Bigalo
2015-01-05, 02:32
This computer runs slowly intermittingly. In addition, it appears that the printer (HP 1320) isn't working properly, which makes me feel that some type of malware is affecting the printer. When we try to print, intended printed pages may or may not print proplerly. Instead of printing correctly, it will print uninterpreted data across either the top or bottom of the page. I've uninstalled the printer, and reinstalled it, which also makes me believe that it is malware. I've reinstalled via the disk and by downloading the drivers from HP. Please help.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Daddy (administrator) on ALEXANDRIA-PC on 04-01-2015 19:00:42
Running from C:\Users\Daddy\Desktop
Loaded Profile: Daddy (Available profiles: Alexandria & Daddy & Mommy & Kiwi & Pam)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros) C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\acs.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
() C:\Program Files (x86)\D-Link\DWA-182 revA\ANIWConnService.exe
(Dell Inc.) C:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Primax Electronics Ltd.) C:\Windows\System32\pmxmiced.exe
(D-Link) C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\wirelesscm.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6453760 2008-07-17] (Realtek Semiconductor)
HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [91648 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [Skytel] => Skytel.exe
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-09-01] (Research In Motion Limited)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe [854704 2014-09-25] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\wirelesscm.exe (D-Link)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4081211
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4081211
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.earthlink.net/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {65A95FBF-F5AC-44fa-8112-5C493C4DE412} URL = http://eimg.net/sw/toolbar/4/2/rd601.html?area=earthlink-ws-altsearchbox&channel=elnkdsearch&q={searchTerms}
SearchScopes: HKLM-x32 -> {65A95FBF-F5AC-44fa-8112-5C493C4DE412} URL = http://eimg.net/sw/toolbar/4/2/rd601.html?area=earthlink-ws-altsearchbox&channel=elnkdsearch&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {00C4652F-C583-4174-B878-DB42E4CD2EE9} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US105D20140710&p={SearchTerms}
SearchScopes: HKU\.DEFAULT -> {00C4652F-C583-4174-B878-DB42E4CD2EE9} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US105D20140710&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> {65A95FBF-F5AC-44fa-8112-5C493C4DE412} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: vShare Plugin -> {043C5167-00BB-4324-AF7E-62013FAEDACF} -> C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: ElnkPubBHO Class -> {512ACF1B-64D9-4928-B382-A80556F28DB4} -> C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\ElnkPub.dll (EarthLink, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: ElnkProtectionBHO Class -> {9579D574-D4D8-4335-9560-FE8641A013BD} -> C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\ProtctIE.dll (EarthLink, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files (x86)\Dell\BAE\BAE.dll (Dell Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ElnkLegacyUninstBHO Class -> {E713904C-DF05-4C79-BBAD-02DB923253BE} -> C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\uninsttb.dll (EarthLink, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\Toolbar.dll (EarthLink, Inc.)
Toolbar: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - No File
Toolbar: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> No Name - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
DPF: HKLM-x32 {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} https://h50203.www5.hp.com/WCLWEB/cabs/HPISWebManager.CAB
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-12-27]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28]
CHR Extension: (Google Docs) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28]
CHR Extension: (Google Drive) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28]
CHR Extension: (YouTube) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28]
CHR Extension: (Google Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28]
CHR Extension: (Google Sheets) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28]
CHR Extension: (SiteAdvisor) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-10-28]
CHR Extension: (Google Wallet) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Gmail) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-12-27]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACS; C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\acs.exe [368724 2006-03-21] (Atheros) [File not signed]
R2 AERTFilters; C:\Windows\system32\AERTSr64.exe [86016 2008-07-17] (Andrea Electronics Corporation)
S2 Apache2.2; C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe [15872 2007-09-21] (Apache Software Foundation) [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
R2 dsl-db; C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe [5730304 2007-09-14] () [File not signed]
S2 dsl-fs-sync; C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe [173296 2008-09-30] (SingleClick Systems)
R2 D_Link DWA-182_WPS; C:\Program Files (x86)\D-Link\DWA-182 revA\ANIWConnService.exe [53248 2010-07-12] () [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-05-12] (WildTangent)
R2 hnmsvc; c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe [820464 2008-09-30] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Roxio UPnP Renderer 9; C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe [57344 2006-08-10] (Sonic Solutions) [File not signed]
S2 Roxio Upnp Server 9; C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe [294912 2006-08-10] (Sonic Solutions) [File not signed]
S2 RoxLiveShare9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [303104 2006-08-10] (Sonic Solutions) [File not signed]
R3 RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-08-10] (Sonic Solutions) [File not signed]
R2 RoxWatch9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-08-10] (Sonic Solutions) [File not signed]
S3 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [73728 2006-07-20] (MicroVision Development, Inc.) [File not signed]
S2 SessionLauncher; C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R2 DLABMFSE; C:\Windows\System32\DLA\DLABMFSE.SYS [44152 2006-08-08] (Sonic Solutions)
R2 DLABOIOE; C:\Windows\System32\DLA\DLABOIOE.SYS [41976 2006-08-08] (Sonic Solutions)
S1 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [15992 2006-08-01] (Sonic Solutions)
R2 DLADResE; C:\Windows\System32\DLA\DLADResE.SYS [10360 2006-08-08] (Sonic Solutions)
R2 DLAIFS_E; C:\Windows\System32\DLA\DLAIFS_E.SYS [141432 2006-08-08] (Sonic Solutions)
R2 DLAOPIOE; C:\Windows\System32\DLA\DLAOPIOE.SYS [33656 2006-08-08] (Sonic Solutions)
R2 DLAPoolE; C:\Windows\System32\DLA\DLAPoolE.SYS [18040 2006-08-08] (Sonic Solutions)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [39288 2006-08-01] (Sonic Solutions)
R2 DLAUDFAE; C:\Windows\System32\DLA\DLAUDFAE.SYS [136952 2006-08-08] (Sonic Solutions)
R2 DLAUDF_E; C:\Windows\System32\DLA\DLAUDF_E.SYS [143096 2006-08-08] (Sonic Solutions)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [122776 2006-07-21] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63608 2006-08-01] (Sonic Solutions)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-27] (CACE Technologies, Inc.)
R3 pmxmouse; C:\Windows\System32\DRIVERS\pmxmouse.sys [22016 2007-06-01] (Primax Electronics Ltd.)
R3 pmxusblf; C:\Windows\System32\DRIVERS\pmxusblf.sys [24384 2007-05-24] (Primax Electronics Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S1 RxFilter; C:\Windows\System32\DRIVERS\RxFilter.sys [58880 2006-08-09] (Sonic Solutions) [File not signed]
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [58880 2006-08-09] (Sonic Solutions) [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 19:00 - 2015-01-04 19:01 - 00025616 _____ () C:\Users\Daddy\Desktop\FRST.txt
2015-01-04 18:59 - 2015-01-04 19:00 - 00000000 ____D () C:\FRST
2015-01-04 18:57 - 2015-01-04 18:57 - 02123776 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2015-01-04 18:56 - 2015-01-04 18:56 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ALEXANDRIA-PC-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
2015-01-04 18:54 - 2015-01-04 18:54 - 00000000 ____D () C:\RegBackup
2015-01-04 18:52 - 2015-01-04 18:52 - 00002072 _____ () C:\Users\Daddy\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-04 18:52 - 2015-01-04 18:52 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-04 18:52 - 2015-01-04 18:52 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-04 18:51 - 2015-01-04 18:51 - 04215584 _____ () C:\Users\Daddy\Desktop\tweaking.com_registry_backup_setup.exe
2015-01-04 18:50 - 2015-01-04 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-10 22:01 - 2014-11-06 20:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 22:01 - 2014-11-06 20:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 22:01 - 2014-11-03 19:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 22:01 - 2014-11-03 19:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 21:58 - 2014-12-02 21:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-10 21:58 - 2014-12-02 20:51 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-09 19:36 - 2014-11-24 17:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 19:36 - 2014-11-24 16:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-09 19:36 - 2014-11-24 16:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 19:36 - 2014-11-24 16:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 19:36 - 2014-11-24 16:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 19:36 - 2014-11-24 16:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 19:36 - 2014-11-24 16:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 19:36 - 2014-11-24 16:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-09 19:36 - 2014-11-24 16:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-09 19:36 - 2014-11-24 16:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-09 19:36 - 2014-11-24 16:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 19:36 - 2014-11-24 16:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 19:36 - 2014-11-24 16:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-09 19:36 - 2014-11-24 16:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 19:36 - 2014-11-24 15:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-09 19:36 - 2014-11-24 15:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 19:36 - 2014-11-24 15:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 19:36 - 2014-11-24 15:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 19:36 - 2014-11-24 15:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 19:36 - 2014-11-24 15:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 19:36 - 2014-11-24 15:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 19:36 - 2014-11-24 15:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-09 19:36 - 2014-11-24 15:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 19:36 - 2014-11-24 15:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-09 19:36 - 2014-11-24 15:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 18:57 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-04 18:57 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-04 18:50 - 2012-12-27 21:43 - 00001753 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk
2015-01-04 18:44 - 2014-11-14 07:19 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d00005387651e9.job
2015-01-04 18:44 - 2014-10-28 17:13 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-04 18:24 - 2014-11-14 07:19 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00005399b1b09.job
2015-01-04 18:24 - 2014-10-28 17:13 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 18:19 - 2008-12-10 14:59 - 01958426 _____ () C:\Windows\WindowsUpdate.log
2015-01-04 18:11 - 2008-12-19 21:44 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-04 18:11 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-03 00:05 - 2006-11-02 10:42 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-02 22:38 - 2011-05-28 20:18 - 00003726 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{42665F92-BF63-4B01-AAEA-076200736FC5}
2014-12-18 22:38 - 2011-05-26 20:51 - 00003706 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B4064726-62B2-443C-AB1B-D2F6ACC05261}
2014-12-17 20:57 - 2008-12-20 01:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-16 19:23 - 2010-06-07 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-15 21:29 - 2014-10-28 17:14 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-15 21:25 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\rescache
2014-12-11 20:36 - 2009-02-04 17:37 - 00002651 _____ () C:\Users\Alexandria\Desktop\Microsoft Office Word 2007.lnk
2014-12-10 22:10 - 2008-12-10 20:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 22:09 - 2013-08-16 21:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 22:03 - 2006-11-02 07:35 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Some content of TEMP:
====================
C:\Users\Daddy\AppData\Local\Temp\ANPDApi.dll
C:\Users\Daddy\AppData\Local\Temp\eject.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u12-windows-i586-p-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u13-windows-i586-p-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u15-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\Kiwi\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 18:20
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Daddy at 2015-01-04 19:01:46
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.0512.1132 - )
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.36 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.36 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM-x32\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Browser Address Error Redirector (HKLM-x32\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
ccc-core-static (x32 Version: 2008.0512.1133.18639 - ATI) Hidden
Chessmaster Grandmaster Edition (HKLM-x32\...\InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}) (Version: 1.00.0000 - Ubisoft)
Chessmaster Grandmaster Edition (x32 Version: 1.00.0000 - Ubisoft) Hidden
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.74.00 - Conexant)
Copy (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deal Info (x32 Version: 2008.1.22.0 - EarthLink, Inc) Hidden
Dell Best of Web (HKLM-x32\...\{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}) (Version: 1.00.0000 - Dell)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Remote Access (HKLM-x32\...\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}) (Version: 1.0.0.0 - Dell Inc.)
Dell Video Chat (remove only) (HKLM-x32\...\Dell Video Chat) (Version: 6.0 (6551) - SightSpeed Inc.)
DELL0604 (x32 Version: 1.0.0 - WildTangent) Hidden
Dell-eBay (HKLM-x32\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
D-Link DWA-182 (HKLM-x32\...\{508FC6A7-5080-4E8B-A25C-A4962D691E8B}) (Version: - D-Link)
D-Link RangeBooster N DWA-542 (HKLM-x32\...\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}) (Version: 1.0b19 - D-Link)
EarthLink Common Authentication (x32 Version: 1.0.87.0 - ) Hidden
EarthLink Toolbar (HKLM-x32\...\{B8C2A83F-20B0-49D9-BA2B-6495DD8639ED}) (Version: - EarthLink, Inc.)
EDocs (HKLM-x32\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
EMCGadgets64 (Version: 1.1.501 - Sonic) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPSSupply (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java(TM) 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office XP Web Components (HKLM-x32\...\{90260409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6765.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.24.0 - Dell)
Monitor Webcam Driver (1.01.02.0804) (HKLM\...\Creative OA002) (Version: - )
Mouse Suite for Desktop Computers (HKLM-x32\...\{448E2D77-E504-4221-B2C2-93646B344729}) (Version: 2.50.025 - Dell)
MSVCSetup (x32 Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
Roxio Creator Premier (HKLM-x32\...\{469EF13B-4AD0-48D7-AF89-6B92278293E2}) (Version: 10.1 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Easy Media Creator 9 Suite (HKLM-x32\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.088 - Roxio, Inc.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
Skins (x32 Version: 2008.0512.1133.18639 - ATI) Hidden
Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Verizon Mobile Broadband Drivers (HKLM-x32\...\{F19553C5-F843-4C27-BF9F-9DE4D901B895}) (Version: 3.02.002.002 - Novatel Wireless)
Verizon Wireless MiFi-2200 Firmware Updates (HKLM-x32\...\{6DBDC768-CE21-4F59-A819-1CFD5D97C84B}) (Version: 1.0.5 - Smith Micro Software, Inc.)
VideoToolkit01 (x32 Version: 100.0.128.000 - Hewlett-Packard) Hidden
vShare Plugin (HKLM-x32\...\vShare) (Version: - )
VZAccess Manager (HKLM-x32\...\{780F9A1C-6BFE-4691-83A9-095D859E3052}) (Version: 7.3.13.1 - Smith Micro Software Inc.)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.62 - WildTangent)
WildTangent Games App (Dell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell) (Version: 4.0.10.5 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Xingtone Ringtone Maker (HKLM-x32\...\{625304B0-2976-473B-AD81-5CA376093F03}) (Version: 4.2.19 - Xingtone)
Your Image Alexandria Biggs (HKLM-x32\...\Your Image Alexandria Biggs 1.0.5) (Version: 1.0.5 - Herff Jones Photography)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\localserver32 -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004_Classes\CLSID\{DCA74850-096D-40CD-BB81-17034E51ACB6}\localserver32 -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
==================== Restore Points =========================
17-10-2014 21:44:34 Scheduled Checkpoint
24-10-2014 17:25:08 Scheduled Checkpoint
25-10-2014 10:23:25 Scheduled Checkpoint
26-10-2014 11:22:46 Scheduled Checkpoint
27-10-2014 18:04:53 Scheduled Checkpoint
28-10-2014 17:46:33 Scheduled Checkpoint
29-10-2014 19:56:49 Scheduled Checkpoint
11-11-2014 16:15:50 Scheduled Checkpoint
13-11-2014 20:48:14 Windows Update
19-11-2014 20:43:44 Windows Update
22-11-2014 20:58:53 Scheduled Checkpoint
23-11-2014 14:45:20 Scheduled Checkpoint
25-11-2014 15:43:48 Scheduled Checkpoint
03-12-2014 20:32:18 Scheduled Checkpoint
05-12-2014 00:00:01 Scheduled Checkpoint
06-12-2014 00:00:01 Scheduled Checkpoint
07-12-2014 00:00:01 Scheduled Checkpoint
09-12-2014 20:50:11 Scheduled Checkpoint
10-12-2014 21:45:44 Windows Update
16-12-2014 19:18:29 Windows Update
18-12-2014 21:59:01 Scheduled Checkpoint
01-01-2015 23:57:00 Scheduled Checkpoint
03-01-2015 00:00:02 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02EB2F37-FD79-49FA-B845-D7ABC87D5177} - System32\Tasks\GoogleUpdateTaskMachineUA1d00005399b1b09 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {382E8142-8871-407F-8992-13E8C8046B89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {3A8FDE56-B58C-48CB-8C64-5841DCDE6EBB} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Kiwi => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {58B1F29D-65E3-41E7-ADE2-7AF8D6C7623E} - System32\Tasks\GoogleUpdateTaskMachineCore1d00005387651e9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {A8BD85F8-0C64-4DF2-8D55-CEB1805B5F1C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AEBBA7E9-4EB8-48D0-A624-F073E60DE288} - System32\Tasks\{D9C16D89-DFB3-4968-9E50-0D7E9D9CA1CB} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {EA65C3C5-B7E5-481D-91DE-006BCA013FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d00005387651e9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00005399b1b09.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2007-09-14 14:35 - 2007-09-14 14:35 - 05730304 _____ () C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
2013-07-20 22:39 - 2010-07-12 13:39 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-182 revA\ANIWConnService.exe
2009-05-19 22:53 - 2006-08-08 08:18 - 00049912 _____ () C:\Windows\system32\DLAAPI_W.DLL
2013-10-31 13:47 - 2013-10-31 13:47 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2008-12-10 22:27 - 2008-07-24 06:49 - 00116736 _____ () C:\Windows\system32\atitmm64.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2006-08-10 10:37 - 2006-08-10 10:37 - 04587520 ____R () C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
2010-07-07 19:52 - 2006-05-07 04:56 - 00073728 _____ () C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\WlanDll.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\Users\Daddy\Desktop\2010-12 (Dec):Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Desktop\2011-09 (Sep):Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Desktop\2011-12 (Dec):Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\Add-in Express:Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\BlackBerry:Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\New Folder:Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\SightSpeed Recordings:Roxio EMC Stream
AlternateDataStreams: C:\Users\Mommy\Documents\Gayle:Roxio EMC Stream
AlternateDataStreams: C:\Users\Mommy\Documents\My Scans:Roxio EMC Stream
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Connection Manager.lnk => C:\Windows\pss\Wireless Connection Manager.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: E6TaskPanel => "C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" -winstart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IPInSightLAN 01 => "C:\Program Files (x86)\EarthLink TotalAccess\FastLane2\IPClient.exe" -l
MSCONFIG\startupreg: IPInSightMonitor 01 => "C:\Program Files (x86)\EarthLink TotalAccess\FastLane2\IPMon32.exe"
MSCONFIG\startupreg: mcagent_exe => "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: PMX Daemon => ICO.EXE
MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Skytel => Skytel.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2852057853-1305795303-3146060363-500 - Administrator - Disabled)
Alexandria (S-1-5-21-2852057853-1305795303-3146060363-1003 - Limited - Enabled) => C:\Users\Alexandria
ASPNET (S-1-5-21-2852057853-1305795303-3146060363-1009 - Limited - Enabled)
Daddy (S-1-5-21-2852057853-1305795303-3146060363-1004 - Administrator - Enabled) => C:\Users\Daddy
Guest (S-1-5-21-2852057853-1305795303-3146060363-501 - Limited - Disabled)
Kiwi (S-1-5-21-2852057853-1305795303-3146060363-1010 - Limited - Enabled) => C:\Users\Kiwi
Mommy (S-1-5-21-2852057853-1305795303-3146060363-1007 - Limited - Enabled) => C:\Users\Mommy
Pam (S-1-5-21-2852057853-1305795303-3146060363-1011 - Limited - Enabled) => C:\Users\Pam
==================== Faulty Device Manager Devices =============
Name: isatap.earthlink.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.earthlink.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2015 06:44:29 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (01/04/2015 06:13:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 00:05:08 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (01/01/2015 09:04:09 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/01/2015 09:04:09 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/01/2015 08:26:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/18/2014 09:28:15 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (12/18/2014 08:49:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/17/2014 10:56:13 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (12/17/2014 10:10:15 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{3734EC01-2376-4599-9BCA-E78ACC409196}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
System errors:
=============
Error: (01/04/2015 06:54:06 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:54:06 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:51:44 PM) (Source: DCOM) (EventID: 10016) (User: Alexandria-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Alexandria-PCDaddyS-1-5-21-2852057853-1305795303-3146060363-1004LocalHost (Using LRPC)
Error: (01/04/2015 06:51:44 PM) (Source: DCOM) (EventID: 10016) (User: Alexandria-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Alexandria-PCDaddyS-1-5-21-2852057853-1305795303-3146060363-1004LocalHost (Using LRPC)
Error: (01/04/2015 06:46:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}
Error: (01/04/2015 06:44:09 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:44:05 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:34:00 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:33:56 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:23:08 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Microsoft Office Sessions:
=========================
Error: (11/03/2012 02:14:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/21/2011 02:01:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/21/2011 02:00:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-01-04 18:11:38.152
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-04 18:11:37.934
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-01 20:24:43.404
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-01 20:24:43.185
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-18 20:47:40.152
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-18 20:47:39.934
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-17 20:57:26.386
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-17 20:57:26.168
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-16 19:13:09.262
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-16 19:13:09.043
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 4093.27 MB
Available physical RAM: 1862.13 MB
Total Pagefile: 8359.79 MB
Available Pagefile: 5791.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:455.7 GB) (Free:320.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:2.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 98000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=455.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-04 19:08:27
-----------------------------
19:08:27.340 OS Version: Windows x64 6.0.6002 Service Pack 2
19:08:27.340 Number of processors: 4 586 0xF0B
19:08:27.340 ComputerName: ALEXANDRIA-PC UserName: Daddy
19:08:30.039 Initialize success
19:08:30.570 VM: initialized successfully
19:08:30.570 VM: Intel CPU supported
19:09:06.907 VM: disk I/O atapi.sys
19:15:11.144 The log file has been saved successfully to "C:\Users\Daddy\Desktop\aswMBR.txt"
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-04 19:08:27
-----------------------------
19:08:27.340 OS Version: Windows x64 6.0.6002 Service Pack 2
19:08:27.340 Number of processors: 4 586 0xF0B
19:08:27.340 ComputerName: ALEXANDRIA-PC UserName: Daddy
19:08:30.039 Initialize success
19:08:30.570 VM: initialized successfully
19:08:30.570 VM: Intel CPU supported
19:09:06.907 VM: disk I/O atapi.sys
19:15:11.144 The log file has been saved successfully to "C:\Users\Daddy\Desktop\aswMBR.txt"
19:19:46.461 AVAST engine defs: 15010401
19:20:06.601 The log file has been saved successfully to "C:\Users\Daddy\Desktop\aswMBR.txt"
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Daddy (administrator) on ALEXANDRIA-PC on 04-01-2015 19:00:42
Running from C:\Users\Daddy\Desktop
Loaded Profile: Daddy (Available profiles: Alexandria & Daddy & Mommy & Kiwi & Pam)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros) C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\acs.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
() C:\Program Files (x86)\D-Link\DWA-182 revA\ANIWConnService.exe
(Dell Inc.) C:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Primax Electronics Ltd.) C:\Windows\System32\pmxmiced.exe
(D-Link) C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\wirelesscm.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6453760 2008-07-17] (Realtek Semiconductor)
HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [91648 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [Skytel] => Skytel.exe
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-09-01] (Research In Motion Limited)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe [854704 2014-09-25] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\wirelesscm.exe (D-Link)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4081211
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4081211
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2852057853-1305795303-3146060363-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.earthlink.net/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {65A95FBF-F5AC-44fa-8112-5C493C4DE412} URL = http://eimg.net/sw/toolbar/4/2/rd601.html?area=earthlink-ws-altsearchbox&channel=elnkdsearch&q={searchTerms}
SearchScopes: HKLM-x32 -> {65A95FBF-F5AC-44fa-8112-5C493C4DE412} URL = http://eimg.net/sw/toolbar/4/2/rd601.html?area=earthlink-ws-altsearchbox&channel=elnkdsearch&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {00C4652F-C583-4174-B878-DB42E4CD2EE9} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US105D20140710&p={SearchTerms}
SearchScopes: HKU\.DEFAULT -> {00C4652F-C583-4174-B878-DB42E4CD2EE9} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US105D20140710&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> {65A95FBF-F5AC-44fa-8112-5C493C4DE412} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: vShare Plugin -> {043C5167-00BB-4324-AF7E-62013FAEDACF} -> C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: ElnkPubBHO Class -> {512ACF1B-64D9-4928-B382-A80556F28DB4} -> C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\ElnkPub.dll (EarthLink, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: ElnkProtectionBHO Class -> {9579D574-D4D8-4335-9560-FE8641A013BD} -> C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\ProtctIE.dll (EarthLink, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files (x86)\Dell\BAE\BAE.dll (Dell Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ElnkLegacyUninstBHO Class -> {E713904C-DF05-4C79-BBAD-02DB923253BE} -> C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\uninsttb.dll (EarthLink, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files (x86)\EarthLink TotalAccess\Toolbar\Toolbar\Toolbar.dll (EarthLink, Inc.)
Toolbar: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - No File
Toolbar: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004 -> No Name - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
DPF: HKLM-x32 {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} https://h50203.www5.hp.com/WCLWEB/cabs/HPISWebManager.CAB
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-12-27]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28]
CHR Extension: (Google Docs) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28]
CHR Extension: (Google Drive) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28]
CHR Extension: (YouTube) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28]
CHR Extension: (Google Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28]
CHR Extension: (Google Sheets) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28]
CHR Extension: (SiteAdvisor) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-10-28]
CHR Extension: (Google Wallet) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Gmail) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-12-27]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACS; C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\acs.exe [368724 2006-03-21] (Atheros) [File not signed]
R2 AERTFilters; C:\Windows\system32\AERTSr64.exe [86016 2008-07-17] (Andrea Electronics Corporation)
S2 Apache2.2; C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe [15872 2007-09-21] (Apache Software Foundation) [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
R2 dsl-db; C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe [5730304 2007-09-14] () [File not signed]
S2 dsl-fs-sync; C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe [173296 2008-09-30] (SingleClick Systems)
R2 D_Link DWA-182_WPS; C:\Program Files (x86)\D-Link\DWA-182 revA\ANIWConnService.exe [53248 2010-07-12] () [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-05-12] (WildTangent)
R2 hnmsvc; c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe [820464 2008-09-30] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Roxio UPnP Renderer 9; C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe [57344 2006-08-10] (Sonic Solutions) [File not signed]
S2 Roxio Upnp Server 9; C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe [294912 2006-08-10] (Sonic Solutions) [File not signed]
S2 RoxLiveShare9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [303104 2006-08-10] (Sonic Solutions) [File not signed]
R3 RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-08-10] (Sonic Solutions) [File not signed]
R2 RoxWatch9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-08-10] (Sonic Solutions) [File not signed]
S3 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [73728 2006-07-20] (MicroVision Development, Inc.) [File not signed]
S2 SessionLauncher; C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R2 DLABMFSE; C:\Windows\System32\DLA\DLABMFSE.SYS [44152 2006-08-08] (Sonic Solutions)
R2 DLABOIOE; C:\Windows\System32\DLA\DLABOIOE.SYS [41976 2006-08-08] (Sonic Solutions)
S1 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [15992 2006-08-01] (Sonic Solutions)
R2 DLADResE; C:\Windows\System32\DLA\DLADResE.SYS [10360 2006-08-08] (Sonic Solutions)
R2 DLAIFS_E; C:\Windows\System32\DLA\DLAIFS_E.SYS [141432 2006-08-08] (Sonic Solutions)
R2 DLAOPIOE; C:\Windows\System32\DLA\DLAOPIOE.SYS [33656 2006-08-08] (Sonic Solutions)
R2 DLAPoolE; C:\Windows\System32\DLA\DLAPoolE.SYS [18040 2006-08-08] (Sonic Solutions)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [39288 2006-08-01] (Sonic Solutions)
R2 DLAUDFAE; C:\Windows\System32\DLA\DLAUDFAE.SYS [136952 2006-08-08] (Sonic Solutions)
R2 DLAUDF_E; C:\Windows\System32\DLA\DLAUDF_E.SYS [143096 2006-08-08] (Sonic Solutions)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [122776 2006-07-21] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63608 2006-08-01] (Sonic Solutions)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-27] (CACE Technologies, Inc.)
R3 pmxmouse; C:\Windows\System32\DRIVERS\pmxmouse.sys [22016 2007-06-01] (Primax Electronics Ltd.)
R3 pmxusblf; C:\Windows\System32\DRIVERS\pmxusblf.sys [24384 2007-05-24] (Primax Electronics Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S1 RxFilter; C:\Windows\System32\DRIVERS\RxFilter.sys [58880 2006-08-09] (Sonic Solutions) [File not signed]
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [58880 2006-08-09] (Sonic Solutions) [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 19:00 - 2015-01-04 19:01 - 00025616 _____ () C:\Users\Daddy\Desktop\FRST.txt
2015-01-04 18:59 - 2015-01-04 19:00 - 00000000 ____D () C:\FRST
2015-01-04 18:57 - 2015-01-04 18:57 - 02123776 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2015-01-04 18:56 - 2015-01-04 18:56 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ALEXANDRIA-PC-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
2015-01-04 18:54 - 2015-01-04 18:54 - 00000000 ____D () C:\RegBackup
2015-01-04 18:52 - 2015-01-04 18:52 - 00002072 _____ () C:\Users\Daddy\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-04 18:52 - 2015-01-04 18:52 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-04 18:52 - 2015-01-04 18:52 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-04 18:51 - 2015-01-04 18:51 - 04215584 _____ () C:\Users\Daddy\Desktop\tweaking.com_registry_backup_setup.exe
2015-01-04 18:50 - 2015-01-04 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-10 22:01 - 2014-11-06 20:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 22:01 - 2014-11-06 20:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 22:01 - 2014-11-03 19:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 22:01 - 2014-11-03 19:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 21:58 - 2014-12-02 21:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-10 21:58 - 2014-12-02 20:51 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-09 19:36 - 2014-11-24 17:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 19:36 - 2014-11-24 16:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-09 19:36 - 2014-11-24 16:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 19:36 - 2014-11-24 16:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 19:36 - 2014-11-24 16:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 19:36 - 2014-11-24 16:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 19:36 - 2014-11-24 16:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 19:36 - 2014-11-24 16:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-09 19:36 - 2014-11-24 16:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-09 19:36 - 2014-11-24 16:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-09 19:36 - 2014-11-24 16:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-09 19:36 - 2014-11-24 16:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 19:36 - 2014-11-24 16:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 19:36 - 2014-11-24 16:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-09 19:36 - 2014-11-24 16:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 19:36 - 2014-11-24 15:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-09 19:36 - 2014-11-24 15:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 19:36 - 2014-11-24 15:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 19:36 - 2014-11-24 15:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 19:36 - 2014-11-24 15:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 19:36 - 2014-11-24 15:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 19:36 - 2014-11-24 15:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 19:36 - 2014-11-24 15:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-09 19:36 - 2014-11-24 15:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 19:36 - 2014-11-24 15:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 19:36 - 2014-11-24 15:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 19:36 - 2014-11-24 15:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-09 19:36 - 2014-11-24 15:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 18:57 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-04 18:57 - 2006-11-02 10:22 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-04 18:50 - 2012-12-27 21:43 - 00001753 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk
2015-01-04 18:44 - 2014-11-14 07:19 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d00005387651e9.job
2015-01-04 18:44 - 2014-10-28 17:13 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-04 18:24 - 2014-11-14 07:19 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00005399b1b09.job
2015-01-04 18:24 - 2014-10-28 17:13 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 18:19 - 2008-12-10 14:59 - 01958426 _____ () C:\Windows\WindowsUpdate.log
2015-01-04 18:11 - 2008-12-19 21:44 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-04 18:11 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-03 00:05 - 2006-11-02 10:42 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-02 22:38 - 2011-05-28 20:18 - 00003726 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{42665F92-BF63-4B01-AAEA-076200736FC5}
2014-12-18 22:38 - 2011-05-26 20:51 - 00003706 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B4064726-62B2-443C-AB1B-D2F6ACC05261}
2014-12-17 20:57 - 2008-12-20 01:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-16 19:23 - 2010-06-07 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-15 21:29 - 2014-10-28 17:14 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-15 21:25 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\rescache
2014-12-11 20:36 - 2009-02-04 17:37 - 00002651 _____ () C:\Users\Alexandria\Desktop\Microsoft Office Word 2007.lnk
2014-12-10 22:10 - 2008-12-10 20:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 22:09 - 2013-08-16 21:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 22:03 - 2006-11-02 07:35 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Some content of TEMP:
====================
C:\Users\Daddy\AppData\Local\Temp\ANPDApi.dll
C:\Users\Daddy\AppData\Local\Temp\eject.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u12-windows-i586-p-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u13-windows-i586-p-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u15-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\Kiwi\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 18:20
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Daddy at 2015-01-04 19:01:46
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.0512.1132 - )
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.36 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.36 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM-x32\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Browser Address Error Redirector (HKLM-x32\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
ccc-core-static (x32 Version: 2008.0512.1133.18639 - ATI) Hidden
Chessmaster Grandmaster Edition (HKLM-x32\...\InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}) (Version: 1.00.0000 - Ubisoft)
Chessmaster Grandmaster Edition (x32 Version: 1.00.0000 - Ubisoft) Hidden
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.74.00 - Conexant)
Copy (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deal Info (x32 Version: 2008.1.22.0 - EarthLink, Inc) Hidden
Dell Best of Web (HKLM-x32\...\{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}) (Version: 1.00.0000 - Dell)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Remote Access (HKLM-x32\...\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}) (Version: 1.0.0.0 - Dell Inc.)
Dell Video Chat (remove only) (HKLM-x32\...\Dell Video Chat) (Version: 6.0 (6551) - SightSpeed Inc.)
DELL0604 (x32 Version: 1.0.0 - WildTangent) Hidden
Dell-eBay (HKLM-x32\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
D-Link DWA-182 (HKLM-x32\...\{508FC6A7-5080-4E8B-A25C-A4962D691E8B}) (Version: - D-Link)
D-Link RangeBooster N DWA-542 (HKLM-x32\...\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}) (Version: 1.0b19 - D-Link)
EarthLink Common Authentication (x32 Version: 1.0.87.0 - ) Hidden
EarthLink Toolbar (HKLM-x32\...\{B8C2A83F-20B0-49D9-BA2B-6495DD8639ED}) (Version: - EarthLink, Inc.)
EDocs (HKLM-x32\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
EMCGadgets64 (Version: 1.1.501 - Sonic) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPSSupply (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java(TM) 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office XP Web Components (HKLM-x32\...\{90260409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6765.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.24.0 - Dell)
Monitor Webcam Driver (1.01.02.0804) (HKLM\...\Creative OA002) (Version: - )
Mouse Suite for Desktop Computers (HKLM-x32\...\{448E2D77-E504-4221-B2C2-93646B344729}) (Version: 2.50.025 - Dell)
MSVCSetup (x32 Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
Roxio Creator Premier (HKLM-x32\...\{469EF13B-4AD0-48D7-AF89-6B92278293E2}) (Version: 10.1 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Easy Media Creator 9 Suite (HKLM-x32\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.088 - Roxio, Inc.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
Skins (x32 Version: 2008.0512.1133.18639 - ATI) Hidden
Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Verizon Mobile Broadband Drivers (HKLM-x32\...\{F19553C5-F843-4C27-BF9F-9DE4D901B895}) (Version: 3.02.002.002 - Novatel Wireless)
Verizon Wireless MiFi-2200 Firmware Updates (HKLM-x32\...\{6DBDC768-CE21-4F59-A819-1CFD5D97C84B}) (Version: 1.0.5 - Smith Micro Software, Inc.)
VideoToolkit01 (x32 Version: 100.0.128.000 - Hewlett-Packard) Hidden
vShare Plugin (HKLM-x32\...\vShare) (Version: - )
VZAccess Manager (HKLM-x32\...\{780F9A1C-6BFE-4691-83A9-095D859E3052}) (Version: 7.3.13.1 - Smith Micro Software Inc.)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.62 - WildTangent)
WildTangent Games App (Dell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell) (Version: 4.0.10.5 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Xingtone Ringtone Maker (HKLM-x32\...\{625304B0-2976-473B-AD81-5CA376093F03}) (Version: 4.2.19 - Xingtone)
Your Image Alexandria Biggs (HKLM-x32\...\Your Image Alexandria Biggs 1.0.5) (Version: 1.0.5 - Herff Jones Photography)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\localserver32 -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2852057853-1305795303-3146060363-1004_Classes\CLSID\{DCA74850-096D-40CD-BB81-17034E51ACB6}\localserver32 -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
==================== Restore Points =========================
17-10-2014 21:44:34 Scheduled Checkpoint
24-10-2014 17:25:08 Scheduled Checkpoint
25-10-2014 10:23:25 Scheduled Checkpoint
26-10-2014 11:22:46 Scheduled Checkpoint
27-10-2014 18:04:53 Scheduled Checkpoint
28-10-2014 17:46:33 Scheduled Checkpoint
29-10-2014 19:56:49 Scheduled Checkpoint
11-11-2014 16:15:50 Scheduled Checkpoint
13-11-2014 20:48:14 Windows Update
19-11-2014 20:43:44 Windows Update
22-11-2014 20:58:53 Scheduled Checkpoint
23-11-2014 14:45:20 Scheduled Checkpoint
25-11-2014 15:43:48 Scheduled Checkpoint
03-12-2014 20:32:18 Scheduled Checkpoint
05-12-2014 00:00:01 Scheduled Checkpoint
06-12-2014 00:00:01 Scheduled Checkpoint
07-12-2014 00:00:01 Scheduled Checkpoint
09-12-2014 20:50:11 Scheduled Checkpoint
10-12-2014 21:45:44 Windows Update
16-12-2014 19:18:29 Windows Update
18-12-2014 21:59:01 Scheduled Checkpoint
01-01-2015 23:57:00 Scheduled Checkpoint
03-01-2015 00:00:02 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02EB2F37-FD79-49FA-B845-D7ABC87D5177} - System32\Tasks\GoogleUpdateTaskMachineUA1d00005399b1b09 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {382E8142-8871-407F-8992-13E8C8046B89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {3A8FDE56-B58C-48CB-8C64-5841DCDE6EBB} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Kiwi => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {58B1F29D-65E3-41E7-ADE2-7AF8D6C7623E} - System32\Tasks\GoogleUpdateTaskMachineCore1d00005387651e9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {A8BD85F8-0C64-4DF2-8D55-CEB1805B5F1C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AEBBA7E9-4EB8-48D0-A624-F073E60DE288} - System32\Tasks\{D9C16D89-DFB3-4968-9E50-0D7E9D9CA1CB} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {EA65C3C5-B7E5-481D-91DE-006BCA013FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d00005387651e9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00005399b1b09.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2007-09-14 14:35 - 2007-09-14 14:35 - 05730304 _____ () C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
2013-07-20 22:39 - 2010-07-12 13:39 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-182 revA\ANIWConnService.exe
2009-05-19 22:53 - 2006-08-08 08:18 - 00049912 _____ () C:\Windows\system32\DLAAPI_W.DLL
2013-10-31 13:47 - 2013-10-31 13:47 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2008-12-10 22:27 - 2008-07-24 06:49 - 00116736 _____ () C:\Windows\system32\atitmm64.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2006-08-10 10:37 - 2006-08-10 10:37 - 04587520 ____R () C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
2010-07-07 19:52 - 2006-05-07 04:56 - 00073728 _____ () C:\Program Files (x86)\D-Link\D-Link RangeBooster N DWA-542\WlanDll.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\Users\Daddy\Desktop\2010-12 (Dec):Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Desktop\2011-09 (Sep):Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Desktop\2011-12 (Dec):Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\Add-in Express:Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\BlackBerry:Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\New Folder:Roxio EMC Stream
AlternateDataStreams: C:\Users\Daddy\Documents\SightSpeed Recordings:Roxio EMC Stream
AlternateDataStreams: C:\Users\Mommy\Documents\Gayle:Roxio EMC Stream
AlternateDataStreams: C:\Users\Mommy\Documents\My Scans:Roxio EMC Stream
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Connection Manager.lnk => C:\Windows\pss\Wireless Connection Manager.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: E6TaskPanel => "C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" -winstart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IPInSightLAN 01 => "C:\Program Files (x86)\EarthLink TotalAccess\FastLane2\IPClient.exe" -l
MSCONFIG\startupreg: IPInSightMonitor 01 => "C:\Program Files (x86)\EarthLink TotalAccess\FastLane2\IPMon32.exe"
MSCONFIG\startupreg: mcagent_exe => "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: PMX Daemon => ICO.EXE
MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Skytel => Skytel.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2852057853-1305795303-3146060363-500 - Administrator - Disabled)
Alexandria (S-1-5-21-2852057853-1305795303-3146060363-1003 - Limited - Enabled) => C:\Users\Alexandria
ASPNET (S-1-5-21-2852057853-1305795303-3146060363-1009 - Limited - Enabled)
Daddy (S-1-5-21-2852057853-1305795303-3146060363-1004 - Administrator - Enabled) => C:\Users\Daddy
Guest (S-1-5-21-2852057853-1305795303-3146060363-501 - Limited - Disabled)
Kiwi (S-1-5-21-2852057853-1305795303-3146060363-1010 - Limited - Enabled) => C:\Users\Kiwi
Mommy (S-1-5-21-2852057853-1305795303-3146060363-1007 - Limited - Enabled) => C:\Users\Mommy
Pam (S-1-5-21-2852057853-1305795303-3146060363-1011 - Limited - Enabled) => C:\Users\Pam
==================== Faulty Device Manager Devices =============
Name: isatap.earthlink.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.earthlink.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2015 06:44:29 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (01/04/2015 06:13:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 00:05:08 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (01/01/2015 09:04:09 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/01/2015 09:04:09 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (01/01/2015 08:26:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/18/2014 09:28:15 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (12/18/2014 08:49:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/17/2014 10:56:13 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (12/17/2014 10:10:15 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{3734EC01-2376-4599-9BCA-E78ACC409196}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
System errors:
=============
Error: (01/04/2015 06:54:06 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:54:06 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:51:44 PM) (Source: DCOM) (EventID: 10016) (User: Alexandria-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Alexandria-PCDaddyS-1-5-21-2852057853-1305795303-3146060363-1004LocalHost (Using LRPC)
Error: (01/04/2015 06:51:44 PM) (Source: DCOM) (EventID: 10016) (User: Alexandria-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Alexandria-PCDaddyS-1-5-21-2852057853-1305795303-3146060363-1004LocalHost (Using LRPC)
Error: (01/04/2015 06:46:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}
Error: (01/04/2015 06:44:09 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:44:05 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:34:00 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:33:56 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Error: (01/04/2015 06:23:08 PM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "RABOFFICE-PC :0" could not be registered on the interface with IP address 192.168.0.112.
The computer with the IP address 192.168.0.106 did not allow the name to be claimed by
this computer.
Microsoft Office Sessions:
=========================
Error: (11/03/2012 02:14:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/21/2011 02:01:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/21/2011 02:00:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-01-04 18:11:38.152
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-04 18:11:37.934
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-01 20:24:43.404
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-01 20:24:43.185
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-18 20:47:40.152
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-18 20:47:39.934
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-17 20:57:26.386
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-17 20:57:26.168
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-16 19:13:09.262
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-16 19:13:09.043
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 4093.27 MB
Available physical RAM: 1862.13 MB
Total Pagefile: 8359.79 MB
Available Pagefile: 5791.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:455.7 GB) (Free:320.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:2.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 98000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=455.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-04 19:08:27
-----------------------------
19:08:27.340 OS Version: Windows x64 6.0.6002 Service Pack 2
19:08:27.340 Number of processors: 4 586 0xF0B
19:08:27.340 ComputerName: ALEXANDRIA-PC UserName: Daddy
19:08:30.039 Initialize success
19:08:30.570 VM: initialized successfully
19:08:30.570 VM: Intel CPU supported
19:09:06.907 VM: disk I/O atapi.sys
19:15:11.144 The log file has been saved successfully to "C:\Users\Daddy\Desktop\aswMBR.txt"
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-04 19:08:27
-----------------------------
19:08:27.340 OS Version: Windows x64 6.0.6002 Service Pack 2
19:08:27.340 Number of processors: 4 586 0xF0B
19:08:27.340 ComputerName: ALEXANDRIA-PC UserName: Daddy
19:08:30.039 Initialize success
19:08:30.570 VM: initialized successfully
19:08:30.570 VM: Intel CPU supported
19:09:06.907 VM: disk I/O atapi.sys
19:15:11.144 The log file has been saved successfully to "C:\Users\Daddy\Desktop\aswMBR.txt"
19:19:46.461 AVAST engine defs: 15010401
19:20:06.601 The log file has been saved successfully to "C:\Users\Daddy\Desktop\aswMBR.txt"