c:\users\Melanie\Desktop\rob_bonner.exe.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\programdata\SPL1D4.tmp
c:\programdata\SPL478B.tmp
c:\programdata\SPL4CE6.tmp
c:\programdata\SPL6216.tmp
c:\programdata\SPL7CD9.tmp
c:\programdata\SPL803D.tmp
c:\programdata\SPL87DC.tmp
c:\programdata\SPL981A.tmp
c:\programdata\SPL9A99.tmp
c:\programdata\SPLB3BD.tmp
c:\programdata\SPLBEC.tmp
c:\programdata\SPLC4D5.tmp
c:\programdata\SPLC7FF.tmp
c:\programdata\SPLCA98.tmp
c:\programdata\SPLCB78.tmp
c:\programdata\SPLD105.tmp
c:\programdata\SPLE924.tmp
c:\programdata\SPLF5FE.tmp
c:\programdata\SPLF612.tmp
c:\users\Jacob.Melanie-PC\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Melanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\webget_iels
c:\users\Melanie\AppData\Local\Torch\User Data\Default\Preferences
c:\users\Melanie\AppData\Roaming\Install.dat
c:\users\Melanie\AppData\Roaming\ipCommonInit\ipCommonInit.dll
c:\users\Melanie\AppData\Roaming\Microsoft\Windows\Recent\http--www.epa.gov-osw-education-quest-pdfs-sections-u2_chap4.pdf.url
c:\users\Melanie\AppData\Roaming\Microsoft\Windows\Recent\WP_20131228_007.jpg140 KB.url
c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\searchplugins\trovi-search.xml
c:\users\Melanie\Documents\~WRL0005.tmp
c:\users\Melanie\Documents\~WRL1577.tmp
c:\windows\Fonts\browab.ttf
c:\windows\Fonts\browaub.ttf
c:\windows\Fonts\CALIBRIZ.TTF
c:\windows\Fonts\CAMBRIAZ.TTF
c:\windows\Fonts\moolbor.ttf
c:\windows\Fonts\REFSPCL.TTF
c:\windows\Fonts\upcei.ttf
c:\windows\Fonts\upcel.ttf
c:\windows\Fonts\verdanai.ttf
c:\windows\system32\FAPassSync.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Files Created from 2014-08-25 to 2014-09-25 )))))))))))))))))))))))))))))))
.
.
2014-09-25 01:10 . 2014-09-25 01:10 -------- d-----w- c:\users\Jacob.Melanie-PC\AppData\Local\temp
2014-09-25 01:10 . 2014-09-25 01:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-25 01:10 . 2014-09-25 01:10 -------- d-----w- c:\users\Drew\AppData\Local\temp
2014-09-25 01:10 . 2014-09-25 01:10 -------- d-----w- c:\users\Drew.Melanie-PC\AppData\Local\temp
2014-09-24 11:44 . 2014-09-24 23:52 -------- d-----w- c:\users\Melanie\AppData\Local\CrashDumps
2014-09-24 01:13 . 2014-09-24 03:44 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-09-24 00:49 . 2014-09-24 00:49 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-24 00:49 . 2014-09-24 00:49 -------- d-----w- c:\programdata\RogueKiller
2014-09-23 18:40 . 2014-09-23 18:40 -------- d-----w- C:\found.003
2014-09-23 14:13 . 2014-09-24 01:13 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-23 14:12 . 2014-09-24 01:11 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-23 14:12 . 2014-09-23 23:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-09-23 14:12 . 2014-09-23 14:12 -------- d-----w- c:\programdata\Malwarebytes
2014-09-23 14:12 . 2014-05-12 11:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-23 14:12 . 2014-05-12 11:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-23 14:01 . 2006-11-03 03:04 1919968 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2014-09-23 14:01 . 2013-03-07 20:14 1974576 ----a-w- c:\windows\system32\drivers\BCMWLHIGH664.SYS
2014-09-23 14:01 . 2013-03-07 20:13 96560 ----a-w- c:\windows\system32\bcmwlcoi.dll
2014-09-23 14:01 . 2013-03-07 18:06 3659264 ----a-w- c:\windows\system32\bcmihvui64.dll
2014-09-23 14:01 . 2013-03-07 18:06 4395008 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2014-09-23 14:01 . 2014-09-23 14:01 -------- d-----w- c:\program files (x86)\NETGEAR
2014-09-23 14:00 . 2014-09-23 14:00 -------- d-----w- c:\programdata\NETGEAR
2014-08-30 20:41 . 2014-08-30 20:41 -------- d-----w- C:\found.002
2014-08-30 18:33 . 2010-01-21 08:10 644608 ------w- c:\windows\system32\stapi64.dll
2014-08-30 15:08 . 2014-09-23 14:52 -------- d-----w- c:\programdata\Search Protection
2014-08-30 15:08 . 2014-08-30 15:08 -------- d-----w- c:\users\Melanie\AppData\Local\adawarebp
2014-08-30 15:08 . 2014-08-30 17:26 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2014-08-30 15:08 . 2014-08-30 15:08 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2014-08-30 15:06 . 2014-08-30 15:06 -------- d-----w- c:\program files (x86)\Lavasoft
2014-08-30 15:02 . 2014-08-30 15:02 -------- d-----w- c:\programdata\Lavasoft
2014-08-30 14:55 . 2014-08-21 15:24 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0E62E372-F591-442B-8273-DD3F92CBBEA8}\mpengine.dll
2014-08-28 23:39 . 2014-08-30 14:54 -------- d-----w- c:\programdata\EuxttraiSSHopeper
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-24 15:38 . 2008-01-21 02:50 157696 ----a-w- c:\windows\SysWow64\verifier.dll
2014-09-24 15:33 . 2008-01-21 02:49 111616 ----a-w- c:\windows\SysWow64\activeds.tlb
2014-09-24 15:28 . 2009-12-06 22:12 143360 ----a-w- c:\windows\system32\wbem\WmiApRpl.dll
2014-09-24 15:24 . 2006-11-02 08:44 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-08-30 17:25 . 2011-03-28 22:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-05 13:20 . 2010-09-12 13:11 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-08-01 21:08 . 2014-08-01 21:08 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-07-31 21:16 . 2014-07-31 21:16 650936 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-07-04 00:20 . 2014-07-04 00:20 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-02-08 01:10 . 2014-02-08 01:10 49940480 ----a-w- c:\program files (x86)\GUT4A27.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2014-07-25 13:44 116248 ----a-w- c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c} "= "c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll" [2014-07-25 116248]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"ehTray.exe "= "c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"EA Core "= "c:\program files (x86)\Electronic Arts\EADM\Core.exe" [2008-07-21 2752512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe "= "c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-28 3890208]
"SunJavaUpdateSched "= "c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"StartCCC "= "c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Redirector "= "c:\program files (x86)\Citrix\ICA Client\redirector.exe" [2013-06-14 153992]
"QuickTime Task "= "c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"PDVDDXSrv "= "c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-07-29 128296]
"Microsoft Default Manager "= "c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"GrooveMonitor "= "c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"FATrayAlert "= "c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2008-09-05 95488]
"Dell V505 "= "c:\program files (x86)\Dell V505\fm3032.exe" [2008-10-02 312560]
"ConnectionCenter "= "c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2013-06-14 395656]
"Adobe Reader Speed Launcher "= "c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41056]
"Adobe ARM "= "c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Ad-Aware Browsing Protection "= "c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-09-27 559696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin "= 5 (0x5)
"ConsentPromptBehaviorUser "= 3 (0x3)
"EnableUIADesktopToggle "= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs "=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=" "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@= "Driver "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@= "Driver "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@= "Service "
.
R3 A6200;NETGEAR A6200 WiFi Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S2 70e6ca8c;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_3e0eef5b\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_3e0eef5b\AESTSr64.exe [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-02 02:07 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-23 00:41]
.
2014-04-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-09 13:32]
.
2014-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf492ce448e187.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-04-09 00:39]
.
2014-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf2dcca88328e0.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-04-09 00:39]
.
2014-06-19 c:\windows\Tasks\PowerInbox Updater.job
- c:\program files (x86)\PowerInbox\PowerInbox\UpdateClient.exe [2014-02-04 23:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2014-07-25 13:44 132264 ----a-w- c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c} "= "c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll" [2014-07-25 132264]
.
[HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@= "{472083B0-C522-11CF-8763-00608CC02F24} "
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-06 21:12 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-06-05 21:46 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-06-05 21:46 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-06-05 21:46 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-06-05 21:46 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@= "{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} "
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-06-05 21:46 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WPCUMI "= "c:\windows\system32\WpcUmi.exe" [2006-11-02 182784]
"SysTrayApp "= "c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"LanuchApp "= "c:\program files (x86)\NETGEAR\A6200\LanuchApp.exe" [2012-07-11 15136]
"GENIE "= "c:\program files (x86)\NETGEAR\A6200\A6200.exe" [2013-02-18 348888]
"dldwamon "= "c:\program files (x86)\Dell V505\dldwamon.exe" [2008-10-02 16624]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://speedial.com/?f=1&a=spd_softdl4u_14_23_ch&cd=2XzuyEtN2Y1L1QzutDtDtBtB0F0BtAtBtDyCtA0C0EtC0C0EtN0D0Tzu0SzzzzyCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0AyEtA0D0AtByCtGyE0AtDyDtGzztA0DyDtGzytA0EzytGtDzy0F0Bzz0CyE0CyDzyyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0F0A0FyCzyyB0AtGtAtCyDzytGzytD0ByEtG0D0AzyzytGyBtAyD0Ezz0A0DtD0CyD0FtD2Q&cr=956281966&ir=
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?gd=&ctid=CT3322520&octid=EB_ORIGINAL_CTID&ISID=MF0A2E9A9-D0D3-42EA-B3A9-6E672AE91B16&SearchSource=55&CUI=&UM=5&UP=SP62B4C81C-A397-4DBA-9B0E-F0095886A027&SSPV=
FF - prefs.js: keyword.URL - hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=394&systemid=406&v=a9396-115&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=2363152454084512&o=APN10645&q=
user_pref(extensions.autoDisableScopes,14);
FF - user.js: extensions.nspdlsd.aflt - spd_softdl4u_14_23_ch
FF - user.js: extensions.nspdlsd.instlRef - 142905_b
FF - user.js: extensions.nspdlsd.cr - 956281966
FF - user.js: extensions.nspdlsd.cd - 2XzuyEtN2Y1L1QzutDtDtBtB0F0BtAtBtDyCtA0C0EtC0C0EtN0D0Tzu0SzzzzyCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0AyEtA0D0AtByCtGyE0AtDyDtGzztA0DyDtGzytA0EzytGtDzy0F0Bzz0CyE0CyDzyyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0F0A0FyCzyyB0AtGtAtCyDzytGzytD0ByEtG0D0AzyzytGyBtAyD0Ezz0A0DtD0CyD0FtD2Q
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-ipCommonInit - c:\users\Melanie\AppData\Roaming\ipCommonInit\ipCommonInit.dll
Wow6432Node-HKLM-Run-FAStartup - (no file)
Wow6432Node-HKLM-Run-SelectRebates - c:\program files (x86)\SelectRebates\SelectRebates.exe
Wow6432Node-HKLM-Run-CitrixReceiver - c:\programdata\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - H.EXE
HKLM-Run-dldwmon.exe - .EXE
HKLM-Run-Dell DataSafe Online - E.EXE
AddRemove-{7BCAC0EB-3993-2416-0531-848C39DF8B65} - c:\programdata\EuxttraiSSHopeper\UVim.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]
"ImagePath "= "\ "c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\ "c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL "
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-218266781-4151974111-564667469-1003\Software\SecuROM\License information*]
"datasecu "=hex:eb,93,fe,4d,46,b6,73,f5,9c,c0,1d,c0,fe,e8,7f,b8,11,40,f5,3b,08,
58,15,8d,61,fb,42,b3,c6,5d,f6,b5,09,c5,76,a7,f3,60,5f,8f,49,90,c2,e3,3f,4f,\
"rkeysecu "=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@= "c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker5 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Shockwave Flash Object "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@= "0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@= "ShockwaveFlash.ShockwaveFlash.12 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "ShockwaveFlash.ShockwaveFlash "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Macromedia Flash Factory Object "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@= "FlashFactory.FlashFactory.1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "FlashFactory.FlashFactory "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker5 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@= "Shockwave Flash "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=" "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@= "FlashBroker "
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue "=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Dell\DellDock\DockLogin.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
c:\program files (x86)\webget\updatewebget.exe
c:\program files (x86)\webget\bin\utilwebget.exe
c:\program files (x86)\NETGEAR\A6200\WifiService.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
c:\program files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
c:\program files (x86)\Citrix\Receiver\Receiver.exe
c:\program files (x86)\Dell V505\dldwMsdMon.exe
c:\program files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
c:\program files (x86)\Citrix\ICA Client\wfcrun32.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\PureLeads\PureLeads.Service.exe
.
**************************************************************************
.
Completion time: 2014-09-25 03:06:31 - machine was rebooted
ComboFix-quarantined-files.txt 2014-09-25 02:26
.
Pre-Run: 347,532,288,000 bytes free
Post-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
.
- - End Of File - - 5C5FE4BB084A4CD25EFD00CC0BB26C2B
5C616939100B85E558DA92B899A0FC36

broni · 2014/09/25

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.

Double click on adwcleaner.exe to run the tool.

Click on Scan button.

When the scan has finished click on Clean button.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the contents of that logfile with your next reply.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator ".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.

Press Scan button.

It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

virginia · 2014/09/26

Broni,

The logs are pasted in below. The computer seems to be much more responsive now. However, still can't access the internet and the pop up dialog boxes that I mentioned in the first post are still there. I'm able to close them all out much faster now but they are still there.

AdWareCleaner

# AdwCleaner v3.310 - Report created 25/09/2014 at 19:59:48
# Updated 12/09/2014 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Melanie - MELANIE-PC
# Running from : C:\Users\Melanie\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : 70e6ca8c
[#] Service Deleted : Update webget
[#] Service Deleted : Util webget
[#] Service Deleted : {55685567-4840-4a91-962b-49a412e9485a}Gt64

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\Ask
[!] Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\BitGuard
[!] Folder Deleted : C:\ProgramData\blekko toolbars
[!] Folder Deleted : C:\ProgramData\Browser Manager
[!] Folder Deleted : C:\ProgramData\BrowserProtect
[!] Folder Deleted : C:\ProgramData\FileCure
[!] Folder Deleted : C:\ProgramData\Search Protection
[!] Folder Deleted : C:\ProgramData\Systweak
[!] Folder Deleted : C:\ProgramData\Tarma Installer
[!] Folder Deleted : C:\ProgramData\EuxttraiSSHopeper
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[!] Folder Deleted : C:\Program Files (x86)\Advanced System Protector
[!] Folder Deleted : C:\Program Files (x86)\ConduitEngine
[!] Folder Deleted : C:\Program Files (x86)\Optimizer Pro
[!] Folder Deleted : C:\Program Files (x86)\RegClean Pro
[!] Folder Deleted : C:\Program Files (x86)\SearchProtect
[!] Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
[!] Folder Deleted : C:\Program Files (x86)\webget
[!] Folder Deleted : C:\Program Files\003
[!] Folder Deleted : C:\Users\Drew\AppData\LocalLow\Conduit
[!] Folder Deleted : C:\Users\Drew\AppData\LocalLow\ConduitEngine
[!] Folder Deleted : C:\Users\Drew\AppData\LocalLow\FunWebProducts
[!] Folder Deleted : C:\Users\Drew\AppData\LocalLow\IncrediMail_MediaBar_2
[!] Folder Deleted : C:\Users\Drew\AppData\LocalLow\MyWebSearch
[!] Folder Deleted : C:\Users\Drew\AppData\LocalLow\PriceGong
[!] Folder Deleted : C:\Users\Drew.Melanie-PC\AppData\Local\blekkotb_031
[!] Folder Deleted : C:\Users\Drew.Melanie-PC\AppData\LocalLow\DataMngr
[!] Folder Deleted : C:\Users\Drew.Melanie-PC\AppData\LocalLow\FunWebProducts
[!] Folder Deleted : C:\Users\Drew.Melanie-PC\AppData\LocalLow\MyWebSearch
[!] Folder Deleted : C:\Users\Jacob\AppData\LocalLow\MyWebSearch
[!] Folder Deleted : C:\Users\Jacob\AppData\LocalLow\PriceGong
[!] Folder Deleted : C:\Users\Jacob.Melanie-PC\AppData\Local\blekkotb_031
[!] Folder Deleted : C:\Users\Jacob.Melanie-PC\AppData\LocalLow\DataMngr
[!] Folder Deleted : C:\Users\Jacob.Melanie-PC\AppData\LocalLow\FunWebProducts
[!] Folder Deleted : C:\Users\Jacob.Melanie-PC\AppData\LocalLow\MyWebSearch
[!] Folder Deleted : C:\Users\Jacob.Melanie-PC\AppData\Roaming\Systweak
[!] Folder Deleted : C:\Users\Melanie\AppData\Local\blekkotb_031
[!] Folder Deleted : C:\Users\Melanie\AppData\Local\Conduit
[!] Folder Deleted : C:\Users\Melanie\AppData\Local\ParetoLogic
[!] Folder Deleted : C:\Users\Melanie\AppData\Local\SearchProtect
[!] Folder Deleted : C:\Users\Melanie\AppData\Local\torch
[!] Folder Deleted : C:\Users\Melanie\AppData\LocalLow\adawaretb
[!] Folder Deleted : C:\Users\Melanie\AppData\LocalLow\Conduit
[!] Folder Deleted : C:\Users\Melanie\AppData\LocalLow\ConduitEngine
[!] Folder Deleted : C:\Users\Melanie\AppData\LocalLow\DataMngr
[!] Folder Deleted : C:\Users\Melanie\AppData\LocalLow\PriceGong
[!] Folder Deleted : C:\Users\Melanie\AppData\Roaming\Babylon
[!] Folder Deleted : C:\Users\Melanie\AppData\Roaming\FileAssociationManager
[!] Folder Deleted : C:\Users\Melanie\AppData\Roaming\Optimizer Pro
[!] Folder Deleted : C:\Users\Melanie\AppData\Roaming\Systweak
[!] Folder Deleted : C:\Users\Drew.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\6e76b6gn.default\adawaretb
[!] Folder Deleted : C:\Users\Jacob.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\clramxqi.default\adawaretb
[!] Folder Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\adawaretb
[!] Folder Deleted : C:\Users\Drew.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\6e76b6gn.default\Extensions\staged\{fa95f577-07cb-4470-ac90-e843f5f83c52}
[!] Folder Deleted : C:\Users\Jacob.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\clramxqi.default\Extensions\staged\{fa95f577-07cb-4470-ac90-e843f5f83c52}
[!] Folder Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\Extensions\staged\{fa95f577-07cb-4470-ac90-e843f5f83c52}
[!] Folder Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\t5q0fniv.default-1377728630782\Extensions\staged\{fa95f577-07cb-4470-ac90-e843f5f83c52}
[!] Folder Deleted : C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
File Deleted : C:\Windows\System32\sasnative64.exe
File Deleted : C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt64.sys
File Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\searchplugins\Ask.xml
File Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Drew.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\6e76b6gn.default\searchplugins\Speedial.xml
File Deleted : C:\Users\Jacob.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\clramxqi.default\searchplugins\Speedial.xml
File Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\searchplugins\Speedial.xml
File Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\t5q0fniv.default-1377728630782\searchplugins\Speedial.xml
File Deleted : C:\Users\Drew.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\6e76b6gn.default\searchplugins\web-search.xml
File Deleted : C:\Users\Drew.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\6e76b6gn.default\user.js
File Deleted : C:\Users\Jacob.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\clramxqi.default\user.js
File Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\user.js
File Deleted : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\t5q0fniv.default-1377728630782\user.js
File Deleted : C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchApp
Task Deleted : RegClean Pro
Task Deleted : RegClean Pro_DEFAULT
Task Deleted : RegClean Pro_UPDATES

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Classes\ExxtraShhopppEar.ExxtraShhopppEar
Key Deleted : HKLM\SOFTWARE\Classes\ExxtraShhopppEar.ExxtraShhopppEar.1.7
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3C7264D-6FB6-8CF9-9B97-82B4477270F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3C7264D-6FB6-8CF9-9B97-82B4477270F3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F3C7264D-6FB6-8CF9-9B97-82B4477270F3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\webget
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\alot
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\suprasavings
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\adawaretb
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Fun Web Products
Key Deleted : HKLM\SOFTWARE\FunWebProducts
Key Deleted : HKLM\SOFTWARE\MyWebSearch
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\webget
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BCAC0EB-3993-2416-0531-848C39DF8B65}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Giant Savings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean-Pro_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Speedial
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7BCAC0EB-3993-2416-0531-848C39DF8B65}
Key Deleted : [x64] HKLM\SOFTWARE\suprasavings
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

-\\ Mozilla Firefox v22.0 (en-US)

[ File : C:\Users\Drew.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\6e76b6gn.default\prefs.js ]

Line Deleted : user_pref( "extensions.sahtb.searchEngineNameCurrent ", "Web Search ");
Line Deleted : user_pref( "extensions.sahtb.searchEngineNameSAH ", "Web Search ");
Line Deleted : user_pref( "extensions.sahtb.url.prefs.data ", "<ToolbarPrefs>\r\n <XMLVersion Number=\ "{bdd09e8b-8dee-478c-9f4e-0db5e30597cc}\" />\r\n <AnalyticsURL URL=\ "hxxp://www.google-analytics.com/__utm.gif?utmw[...]
Line Deleted : user_pref( "keyword.URL ", "hxxp://websearch.shopathome.com?user_id={8eb1b097-2ac8-4591-ae04-cce322a1ea56}&q= ");

[ File : C:\Users\Jacob.Melanie-PC\AppData\Roaming\Mozilla\Firefox\Profiles\clramxqi.default\prefs.js ]

[ File : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\prefs.js ]

Line Deleted : user_pref( "browser.search.defaultenginename ", "Ask.com ");
Line Deleted : user_pref( "browser.search.order.1 ", "Ask.com ");
Line Deleted : user_pref( "browser.search.selectedEngine ", "Trovi search ");
Line Deleted : user_pref( "browser.startup.homepage ", "hxxp://search.conduit.com/?gd=&ctid=CT3322520&octid=EB_ORIGINAL_CTID&ISID=MF0A2E9A9-D0D3-42EA-B3A9-6E672AE91B16&SearchSource=55&CUI=&UM=5&UP=SP62B4C81C-A397-4DBA[...]
Line Deleted : user_pref( "keyword.URL ", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=394&systemid=406&v=a9396-115&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=2363152454084512&o=APN10645&q= ");
Line Deleted : user_pref( "browser.newtab.url ", "hxxp://www.trovi.com/?gd=&ctid=CT3320050&octid=EB_ORIGINAL_CTID&ISID=M1C71144A-F0B0-475F-987C-720E0B65505D&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP62B4C81C-A397-4DB[...]

[ File : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\t5q0fniv.default-1377728630782\prefs.js ]

-\\ Google Chrome v35.0.1916.153

*************************

AdwCleaner[R0].txt - [24478 octets] - [25/09/2014 19:57:37]
AdwCleaner[S0].txt - [21262 octets] - [25/09/2014 19:59:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21323 octets] ##########

Junkware Removal

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.0 (09.22.2014:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Melanie on Fri 09/26/2014 at 6:37:46.21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update webget
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webget
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BC0FFB9E-19A5-4407-82EC-BB355B672FC1}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Melanie\appdata\local\adawarebp "
Successfully deleted: [Folder] "C:\Program Files (x86)\bucksbee loyalty plugin - 100815 "
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin "

~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\Melanie\AppData\Roaming\mozilla\firefox\profiles\4aoyaso8.default\extensions\hoyocpsnaf@hoyocpsnaf.org.xpi [Tracur]
Successfully deleted: [Folder] C:\Users\Melanie\AppData\Roaming\mozilla\firefox\profiles\4aoyaso8.default\extensions\staged
Successfully deleted: [Folder] C:\Users\Melanie\AppData\Roaming\mozilla\firefox\profiles\4aoyaso8.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}

~~~ Chrome

Dumping contents of C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagedhdjdigdgcdcdhdgdgdfdjdfdfge
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagegfdedfdgdedjdfdjdedidegedhgb
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagedhdjdigdgcdcdhdgdgdfdjdfdfge\background.js
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagedhdjdigdgcdcdhdgdgdfdjdfdfge\ContentScript.js
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagedhdjdigdgcdcdhdgdgdfdjdfdfge\manifest.json
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagegfdedfdgdedjdfdjdedidegedhgb\background.html
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagegfdedfdgdedjdfdjdedidegedhgb\ContentScript.js
C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default\aagegfdedfdgdedjdfdjdedidegedhgb\manifest.json

Successfully deleted: [Folder] C:\Users\Melanie\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/26/2014 at 6:42:20.90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

virginia · 2014/09/26

Here is the FarBar FRST log. Addition coming.

FarBarFRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
Ran by Melanie (administrator) on MELANIE-PC on 26-09-2014 07:00:01
Running from C:\Users\Melanie\Desktop
Loaded Profile: Melanie (Available profiles: Melanie & Jacob & Drew)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3e0eef5b\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3e0eef5b\AESTSr64.exe
( ) C:\Windows\System32\dldwcoms.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(NETGEAR,Inc.) C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Electronic Arts) C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
() C:\Program Files (x86)\Dell V505\dldwmsdmon.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(sendori) C:\Program Files (x86)\PureLeads\PureLeads.Service.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [182784 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => H.EXE
HKLM\...\Run: [LanuchApp] => C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe [15136 2012-07-11] ()
HKLM\...\Run: [GENIE] => C:\Program Files (x86)\NETGEAR\A6200\A6200.exe [348888 2013-02-18] (NETGEAR,Inc.)
HKLM\...\Run: [dldwmon.exe] => .EXE "
HKLM\...\Run: [dldwamon] => C:\Program Files (x86)\Dell V505\dldwamon.exe [16624 2008-10-02] ()
HKLM\...\Run: [Dell DataSafe Online] => E.EXE" /M
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-28] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-07-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95488 2008-09-05] (Sensible Vision )
HKLM-x32\...\Run: [Dell V505] => C:\Program Files (x86)\Dell V505\fm3032.exe [312560 2008-10-02] ()
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [FAStartup] => [X]
HKU\S-1-5-21-218266781-4151974111-564667469-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-218266781-4151974111-564667469-1003\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2752512 2008-07-21] (Electronic Arts)
HKU\S-1-5-21-218266781-4151974111-564667469-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-218266781-4151974111-564667469-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Drew.Melanie-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Jacob.Melanie-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-218266781-4151974111-564667469-1009\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-218266781-4151974111-564667469-1008\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_soft...tGyBtAyD0Ezz0A0DtD0CyD0FtD2Q&cr=956281966&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_soft...tGyBtAyD0Ezz0A0DtD0CyD0FtD2Q&cr=956281966&ir=
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {E15A4E0E-A14D-4A68-86D5-21AFD928C2D4} URL = http://www.verizon.net/central/vzc.portal?_nfpb=true&_pageLabel=google_results&rs=&web_search_type=basic&sc=web&channel=Cbrwsr&clientid=Cnsmr&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: PowerInbox -> {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} -> C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO64.dll (PowerInbox Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: FAIESSOHelper Class -> {A2F122DA-055F-4df7-8F24-7354DBDBA85B} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PowerInbox -> {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} -> C:\Program Files (x86)\PowerInbox\PowerInbox\PowerInboxBHO.dll (PowerInbox Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn3.phh.com/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)
FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Simon BÃ¼nzli)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF Plugin-x32: @soe.sony.com/installer,version=1.0.3 -> C:\Program Files (x86)\Sony Online Entertainment\npsoe.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Melanie\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Simon BÃ¼nzli)
FF Extension: ArcadeFrontier - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\Extensions\{1a68cbde-3e4c-4fae-bf49-af5ab9868e53} [2014-04-05]
FF Extension: New tab - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\Extensions\{41B95867-9E43-5627-B90B-31E1FD82AD26}(437) [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-10]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-12-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-07]
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\extensions\hoyocpsnaf@hoyocpsnaf.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\extensions\nosquint@urandom.ca.xpi [Not Found]
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\extensions\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} [Not Found]
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\extensions\{4E2E7F2A-C103-C918-2526-5F0A9A69C325} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\McAfee\SiteAdvisor [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-15]
CHR Extension: (Google Drive) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-04]
CHR Extension: (YouTube) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-15]
CHR Extension: (Google Search) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-15]
CHR Extension: (Productivity Owl) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoagmdboiealblmpaahjlhajggndaahi [2014-07-02]
CHR Extension: (avast! Online Security) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-07]
CHR Extension: (LiveHive Extension) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkgjlgfgcbmbdphpekbienchiehfmmhf [2014-08-28]
CHR Extension: (Google Wallet) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-15]
CHR Extension: (Gmail) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3e0eef5b\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] () [File not signed]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2009-04-08] (Creative Labs) [File not signed]
S2 dldwCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\dldwserv.exe [34032 2008-05-16] ()
R2 dldw_device; C:\Windows\system32\dldwcoms.exe [1041136 2008-05-16] ( )
R2 dldw_device; C:\Windows\SysWOW64\dldwcoms.exe [595184 2008-05-16] ( )
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
S2 FontCache; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S2 FontCache; C:\Windows\SysWOW64\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S2 gupdate1c9b8aba8273bbc; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-04-08] (Google Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8918 2011-05-15] () [File not signed]
R2 PlsvcV2; C:\Program Files (x86)\PureLeads\PureLeads.Service.exe [24352 2014-01-23] (sendori)
S2 seclogon; C:\Windows\system32\seclogon.dll [0 2008-01-20] () [File not signed]
S3 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [46912 2013-02-04] (Spiceworks, Inc.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_3e0eef5b\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
R2 WNDA6200; C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe [29984 2012-09-24] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [1974576 2013-03-07] (Broadcom Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-05-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-17] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-05-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
S1 Beep; No ImagePath
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [29184 2007-06-20] (Motorola)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [22016 2008-01-20] () [File not signed]
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [213120 2008-05-09] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [213120 2008-05-09] (Novatel Wireless Inc.)
S3 NWUSBPort2; C:\Windows\System32\DRIVERS\nwusbser2.sys [213120 2008-05-09] (Novatel Wireless Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 RLDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\livecamv.sys [49664 2007-02-05] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15672 2014-02-19] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-09-23] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
S3 catchme; \??\C:\rob_bonner.exe\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "
U3 tunmp; system32\DRIVERS\tunmp.sys
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 07:00 - 2014-09-26 07:00 - 00027885 _____ () C:\Users\Melanie\Desktop\FRST.txt
2014-09-26 06:59 - 2014-09-26 07:00 - 00000000 ____D () C:\FRST
2014-09-26 06:59 - 2014-09-26 06:55 - 02108928 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-09-26 06:58 - 2014-09-26 06:58 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\EncryptStick
2014-09-26 06:42 - 2014-09-26 06:42 - 00002948 _____ () C:\Users\Melanie\Desktop\JRT.txt
2014-09-26 06:37 - 2014-09-26 06:37 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 20:09 - 2014-09-25 19:53 - 01024790 _____ (Thisisu) C:\Users\Melanie\Desktop\JRT.exe
2014-09-25 19:57 - 2014-09-25 20:01 - 00000000 ____D () C:\AdwCleaner
2014-09-25 19:56 - 2014-09-25 19:52 - 01373475 _____ () C:\Users\Melanie\Desktop\adwcleaner_3.310.exe
2014-09-25 03:31 - 2014-09-25 03:31 - 00000000 __SHD () C:\found.004
2014-09-25 03:06 - 2014-09-25 03:06 - 00024292 _____ () C:\ComboFix.txt
2014-09-24 19:58 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-24 19:58 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-24 19:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-24 19:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-24 19:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-24 19:58 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-24 19:58 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-24 19:58 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-24 19:39 - 2014-09-25 03:06 - 00000000 ____D () C:\Qoobox
2014-09-24 19:35 - 2014-09-24 21:48 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 19:29 - 2014-09-24 19:29 - 00001537 _____ () C:\Users\Melanie\Desktop\Windows Explorer.lnk
2014-09-24 07:52 - 2014-09-24 07:53 - 00003042 _____ () C:\Users\Melanie\Desktop\FSS.txt
2014-09-24 07:44 - 2014-09-25 20:07 - 00000000 ____D () C:\Users\Melanie\AppData\Local\CrashDumps
2014-09-24 07:40 - 2014-09-24 07:40 - 00269832 _____ () C:\Windows\Minidump\Mini092414-01.dmp
2014-09-23 21:11 - 2014-09-23 23:44 - 00000000 ____D () C:\Users\Melanie\Desktop\mbar
2014-09-23 20:49 - 2014-09-23 20:49 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-23 20:37 - 2014-09-24 07:55 - 00000000 ____D () C:\Users\Melanie\Desktop\CleanupTools
2014-09-23 14:40 - 2014-09-23 14:40 - 00000000 ____D () C:\found.003
2014-09-23 13:55 - 2014-09-23 13:56 - 00275232 _____ () C:\Windows\Minidump\Mini092314-01.dmp
2014-09-23 10:13 - 2014-09-23 21:13 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 10:12 - 2014-09-23 21:11 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-23 10:12 - 2014-09-23 19:51 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-23 10:12 - 2014-09-23 19:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-23 10:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-23 10:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-23 10:11 - 2014-09-23 10:11 - 00001537 _____ () C:\Users\Melanie\Documents\Windows Explorer.lnk
2014-09-23 10:01 - 2014-09-23 10:01 - 00011140 _____ () C:\Users\Melanie\AppData\Local\dd_vcredistUI60A6.txt
2014-09-23 10:01 - 2014-09-23 10:01 - 00001796 _____ () C:\Users\Melanie\AppData\Local\dd_vcredistMSI60A6.txt
2014-09-23 10:01 - 2014-09-23 10:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01005.Wdf
2014-09-23 10:01 - 2014-09-23 10:01 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2014-09-23 10:01 - 2013-03-07 16:14 - 01974576 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWLHIGH664.SYS
2014-09-23 10:01 - 2013-03-07 16:13 - 00096560 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2014-09-23 10:01 - 2013-03-07 14:06 - 04395008 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2014-09-23 10:01 - 2013-03-07 14:06 - 03659264 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2014-09-23 10:01 - 2006-11-02 23:04 - 01919968 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01005.dll
2014-08-31 16:07 - 2014-09-23 10:54 - 00000732 _____ () C:\Users\Melanie\AppData\Local\d3d9caps64.dat
2014-08-30 16:41 - 2014-08-30 16:41 - 00000000 ____D () C:\found.002
2014-08-30 14:33 - 2010-01-21 04:10 - 00644608 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2014-08-30 11:06 - 2014-08-30 11:06 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-08-28 19:35 - 2014-08-28 19:35 - 00000999 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 01:49 - 2009-03-31 01:39 - 01505455 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 20:13 - 2006-11-02 08:46 - 00009082 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-25 20:06 - 2014-06-09 05:58 - 00011552 _____ () C:\Windows\PFRO.log
2014-09-25 20:06 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 20:03 - 2006-11-02 11:42 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-24 21:43 - 2006-11-02 08:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-24 21:15 - 2006-11-02 08:33 - 55836672 _____ () C:\Windows\system32\config\components.bak
2014-09-24 21:15 - 2006-11-02 08:33 - 31195136 _____ () C:\Windows\system32\config\system.bak
2014-09-24 21:15 - 2006-11-02 08:33 - 133431296 _____ () C:\Windows\system32\config\software.bak
2014-09-24 21:15 - 2006-11-02 08:33 - 04456448 _____ () C:\Windows\system32\config\default.bak
2014-09-24 21:15 - 2006-11-02 08:33 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-09-24 21:15 - 2006-11-02 08:33 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-09-24 21:07 - 2013-04-05 14:49 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\ipCommonInit
2014-09-24 19:02 - 2006-11-02 11:21 - 00367328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 11:38 - 2008-01-20 22:50 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\verifier.dll
2014-09-24 11:35 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-24 11:33 - 2008-01-20 22:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.tlb
2014-09-24 11:24 - 2006-11-02 04:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-24 07:40 - 2014-07-02 16:30 - 253386244 _____ () C:\Windows\MEMORY.DMP
2014-09-24 07:40 - 2011-08-03 19:07 - 00000000 ____D () C:\Windows\Minidump
2014-09-23 12:30 - 2014-06-04 16:36 - 00002202 _____ () C:\Windows\setupact.log
2014-09-23 10:52 - 2013-03-25 12:20 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\ShopAtHome
2014-09-23 10:01 - 2009-04-07 19:48 - 00000000 ____D () C:\Users\Melanie
2014-09-23 10:01 - 2009-03-31 06:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-23 09:33 - 2014-07-30 20:20 - 00000000 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-08-30 13:56 - 2014-08-03 16:09 - 00000552 _____ () C:\Windows\system32\spsys.log
2014-08-30 13:23 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-30 13:23 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-30 10:54 - 2014-08-03 13:51 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-30 10:30 - 2014-04-07 19:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

Files to move or delete:
====================
C:\Users\Melanie\CREATIVE-LABS_SOUND-BLASTER-_A00_R213242.exe

Some content of TEMP:
====================
C:\Users\Melanie\AppData\Local\Temp\EAD52E0.exe
C:\Users\Melanie\AppData\Local\Temp\nshCA33.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\Quarantine.exe
C:\Users\Melanie\AppData\Local\Temp\SPSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-25 20:12

==================== End Of Log ============================

virginia · 2014/09/26

First Part of FarBar Addition Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2014
Ran by Melanie at 2014-09-26 07:01:22
Running from C:\Users\Melanie\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{F0E881D1-3487-82B2-1B85-583D79FBD4B4}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Danish (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Dutch (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Finnish (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization French (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization German (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Italian (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Japanese (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Korean (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Norwegian (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Portuguese (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Russian (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Spanish (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Catalyst Control Center Localization Swedish (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Danish (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Dutch (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help English (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Finnish (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help French (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help German (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Italian (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Japanese (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Korean (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Russian (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Spanish (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
CCC Help Swedish (x32 Version: 2008.0703.2235.38526 - ATI) Hidden
ccc-core-static (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
ccc-utility64 (Version: 2008.0703.2236.38526 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Citrix Authentication Manager (x32 Version: 5.0.0.60597 - Citrix Systems, Inc.) Hidden
Citrix Online Launcher (HKLM-x32\...\{3318B54A-B5A8-49B1-8016-753DC6CAC63B}) (Version: 1.0.110 - Citrix)
Citrix Receiver (HDX Flash Redirection) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.0.0.91 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.4.0.45902 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 4.0.0.45893 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
Complete Care Consumer Service Agreement (HKLM-x32\...\{28DFA10C-2588-4CF2-9275-E0EFF1E9BB0C}) (Version: 2.0.0 - Dell Inc.)
Cortona3D Viewer (HKLM-x32\...\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}) (Version: 6.0.179 - ParallelGraphics)
Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.00 - )
Creative Media Toolbox 6 (Shared Components) (HKLM-x32\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 12.0.1.0 - Synaptics)
Dell V505 (HKLM\...\Dell V505) (Version: - Dell, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
EA Download Manager (HKLM-x32\...\{EF7E931D-DC84-471B-8DB6-A83358095474}) (Version: - )
FastAccess (HKLM\...\{60D7B7D1-16A5-4168-9F46-AE956B0C5046}) (Version: 2.2.13.1 - Sensible Vision)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GoToMeeting 5.4.0.1082 (HKCU\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
hp officejet v series (HKLM-x32\...\{48FCCE4F-9D37-41BA-92C1-17BF5CFAA347}) (Version: 1.00.0000 - Hewlett-Packard)
HP Photo Printing Software (HKLM-x32\...\HP Photo Printing Software) (Version: - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6267.0 - IDT)
Integrated Webcam Driver (1.05.02.1227) (HKLM\...\Creative OA001) (Version: 1.05.02.1227 - Creative Technology Ltd.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
Line Rider 2 (HKLM-x32\...\LineRider2) (Version: - )
LiveAction Client 2.63 (HKLM-x32\...\7129-7318-7633-3109) (Version: 2.63 - ActionPacked! Networks)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (HKLM-x32\...\{5BDFAB82-060E-438B-AB4F-A2331B2294C0}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Communicator 2007 (HKLM-x32\...\{E5BA0430-919F-46DD-B656-0796F8A5ADFF}) (Version: 2.0.6362.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{48B08845-0CB0-45EC-893C-15319ADDA312}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft UI Engine (x32 Version: 6.3.2380.0 - Microsoft Corporation) Hidden
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Web Developer 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 3.0 (HKLM\...\{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}) (Version: 3.0.5 - Microsoft Corporation)
Mobile Broadband Generic Drivers (HKLM-x32\...\{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}) (Version: 2.02.07.002.14 - Novatel Wireless)
Mozilla Firefox 22.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 en-US)) (Version: 22.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 5.5 (HKLM\...\{B5A55A7F-73D6-4D36-85F8-9850635D6895}) (Version: 5.5.12 - Oracle Corporation)
NETGEAR A6200 Genie (HKLM-x32\...\{48E61F3E-61D4-42A3-9D29-D0CF40838779}) (Version: 26.0.0.0 - NETGEAR)
Nmap 5.61-Spiceworks (HKLM-x32\...\Spiceworks-Nmap) (Version: - )
Online Plug-in (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
PDFlite 0.8 (HKLM-x32\...\PDFlite) (Version: 0.8 - Amnis Technology Ltd)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.1 - Dell)
PowerInbox (HKLM-x32\...\{1B178766-9F0A-4321-A007-673042682E0A}) (Version: 1.14.0.0 - PowerInbox)
PureLeads (HKLM-x32\...\PureLeads) (Version: 2.0.17 - PureLeads)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.13 - Dell Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - Amnis Technology Ltd)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Self-service Plug-in (x32 Version: 4.0.0.40674 - Citrix Systems, Inc.) Hidden
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (HKLM-x32\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skins (x32 Version: 2008.0703.2236.38526 - ATI) Hidden
Spiceworks (HKLM-x32\...\Spiceworks) (Version: 6.2.00829 - Spiceworks, Inc.)
SPOREâ„¢ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
SQL Server 2008 R2 SP1 Common Files (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Services (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Shared (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Management Studio (x32 Version: 10.51.2500.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.VISIOR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-0054-0409-0000-0000000FF1CE}_Office14.VISIOR_{51EBE89D-6C1B-4D57-8FEC-87B45DE0F39C}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version: - Microsoft)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
WinPcap 4.1.2-Spiceworks (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

virginia · 2014/09/26

FarBarAddition - Last Part

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-218266781-4151974111-564667469-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1082\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-218266781-4151974111-564667469-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-218266781-4151974111-564667469-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-218266781-4151974111-564667469-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-218266781-4151974111-564667469-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-08-2014 15:49:23 Windows Update
28-08-2014 23:37:07 Windows Update
28-08-2014 23:43:22 Windows Update
30-08-2014 14:51:21 Removed SpyHunter
30-08-2014 15:02:42 AA11
24-09-2014 01:02:51 BroniHelp
24-09-2014 03:42:00 Malwarebytes Anti-Rootkit Restore Point
25-09-2014 02:23:26 Scheduled Checkpoint
26-09-2014 01:10:26 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 08:34 - 2014-09-24 21:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0CE9156D-DDD8-4F09-81B3-8664FD755802} - System32\Tasks\WOT W2 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {297C35F2-96CC-4252-ACD3-489F65D645DC} - System32\Tasks\WOT WWED1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {3606C67E-42F0-4A3B-9B4A-237941E6AF5C} - System32\Tasks\PowerInbox Updater => C:\Program Files (x86)\PowerInbox\PowerInbox\UpdateClient.exe [2014-02-04] (PowerInbox)
Task: {45B3326F-49F8-422E-98F7-DD9C037BA31B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {465CCBDA-19FF-4F13-894B-7A40220F7ABD} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag
Task: {73ED0AFA-9954-49B1-B3A2-F78FDED7F0BA} - System32\Tasks\GoogleUpdateTaskMachineCore1cf492ce448e187 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-04-08] (Google Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {7EFF24D8-33A9-461D-A712-420DD46B0529} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {8F10CBCB-8B1F-4B03-8614-BD9BCB173519} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {983E81EC-1EA5-4ECB-A81B-79577E37DB45} - System32\Tasks\WOT W1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {ACABD8B3-4627-4BEB-B504-B0BF797AE81D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {AF8FE543-4905-4D8F-B0C1-8BCD6D6DFC2E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {B1070C91-2407-4962-9DC0-A23AFB104DE3} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Dell V505\dldwamon.exe [2008-10-02] ()
Task: {BA7BD5BD-1B7F-4651-A8BA-7E303ACACAF1} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25] (Google)
Task: {BDBC923C-E274-4094-840B-A124021DD590} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
Task: {C149914B-95FE-4C5A-8CF3-C9C04561CA5F} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Melanie => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {D0972F23-AF17-4EF1-9E6B-C0F541D5EAA4} - System32\Tasks\WOT WTHUR1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {E13D5CA0-5CBF-44AD-940B-161285B853C8} - System32\Tasks\WOT WTUE1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {E8DE61C9-C5FD-4B9D-9087-9AE201C4D075} - System32\Tasks\WOT WMON1 => Iexplore.exe http://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {EC3F1D03-65BD-469E-B8FA-DF99A42228CA} - System32\Tasks\GoogleUpdateTaskMachineUA1cf2dcca88328e0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-04-08] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf492ce448e187.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf2dcca88328e0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PowerInbox Updater.job => C:\Program Files (x86)\PowerInbox\PowerInbox\UpdateClient.exe

==================== Loaded Modules (whitelisted) =============

2009-11-04 18:45 - 2008-07-17 06:01 - 00045568 _____ () C:\Windows\System32\DLDWPMON.DLL
2009-11-04 18:45 - 2008-01-28 07:38 - 00057344 _____ () C:\Windows\System32\DLDWOEM.DLL
2009-11-04 18:45 - 2008-07-17 05:49 - 00081408 _____ () C:\Program Files (x86)\Dell V505\ipcmt64.dll
2012-07-08 20:31 - 2005-03-11 20:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-11-04 18:50 - 2008-05-09 08:56 - 00147456 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dldwdrpp.dll
2011-04-11 14:37 - 2011-04-11 14:37 - 09632256 _____ () C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
2014-09-23 10:01 - 2012-09-24 17:28 - 00029984 _____ () C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
2009-11-04 18:44 - 2008-10-02 14:42 - 00025840 _____ () C:\Program Files (x86)\Dell V505\dldwMsdMon.exe
2014-09-23 10:01 - 2013-02-18 16:13 - 00106496 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWlanController.dll
2014-09-23 10:01 - 2013-03-26 17:00 - 00018944 _____ () C:\Program Files (x86)\NETGEAR\A6200\GWPSController.dll
2009-11-04 18:44 - 2008-05-27 03:36 - 00028672 _____ () C:\Program Files (x86)\Dell V505\App4R.Monitor.Common.dll
2009-11-04 18:44 - 2008-05-27 03:36 - 00036864 _____ () C:\Program Files (x86)\Dell V505\App4R.Monitor.Core.dll
2009-11-04 18:44 - 2008-05-27 03:35 - 00065536 _____ () C:\Program Files (x86)\Dell V505\app4r.devmons.mcmdevmon.dll
2009-11-04 18:44 - 2008-03-25 04:53 - 00012288 _____ () C:\Program Files (x86)\Dell V505\app4r.devmons.mcmdevmon.autoplayutil.dll
2010-03-18 14:27 - 2010-03-18 14:27 - 00000000 _____ () C:\Windows\system32\MSVCR100_CLR0400.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Melanie\Downloads\Cinema - Skrillex.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Melanie\Downloads\KYOTO (FT. SIRAH) - SKRILLEX.mp3:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => " "=" "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => " "=" "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => " "= "Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => " "= "service "

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-218266781-4151974111-564667469-500 -> Administrator - Disabled - Status: Degraded)
Drew (S-1-5-21-218266781-4151974111-564667469-1009 -> Limited - Enabled - Status: OK) => C:\Users\Drew.Melanie-PC
Guest (S-1-5-21-218266781-4151974111-564667469-501 -> Limited - Disabled - Status: Degraded)
Jacob (S-1-5-21-218266781-4151974111-564667469-1008 -> Limited - Enabled - Status: OK) => C:\Users\Jacob.Melanie-PC
Melanie (S-1-5-21-218266781-4151974111-564667469-1003 -> Administrator - Enabled - Status: OK) => C:\Users\Melanie

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft 6to4 Adapter #2
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft 6to4 Adapter #3
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver ", which starts the Hardware Update wizard.

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #6
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #8
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #9
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #11
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #12
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #13
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #14
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #14
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #15
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.{6D97E1C7-6F0E-4E93-B0F0-CE8FD8080B9E}
Description: Microsoft ISATAP Adapter
Class Guid:
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{6CFEEC2C-C47A-4BFC-AAAD-2D672F948E13}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{839842B4-661D-4A9B-8940-AC80E1BCE0C2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall ", and then click "Scan for hardware changes" to load a usable driver.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall ", and then click "Scan for hardware changes" to load a usable driver.

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action ", and then click "Enable Device ". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft eHome Infrared Transceiver
Description: Microsoft eHome Infrared Transceiver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidIr
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (09/26/2014 06:54:18 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Network Location Awareness3221226008 (0xC0000218)

Error: (09/26/2014 06:54:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%1062

Error: (09/26/2014 06:54:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%0

Error: (09/26/2014 06:54:10 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Network Location Awareness3221226008 (0xC0000218)

Error: (09/26/2014 06:54:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%1062

Error: (09/26/2014 06:54:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%0

Microsoft Office Sessions:
=========================
Error: (04/07/2013 02:14:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 242 seconds with 180 seconds of active time. This session ended with a crash.

Error: (12/11/2011 11:59:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13129 seconds with 9300 seconds of active time. This session ended with a crash.

Error: (07/10/2011 04:40:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 782 seconds with 180 seconds of active time. This session ended with a crash.

Error: (05/22/2011 09:00:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3887 seconds with 3540 seconds of active time. This session ended with a crash.

Error: (04/10/2011 00:25:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16316 seconds with 180 seconds of active time. This session ended with a crash.

Error: (10/31/2010 10:46:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 707 seconds with 120 seconds of active time. This session ended with a crash.

Error: (07/08/2010 06:40:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1286 seconds with 540 seconds of active time. This session ended with a crash.

Error: (07/08/2010 06:18:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 43805 seconds with 6360 seconds of active time. This session ended with a crash.

Error: (06/20/2010 09:17:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 35 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/20/2010 09:16:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19868 seconds with 300 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2014-09-26 07:01:10.593
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:10.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:09.813
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:09.423
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:08.284
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:08.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:07.520
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:07.146
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-24 21:07:15.036
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\rob_bonner.exe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-24 21:07:14.786
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\rob_bonner.exe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 36%
Total physical RAM: 4089.95 MB
Available physical RAM: 2611.49 MB
Total Pagefile: 8397.17 MB
Available Pagefile: 6659.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:450.61 GB) (Free:318.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:6.96 GB) NTFS
Drive f: () (Removable) (Total:29.44 GB) (Free:28.38 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 78000000)
Partition 1: (Not Active) - (Size=157 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=450.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 29.5 GB) (Disk ID: CA483E00)
Partition 1: (Not Active) - (Size=29.4 GB) - (Type=0C)

==================== End Of Log ============================

broni · 2014/09/26

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

virginia · 2014/09/26

Broni,

Here is the Fixlog. I have noticed some slowness in some operations such as moving all these tools and logs back and forth using a flash drive. Sometimes when I click on a file to move it, I get the spinning ball for 20 or 30 seconds before it finishes the action.

Fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-09-2014
Ran by Melanie at 2014-09-26 20:07:02 Run:1
Running from C:\Users\Melanie\Desktop
Loaded Profile: Melanie (Available profiles: Melanie & Jacob & Drew)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [FAStartup] => [X]
GroupPolicyUsers\S-1-5-21-218266781-4151974111-564667469-1009\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-218266781-4151974111-564667469-1008\User: Group Policy restriction detected <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_softd...=956281966&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_softd...=956281966&ir=
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\hoyocpsnaf@hoyocpsnaf.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\nosquint@urandom.ca.xpi [Not Found]
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} [Not Found]
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\{4E2E7F2A-C103-C918-2526-5F0A9A69C325} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\McAfee\SiteAdvisor [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S1 Beep; No ImagePath
S3 catchme; \??\C:\rob_bonner.exe\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]
C:\Users\Melanie\CREATIVE-LABS_SOUND-BLASTER-_A00_R213242.exe
C:\Users\Melanie\AppData\Local\Temp\EAD52E0.exe
C:\Users\Melanie\AppData\Local\Temp\nshCA33.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\Quarantine.exe
C:\Users\Melanie\AppData\Local\Temp\SPSetup.exe
Task: {8F10CBCB-8B1F-4B03-8614-BD9BCB173519} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Melanie\Downloads\Cinema - Skrillex.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Melanie\Downloads\KYOTO (FT. SIRAH) - SKRILLEX.mp3:TOC.WMV

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\FAStartup => value deleted successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-218266781-4151974111-564667469-1009\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-218266781-4151974111-564667469-1008\User => Moved successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
"HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica; charset=euc-jp" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica; charset=ISO-8859-1" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS936" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS949" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS950" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF-8" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF8" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica;charset=euc-jp" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica;charset=ISO-8859-1" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS936" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS949" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS950" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF-8" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF8" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
"HKCR\PROTOCOLS\Filter\ica" => Key deleted successfully.
"HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}" => Key not found.
C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\hoyocpsnaf@hoyocpsnaf.org.xpi not found.
C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\nosquint@urandom.ca.xpi not found.
C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} not found.
C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\4aoyaso8.default\ extensions\{4E2E7F2A-C103-C918-2526-5F0A9A69C325} not found.
C:\Program Files (x86)\McAfee\SiteAdvisor not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
Beep => Service deleted successfully.
catchme => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
USBAAPL64 => Service deleted successfully.
C:\Users\Melanie\CREATIVE-LABS_SOUND-BLASTER-_A00_R213242.exe => Moved successfully.
C:\Users\Melanie\AppData\Local\Temp\EAD52E0.exe => Moved successfully.
C:\Users\Melanie\AppData\Local\Temp\nshCA33.tmp.exe => Moved successfully.
C:\Users\Melanie\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Melanie\AppData\Local\Temp\SPSetup.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F10CBCB-8B1F-4B03-8614-BD9BCB173519}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F10CBCB-8B1F-4B03-8614-BD9BCB173519}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
C:\Users\Melanie\Downloads\Cinema - Skrillex.mp3 => ":TOC.WMV" ADS removed successfully.
C:\Users\Melanie\Downloads\KYOTO (FT. SIRAH) - SKRILLEX.mp3 => ":TOC.WMV" ADS removed successfully.

The system needed a reboot.

==== End of Fixlog ====

broni · 2014/09/26

OK. At this point your computer should be fairly clean so let's investigate connection issue little bit more.

Re-run FSS (Farbar Service Scanner) one more time and post fresh log.
You ran the tool before so you should have it on your Desktop.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark following boxes:

Flush DNS

Report IE Proxy Settings

Report FF Proxy Settings

List content of Hosts

List IP configuration

List Winsock Entries

List last 10 Event Viewer log

List Devices (do NOT change any settings)

List Restore Points

Click Go and post the result.

virginia · 2014/09/26

Here are the logs:

FSS2

Farbar Service Scanner Version: 21-07-2014
Ran by Melanie (administrator) on 26-09-2014 at 22:00:25
Running from "C:\Users\Melanie\Desktop "
Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcsvc.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

MiniToolBoxResult

MiniToolBox by Farbar Version: 21-07-2014
Ran by Melanie (administrator) on 26-09-2014 at 22:12:58
Running from "C:\Users\Melanie\Desktop "
Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom NetLink (TM) Gigabit Ethernet = Local Area Connection (Media disconnected)
Intel(R) WiFi Link 5100 = Wireless Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Melanie-PC
Primary Dns Suffix . . . . . . . : Melanie-pc.com
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Melanie-pc.com

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) WiFi Link 5100
Physical Address. . . . . . . . . : 00-22-FB-32-06-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-22-19-E5-58-2F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
50 ...00 22 fb 32 06 3c ...... Intel(R) WiFi Link 5100
10 ...00 22 19 e5 58 2f ...... Broadcom NetLink (TM) Gigabit Ethernet
1 ........................... Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/26/2014 10:09:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1 ".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/26/2014 08:44:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1 ".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/26/2014 08:40:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1 ".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/26/2014 08:23:21 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (09/26/2014 08:23:21 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (09/26/2014 08:19:16 PM) (Source: PlsvcV2) (User: )
Description: on service startOperation is not valid due to the current state of the object.

Error: (09/26/2014 08:19:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1 ".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/26/2014 08:18:43 PM) (Source: Application Error) (User: )
Description: Faulting application fm3032.exe, version 2.164.0.0, time stamp 0x487f232a, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e00, exception code 0xc000007b, fault offset 0x0006f52f,
process id 0xf24, application start time 0xfm3032.exe0.

Error: (09/26/2014 08:17:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1 ".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/26/2014 08:17:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1 ".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

System errors:
=============
Error: (09/26/2014 09:31:34 PM) (Source: Service Control Manager) (User: )
Description: DHCP Client%%5

Error: (09/26/2014 09:31:34 PM) (Source: Service Control Manager) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%0

Error: (09/26/2014 09:31:26 PM) (Source: Service Control Manager) (User: )
Description: DHCP Client%%5

Error: (09/26/2014 09:31:26 PM) (Source: Service Control Manager) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%0

Error: (09/26/2014 09:31:26 PM) (Source: Service Control Manager) (User: )
Description: DHCP Client%%5

Error: (09/26/2014 09:31:26 PM) (Source: Service Control Manager) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%0

Error: (09/26/2014 09:31:26 PM) (Source: Service Control Manager) (User: )
Description: DHCP Client%%5

Error: (09/26/2014 09:31:26 PM) (Source: Service Control Manager) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%0

Error: (09/26/2014 09:31:13 PM) (Source: Service Control Manager) (User: )
Description: DHCP Client%%5

Error: (09/26/2014 09:31:13 PM) (Source: Service Control Manager) (User: )
Description: WinHTTP Web Proxy Auto-Discovery ServiceDHCP Client%%0

Microsoft Office Sessions:
=========================
Error: (04/07/2013 02:14:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 242 seconds with 180 seconds of active time. This session ended with a crash.

Error: (12/11/2011 11:59:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13129 seconds with 9300 seconds of active time. This session ended with a crash.

Error: (07/10/2011 04:40:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 782 seconds with 180 seconds of active time. This session ended with a crash.

Error: (05/22/2011 09:00:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3887 seconds with 3540 seconds of active time. This session ended with a crash.

Error: (04/10/2011 00:25:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16316 seconds with 180 seconds of active time. This session ended with a crash.

Error: (10/31/2010 10:46:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 707 seconds with 120 seconds of active time. This session ended with a crash.

Error: (07/08/2010 06:40:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1286 seconds with 540 seconds of active time. This session ended with a crash.

Error: (07/08/2010 06:18:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 43805 seconds with 6360 seconds of active time. This session ended with a crash.

Error: (06/20/2010 09:17:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 35 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/20/2010 09:16:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19868 seconds with 300 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2014-09-26 07:01:10.593
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:10.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:09.813
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:09.423
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:08.284
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:08.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:07.520
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-26 07:01:07.146
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-24 21:07:15.036
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\rob_bonner.exe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-24 21:07:14.786
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\rob_bonner.exe\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

========================= Devices: ================================

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft 6to4 Adapter #2
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft 6to4 Adapter #3
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver ", which starts the Hardware Update wizard.

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #6
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #8
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #9
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #11
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #12
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #13
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #14
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #14
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft ISATAP Adapter #15
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.{6D97E1C7-6F0E-4E93-B0F0-CE8FD8080B9E}
Description: Microsoft ISATAP Adapter
Class Guid:
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{0CD7EE51-ABFE-4917-BD8D-2A24CA140E68}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{FD18450D-EDD7-4ED3-B76B-712E4A3E6A10}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{6CFEEC2C-C47A-4BFC-AAAD-2D672F948E13}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{839842B4-661D-4A9B-8940-AC80E1BCE0C2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall ", and then click "Scan for hardware changes" to load a usable driver.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall ", and then click "Scan for hardware changes" to load a usable driver.

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action ", and then click "Enable Device ". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft eHome Infrared Transceiver
Description: Microsoft eHome Infrared Transceiver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidIr
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

========================= Restore Points ==================================

03-08-2014 15:49:23 Windows Update
28-08-2014 23:37:07 Windows Update
28-08-2014 23:43:22 Windows Update
30-08-2014 14:51:21 Removed SpyHunter
30-08-2014 15:02:42 AA11
24-09-2014 01:02:51 BroniHelp
24-09-2014 03:42:00 Malwarebytes Anti-Rootkit Restore Point
25-09-2014 02:23:26 Scheduled Checkpoint
26-09-2014 01:10:26 Scheduled Checkpoint
26-09-2014 14:08:01 Scheduled Checkpoint

**** End of log ****

broni · 2014/09/26

Let's try simple tool first...

Please download comintrep.zip and save it to your desktop[/*]

Unzip downloaded file. It'll create cintrepair folder. Inside that folder you'll find CIntRep.exe file[/*]

Double click on CIntRep.exe to run the tool[/*]

Place a checkmark next to the following entries:[/*]

Reset Internet Protocol (TCP/IP)[/*]

Repair Winsock (Reset Catalog)[/*]

Renew Internet Connections[/*]

Flush DNS Resolver Cache[/*]

Repair Internet Explorer xxxx[/*]

Clear Windows Update History[/*]

Repair Windows / Automatic Updates[/*]

Repair SSL / HTTPS / Cryptography[/*]

Reset Windows Firewall Configuration[/*]

Restore the default hosts file[/*]

Repair Workgroup Computers view[/*]

Click Go![/*]

Ignore any error messages for now[/*]

Click OK to reboot your computer[/*]

Check your internet access[/*]

virginia · 2014/09/27

Broni,

I ran the Internet Repair Tool but still no networks found. When I mouse over the icon next to the clock, I get a pop up box that says "Connection status unknown. The dependency group failed to start ".

I did get a dialog box that said Windows Firewall has blocked EA and I had the option to unblock but I didn't. I Googled EA and it appears that it is integral to some games that appear to be on this computer. Don't know if this is significant.

I should note that upon reboot the computer ran Check Disk again.

broni · 2014/09/27

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator ".
NOTE 2. Disable your antivirus program before running Windows Repair.

Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

Once the above is done go to Step 4 and allow it to run System File Check by clicking on Do It button:

Go to Step 5 and under "System Restore" click on Create button:

Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

virginia · 2014/09/28

Ran the Windows Repair and it produced two logs that were titled "Windows Repair Log" which are posted below. I think I may have inadvertently stopped it and then it restarted - not sure. Also, I have never been able to "disable" Avast. I cant' get the control paned to open to disable it.

Still no internet access and when I right click on the internet icon by the clock in the tray I get a message that "Windows cannot find any networks ". Also, I still cannot access the Device Manager - get a message "MMC could not create the snap in ".

Windows Repair Log 1

Tweaking.com - Windows Repair v2.9.1
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows Vista (TM) Home Premium
OS Architecture: 64-bit
OS Version: 6.0.6002
OS Service Pack: Service Pack 2
Computer Name: MELANIE-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile:
Current Profile SID: S-1-5-21-218266781-4151974111-564667469-1003
Current Profile Classes: S-1-5-21-218266781-4151974111-564667469-1003_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Melanie\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:07:32

Process Count: 74
Commit Total: 1.73 GB
Commit Limit: 8.16 GB
Commit Peak: 1.90 GB
Handle Count: 17362
Kernel Total: 556.86 MB
Kernel Paged: 485.59 MB
Kernel Non Paged: 71.27 MB
System Cache: 2.13 GB
Thread Count: 722
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.99 GB
Memory Used: 1.52 GB(38.0805%)
Memory Avail.: 2.47 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.99 GB
Memory Used: 1.33 GB(33.2781%)
Memory Avail.: 2.66 GB
--------------------------------------------------------------------------------

Starting Repairs...
Started at (9/28/2014 9:53:28 AM)

Repairs stopped. The current repair, if running, will still go until finished.

Repairs Stopped By User.
Done at (9/28/2014 9:53:28 AM)
Total Repair Time: 00:00:02

Windows Repair Log 2

Tweaking.com - Windows Repair v2.9.1
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows Vista (TM) Home Premium
OS Architecture: 64-bit
OS Version: 6.0.6002
OS Service Pack: Service Pack 2
Computer Name: MELANIE-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile:
Current Profile SID: S-1-5-21-218266781-4151974111-564667469-1003
Current Profile Classes: S-1-5-21-218266781-4151974111-564667469-1003_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Melanie\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:07:49

Process Count: 74
Commit Total: 1.72 GB
Commit Limit: 8.16 GB
Commit Peak: 1.90 GB
Handle Count: 17367
Kernel Total: 556.76 MB
Kernel Paged: 486.34 MB
Kernel Non Paged: 70.43 MB
System Cache: 1.80 GB
Thread Count: 718
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.99 GB
Memory Used: 1.34 GB(33.4645%)
Memory Avail.: 2.66 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.99 GB
Memory Used: 1.32 GB(33.0087%)
Memory Avail.: 2.68 GB
--------------------------------------------------------------------------------

Starting Repairs...
Started at (9/28/2014 9:53:46 AM)

01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (9/28/2014 9:53:50 AM)
Running Repair Under Current User Account
Done (9/28/2014 9:54:26 AM)

01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (9/28/2014 9:54:26 AM)
Running Repair Under System Account
Done (9/28/2014 10:16:47 AM)

01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (9/28/2014 10:16:47 AM)
Running Repair Under System Account
Done (9/28/2014 10:25:02 AM)

03 - Reset Service Permissions
Start (9/28/2014 10:25:03 AM)
Running Repair Under System Account
Done (9/28/2014 10:26:25 AM)

04 - Register System Files
Start (9/28/2014 10:26:26 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:27:27 AM)

05 - Repair WMI
Start (9/28/2014 10:27:27 AM)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
No Antivirus Products Reported.

Exporting AntiSpyware Info...
Windows Defender Exported.

Exporting 3rd Party Firewall Info...
No Firewall Products Reported.

Running Repair Under Current User Account
Done (9/28/2014 10:39:18 AM)

06 - Repair Windows Firewall
Start (9/28/2014 10:39:18 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:39:54 AM)

07 - Repair Internet Explorer
Start (9/28/2014 10:39:54 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:40:53 AM)

08 - Repair MDAC/MS Jet
Start (9/28/2014 10:40:53 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:41:18 AM)

09 - Repair Hosts File
Start (9/28/2014 10:41:18 AM)
Running Repair Under System Account
Done (9/28/2014 10:41:20 AM)

10 - Remove Policies Set By Infections
Start (9/28/2014 10:41:20 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:41:24 AM)

11 - Repair Start Menu Icons Removed By Infections
Start (9/28/2014 10:41:24 AM)
Running Repair Under System Account
Done (9/28/2014 10:41:27 AM)

12 - Repair Icons
Start (9/28/2014 10:41:27 AM)
Running Repair Under Current User Account
Done (9/28/2014 10:41:29 AM)

13 - Repair Winsock & DNS Cache
Start (9/28/2014 10:41:29 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:41:41 AM)

15 - Repair Proxy Settings
Start (9/28/2014 10:41:41 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:41:44 AM)

17 - Repair Windows Updates
Start (9/28/2014 10:41:44 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (9/28/2014 10:42:37 AM)

18 - Repair CD/DVD Missing/Not Working
Start (9/28/2014 10:42:37 AM)
iTunes not found, not applying UpperFilters iTunes Reg Key
Done (9/28/2014 10:42:37 AM)

19 - Repair Volume Shadow Copy Service
Start (9/28/2014 10:42:37 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:18 AM)

21 - Repair MSI (Windows Installer)
Start (9/28/2014 10:43:18 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:31 AM)

23.01 - Repair bat Association
Start (9/28/2014 10:43:31 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:34 AM)

23.02 - Repair cmd Association
Start (9/28/2014 10:43:34 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:38 AM)

23.03 - Repair com Association
Start (9/28/2014 10:43:38 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:41 AM)

23.04 - Repair Directory Association
Start (9/28/2014 10:43:41 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:45 AM)

23.05 - Repair Drive Association
Start (9/28/2014 10:43:45 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:48 AM)

23.06 - Repair exe Association
Start (9/28/2014 10:43:48 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:51 AM)

23.07 - Repair Folder Association
Start (9/28/2014 10:43:51 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:55 AM)

23.08 - Repair inf Association
Start (9/28/2014 10:43:55 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:43:58 AM)

23.09 - Repair lnk (Shortcuts) Association
Start (9/28/2014 10:43:58 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:44:01 AM)

23.10 - Repair msc Association
Start (9/28/2014 10:44:01 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:44:05 AM)

23.11 - Repair reg Association
Start (9/28/2014 10:44:05 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:44:08 AM)

23.12 - Repair scr Association
Start (9/28/2014 10:44:08 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:44:12 AM)

24 - Repair Windows Safe Mode
Start (9/28/2014 10:44:12 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:44:15 AM)

25 - Repair Print Spooler
Start (9/28/2014 10:44:15 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:44:31 AM)

26 - Restore Important Windows Services
Start (9/28/2014 10:44:32 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:44:40 AM)

27 - Set Windows Services To Default Startup
Start (9/28/2014 10:44:40 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:45:04 AM)

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.0

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.0

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.0

31 - Repair Windows 'New' Submenu
Start (9/28/2014 10:45:04 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/28/2014 10:45:08 AM)

Cleaning up empty logs...

All Selected Repairs Done.
Done at (9/28/2014 10:45:08 AM)
Total Repair Time: 00:51:24

...YOU MUST RESTART YOUR SYSTEM...

broni · 2014/09/28

Are you trying to use wireless or wired connection?
Do you see any errors in Control Panel?

virginia · 2014/09/28

I am using a wireless connection. In the apartment complex where we live, wireless is our only option. At one point when I started working with the laptop, I could see the available wireless connections. Now when I click "Connect to a wireless network ", I get a message that Windows cannot find any networks. I have a Cisco media bridge that I could dig out and see if I can connect it to the wireless network and then connect the problem laptop via Ethernet if you think it would help.

When you ask about errors in the Control Panel, do you mean icons that would indicate a problem with the yellow triangle. If so, there is one icon like that - Problem Reports and Solutions. When I open it, I see a list of problems that pretty well correspond to the pop up dialog boxes that I see on boot up.

Net Runtime Optimization Service (15 instances)
Catalyst Control Center:Host Application (32 instances)
Clash of Clans Game Downloader (1)
COM Surrogate (1)
FAXMAN Server (16)
Google Chrome (1)
grep.3XE (9)
gsar.3XE (1)
iexplore.exe (18)
Internet Explorer (18)
LineRider2.bbz (1)
Origin (1)
QuickSet (1)
Windows (1)
Windows Defender Command (17)
Windows Media Center Store Update Manager (5)
WSearch (1)

Most of the reasons for the problems were "Stopped Working ".

Log in or Sign up

Inactive Slow Laptop - No Internet Connection - Suspect Malware

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

virginia Geek Member Thread Starter

virginia Geek Member Thread Starter

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

Attached Files:

fixlist.txt

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

Share This Page

Log in or Sign up

Inactive Slow Laptop - No Internet Connection - Suspect Malware

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

virginia Geek Member Thread Starter

virginia Geek Member Thread Starter

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

Attached Files:

fixlist.txt

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

broni Moderator Malware Analyst

virginia Geek Member Thread Starter

Share This Page

Useful Searches