-
Chrome locks with Pay Up screen. Also Firewall switches itself off.
Hello, this is a repost as I forgot to subscribe to my first post and missed your reply so it was archived. Many apologies for that.
https://forums.spybot.info/showthrea...hes-itself-off
For a while now I have had the problem that every few hours or on startup I get the message that the windows firewall is not active. I enable it then it switches off again randomly a few hours later.
More serious is that a few days ago and again today Chrome froze with a screen saying I had to pay €100 or something to unblock it - I had to use Task Manager to close it. It is not locked on restart, nor is anything else.
Logs for FRST, Addition and aswMBR below. Thank you
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by Ailsa (administrator) on AILSAS_LAPTOP (18-09-2015 10:49:15)
Running from C:\Users\Ailsa\Downloads\Desktop
Loaded Profiles: Ailsa (Available Profiles: Ailsa)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files\Coupon Printer\CouponPrinterService.exe
(HiTRSUT) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(HiTRUST) C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Kontiki Inc.) C:\Program Files\Kontiki\KHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Dropbox, Inc.) C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNMTray.exe
(Acer Inc.) C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Inc.) C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.15\GoogleCrashHandler.exe
() C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
(Axentra Corporation) C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Realtek Semiconductor Corp.) C:\Users\Ailsa\AppData\Local\temp\RtkBtMnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Spotify Ltd) C:\Users\Ailsa\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4472832 2007-05-29] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-23] (Synaptics, Inc.)
HKLM\...\Run: [PLFSet] => rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-13] (Intel Corporation)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-15] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2007-02-08] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [457216 2007-04-26] (HiTRUST)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2007-10-17] (Dritek System Inc.)
HKLM\...\Run: [WarReg_PopUp] => C:\Acer\WR_PopUp\WarReg_PopUp.exe [57344 2006-11-05] (Acer Inc.)
HKLM\...\Run: [Symantec PIF AlertEng] => C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-05-29] (Realtek Semiconductor Corp.)
HKLM\...\Run: [4oD] => C:\Program Files\Kontiki\KHost.exe [1032640 2007-04-23] (Kontiki Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-03-23] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Memeo Instant Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-04-06] (Memeo Inc.)
HKLM\...\Run: [Seagate Dashboard] => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [73728 2011-11-03] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0AMQAyAD (the data entry has 512 more characters).
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [MsnMsgr] => C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [4240760 2010-09-23] (Microsoft Corporation)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [Google Update] => C:\Users\Ailsa\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [Spotify Web Helper] => C:\Users\Ailsa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [] => [X]
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [Dropbox Update] => C:\Users\Ailsa\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Run: [Spotify] => C:\Users\Ailsa\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Ailsa\DOWNLO~1\Desktop\dds.scr
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Ailsa\AppData\Local\Windows\Dropbox.lnk [2015-08-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2007-06-25]
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk [2007-06-25]
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
BootExecute: autocheck autochk * sdnclean.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{68884C51-D3E3-4010-BBA5-DC03D5F7014E}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{957EDBCA-A3A1-47A6-8946-055BF5DBB5D0}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://en.uk.acer.yahoo.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://webmail.rcuk.ac.uk/CookieAuth.dll?GetLogon?reason=0&formdir=1&curl=Z2FOWAZ2F
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\Software\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://uk-mg41.mail.yahoo.com/neo/launch?.rand=85jt9rr80vn5a
URLSearchHook: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> DefaultScope {F7711AE7-A29E-4754-B2C8-B2E3C6E937B0} URL = hxxp://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=us&nt=1
SearchScopes: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> {D42D351C-BFA2-4D2C-B9AF-5737B4EFFA62} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> {DD10869D-EB6A-4F70-AD55-73CA251CC4BE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U4&apn_dtid=OSJ000YYUK&apn_uid=4C090945-8B49-4A9F-9645-CE26A2558DCF&apn_sauid=AC70FFEE-6378-47E4-8F82-39CFF650FA79
SearchScopes: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> {F7711AE7-A29E-4754-B2C8-B2E3C6E937B0} URL = hxxp://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2011-10-15] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-28] (Oracle Corporation)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Windows\system32\ActiveToolBand.dll [2007-04-26] (HiTRUST)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-28] (Oracle Corporation)
BHO: TBSB02125 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files\Nectar Toolbar\tbcore3.dll [2013-09-19] ()
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll [2007-04-26] (HiTRUST)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2011-10-15] (CANON INC.)
Toolbar: HKLM - Nectar Toolbar - {8CB26F89-C950-4CC2-9100-69635A8E721D} - C:\Program Files\Nectar Toolbar\tbcore3.dll [2013-09-19] ()
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1851843919-258154983-2237051013-1003 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2011-10-15] (CANON INC.)
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16] (Skype Technologies S.A.)
FireFox:
========
FF ProfilePath: C:\Users\Ailsa\AppData\Roaming\Mozilla\Firefox\Profiles\78dlkzfi.default-1417597332978
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1851843919-258154983-2237051013-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1851843919-258154983-2237051013-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-12-03] (Coupons, Inc.)
FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-19]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-07-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-08]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-07-19]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.searchlotto.co.uk/login/index.php","www.google.com","hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://searchlotto.co.uk/search.php?cid=18295&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchlotto.co.uk
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\45.0.2454.93\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\45.0.2454.93\pdf.dll => No File
CHR Plugin: (Authorware Web Player) - C:\Program Files\Mozilla Firefox\plugins\np32asw.dll (Macromedia, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Coupons Inc., Coupon Printer) - C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U31) - C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Ailsa\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-02-16]
CHR Extension: (Google Docs) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-06]
CHR Extension: (Google Drive) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-04]
CHR Extension: (Translator) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blghebmindldnnmdfcclajeaeiahbjgn [2015-02-16]
CHR Extension: (Adblock Plus) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-12-26]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-01-06]
CHR Extension: (Dropbox for Gmail) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-09-10]
CHR Extension: (Cashback Notifier - TopCashback) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekeeeebmbhkkjcaoicinbdjmklipppkj [2015-02-13]
CHR Extension: (TV - Voozy.tv) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\flnepcgaapadgbmfkmacafjiejjhbipm [2013-09-09]
CHR Extension: (Google Play Movies) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb [2013-09-09]
CHR Extension: (Google Docs Offline) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (AdBlock) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-06]
CHR Extension: (Avast Online Security) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-06]
CHR Extension: (Nectar Toolbar) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgkojhokdikmakapclkdoagjnghgpphm [2013-10-22]
CHR Extension: (Nectar Search Toolbar) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljghhlcggnhofdcnlkelobcehdbnfnd [2013-01-18]
CHR Extension: (Heart of Midlothian Football Club) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\klkfebohamfpnogcdjenobkgeofbidpe [2014-01-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Skype Click to Call) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-06-24]
CHR Extension: (WeatherBug) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2014-09-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [bgnnidmnbdkmhfkjgdnngciimpdgohok] - C:\Program Files\LSHunter.TV\stv11.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-05-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-1851843919-258154983-2237051013-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kljghhlcggnhofdcnlkelobcehdbnfnd] - C:\Users\Ailsa\AppData\Roaming\Nectar Search Toolbar\Toolbar_production_61465_102.crx [2013-01-03]
StartMenuInternet: Google Chrome - C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-12] (Symantec Corporation)
R2 CouponPrinterService; C:\Program Files\Coupon Printer\CouponPrinterService.exe [154096 2014-12-03] (Coupons.com Inc.)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [457512 2007-04-26] (HiTRSUT)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-04-23] (Acer Inc.) [File not signed]
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [135168 2007-06-14] (Acer Inc.) [File not signed]
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-06-29] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-04-06] (Memeo)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [107008 2006-11-24] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-04-03] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [8704 2011-11-03] (Memeo) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-06-13] (acer) [File not signed]
S2 CLTNetCnService; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
S2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [X]
S2 LiveUpdate Notice Ex; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-19] (Microsoft Corporation)
R2 int15; C:\Windows\system32\drivers\int15.sys [76584 2007-03-03] ()
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2007-06-25] (NewTech Infosystems, Inc.) [File not signed]
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [20776 2007-04-26] (HiTRUST)
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [16680 2007-04-26] (HiTRUST)
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [60712 2007-04-26] (HiTRUST)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-02-08] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-07-28] (Duplex Secure Ltd.)
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-03] (Cyberlink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-18 09:03 - 2015-09-18 09:04 - 00000000 ____D C:\Users\Ailsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2015-09-15 12:56 - 2015-09-15 12:57 - 00000000 ____D C:\Program Files\GUMDEB0.tmp
2015-09-15 12:56 - 2015-09-15 12:56 - 06420480 _____ C:\Program Files\GUTDEB1.tmp
2015-09-10 04:17 - 2015-09-10 04:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-10 04:17 - 2015-09-10 04:17 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-09-10 03:41 - 2015-08-13 15:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-10 03:41 - 2015-08-13 15:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-10 03:40 - 2015-09-02 22:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 03:40 - 2015-09-02 22:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 03:37 - 2015-07-10 15:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-10 03:35 - 2015-09-02 22:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 03:35 - 2015-09-02 20:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 03:35 - 2015-09-02 20:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 03:34 - 2015-08-05 16:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 13:37 - 2015-08-17 18:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 13:37 - 2015-08-17 18:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 13:37 - 2015-08-17 18:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 13:37 - 2015-08-17 18:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 13:37 - 2015-08-17 18:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 13:37 - 2015-08-17 18:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 13:37 - 2015-08-17 18:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 13:37 - 2015-08-17 18:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 13:37 - 2015-08-17 18:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-09 13:37 - 2015-08-17 18:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-09 13:37 - 2015-08-17 18:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-09 13:37 - 2015-08-17 18:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-05 12:46 - 2015-09-05 12:46 - 00000000 ____D C:\Users\Ailsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-31 17:35 - 2015-08-31 17:35 - 256375935 _____ C:\Windows\MEMORY.DMP
2015-08-31 17:35 - 2015-08-31 17:35 - 00143368 _____ C:\Windows\Minidump\Mini083115-01.dmp
2015-08-31 16:22 - 2015-09-18 10:51 - 00000000 ____D C:\FRST
2015-08-31 16:20 - 2015-08-31 16:20 - 00000207 _____ C:\Windows\tweaking.com-regbackup-AILSAS_LAPTOP-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-08-31 16:19 - 2015-08-31 16:19 - 00000000 ____D C:\RegBackup
2015-08-31 16:18 - 2015-08-31 16:18 - 00002020 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-08-31 16:18 - 2015-08-31 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-08-31 16:18 - 2015-08-31 16:18 - 00000000 ____D C:\Program Files\Tweaking.com
2015-08-31 11:02 - 2015-08-31 11:02 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-31 11:02 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-31 10:55 - 2015-09-18 09:02 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-08-31 10:55 - 2015-09-16 00:30 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-08-31 10:55 - 2015-09-01 17:00 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-08-31 10:54 - 2015-08-31 10:54 - 00001974 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-31 10:54 - 2015-08-31 10:54 - 00001962 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-31 10:54 - 2015-08-31 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-31 10:54 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-08-31 10:53 - 2015-09-09 10:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-31 10:53 - 2015-08-31 11:10 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-08-31 10:45 - 2015-08-31 10:47 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ailsa\Downloads\spybot-2.4.exe
2015-08-23 23:17 - 2015-08-23 23:17 - 00001730 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-08-23 23:17 - 2015-08-23 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-23 23:16 - 2015-08-23 23:17 - 00000000 ____D C:\Program Files\QuickTime
2015-08-22 09:59 - 2015-08-22 09:59 - 00079324 _____ C:\Users\Ailsa\Downloads\top.htm
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-18 10:56 - 2012-05-02 08:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-18 10:54 - 2007-12-08 10:16 - 01563856 _____ C:\Windows\WindowsUpdate.log
2015-09-18 10:48 - 2013-11-06 21:24 - 04080640 _____ C:\Users\Ailsa\Documents\Contacts.pst
2015-09-18 10:36 - 2011-06-23 19:16 - 00000000 ____D C:\Users\Ailsa\AppData\Roaming\Skype
2015-09-18 10:34 - 2015-06-18 22:19 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003UA.job
2015-09-18 10:10 - 2013-06-18 19:58 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-18 09:58 - 2009-07-01 03:40 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003UA.job
2015-09-18 09:42 - 2015-05-14 19:09 - 00000000 ___RD C:\Users\Ailsa\Dropbox
2015-09-18 09:42 - 2015-05-14 19:06 - 00000000 ____D C:\Users\Ailsa\AppData\Roaming\Dropbox
2015-09-18 09:24 - 2015-06-18 22:19 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003Core.job
2015-09-18 09:09 - 2009-03-31 22:14 - 00000000 ____D C:\Users\Ailsa\AppData\Local\Spotify
2015-09-18 09:09 - 2006-11-02 11:33 - 00826598 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-18 09:08 - 2009-03-31 22:14 - 00000000 ____D C:\Users\Ailsa\AppData\Roaming\Spotify
2015-09-18 09:05 - 2009-03-14 13:09 - 00000000 ____D C:\Users\Ailsa\Tracing
2015-09-18 09:02 - 2013-06-18 19:57 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-18 09:02 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-18 09:02 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-18 09:02 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-18 00:49 - 2013-05-30 21:17 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-09-18 00:49 - 2006-11-02 14:01 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-17 23:58 - 2009-07-01 03:40 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003Core.job
2015-09-17 18:18 - 2013-03-11 23:39 - 00000000 ____D C:\Program Files\Digiguide TV Guide
2015-09-13 12:03 - 2009-06-14 20:18 - 00000000 ____D C:\Users\Ailsa\AppData\Local\Google
2015-09-10 04:32 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-09-10 04:18 - 2011-06-23 19:15 - 00000000 ____D C:\ProgramData\Skype
2015-09-10 04:17 - 2011-06-23 19:15 - 00000000 ___RD C:\Program Files\Skype
2015-09-10 04:05 - 2006-11-02 13:47 - 00373896 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 04:00 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 03:43 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-10 03:04 - 2013-07-12 03:02 - 00000000 ____D C:\Windows\system32\MRT
2015-08-31 17:35 - 2009-02-04 06:34 - 00000000 ____D C:\Windows\Minidump
2015-08-29 09:56 - 2014-08-21 07:35 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-08-29 09:55 - 2014-08-21 07:35 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-26 18:36 - 2006-11-02 11:24 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Files in the root of some directories =======
2015-09-15 12:56 - 2015-09-15 12:56 - 6420480 _____ () C:\Program Files\GUTDEB1.tmp
2009-07-28 01:22 - 2015-05-13 19:08 - 0000680 _____ () C:\Users\Ailsa\AppData\Local\d3d9caps.dat
2008-12-26 14:21 - 2015-06-15 01:11 - 0069120 _____ () C:\Users\Ailsa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-25 13:49 - 2015-07-25 13:49 - 0000000 _____ () C:\Users\Ailsa\AppData\Local\{A390C561-132B-4817-96C2-A2C5C5CB0D34}
2009-01-16 20:59 - 2009-01-16 21:01 - 0008999 _____ () C:\ProgramData\LUUnInstall.LiveUpdate
Some files in TEMP:
====================
C:\Users\Ailsa\AppData\Local\temp\AdobeUpdater12345.exe
C:\Users\Ailsa\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpumgcx3.dll
C:\Users\Ailsa\AppData\Local\temp\GURAEB0.exe
C:\Users\Ailsa\AppData\Local\temp\jre-8u60-windows-au.exe
C:\Users\Ailsa\AppData\Local\temp\NOSEventMessages.dll
C:\Users\Ailsa\AppData\Local\temp\RtkBtMnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-18 09:10
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-08-2015
Ran by Ailsa (2015-08-31 16:26:52)
Running from C:\Users\Ailsa\Downloads\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1851843919-258154983-2237051013-500 - Administrator - Disabled)
Ailsa (S-1-5-21-1851843919-258154983-2237051013-1003 - Administrator - Enabled) => C:\Users\Ailsa
Guest (S-1-5-21-1851843919-258154983-2237051013-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4oD (HKLM\...\4oD) (Version: 2.0.23.0 - Channel 4 Television Corporation and 4 Ventures Limited)
4oD (Version: 2.0.23.0 - Channel 4 Television Corporation and 4 Ventures Limited) Hidden
Acer Crystal Eye webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.7.28.500-1.0 - Sonix)
Acer Crystal Eye webcam (HKLM\...\{AA047D7C-5E7C-4878-B75C-77589151B563}) (Version: 1.0.11 - SUYIN)
Acer eDataSecurity Management (HKLM\...\{AEEAE013-92F1-4515-B278-139F1A692A36}) (Version: 2.5.4241 - HiTRUST Inc.)
Acer eLock Management (HKLM\...\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}) (Version: 2.5.4008 - Acer Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4010 - Acer Inc.)
Acer eNet Management (HKLM\...\{C06554A1-2C1E-4D20-B613-EE62C79927CC}) (Version: 2.6.4008 - Acer Inc.)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.5.4018 - Acer Inc.)
Acer ePresentation Management (HKLM\...\{BF839132-BD43-4056-ACBF-4377F4A88E2A}) (Version: 2.5.4002 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4011 - Acer Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.68.622 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 1.0.3003 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 2.11.20070515 - Acer Inc.)
Acer Tour (HKLM\...\{94389919-B0AA-4882-9BE8-9F0B004ECA35}) (Version: 2.0.1003 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
AGEIA PhysX v7.11.13 (HKLM\...\{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}) (Version: 7.11.13 - AGEIA Technologies, Inc.)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}) (Version: 10.15.10 - Broadcom Corporation)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Canon MP250 series User Registration (HKLM\...\Canon MP250 series User Registration) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer (HKLM\...\Coupon Printer2.2.1.1) (Version: 2.2.1.1 - Coupons.com Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DataLoad (HKLM\...\DataLoad) (Version: 5.4.1.0 - JD Stuart Ltd)
Digiguide TV Guide (HKLM\...\Digiguide TV Guide) (Version: - GipsyMedia Limited)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
DYMO Label Software (HKLM\...\DYMO Label Software) (Version: - )
DYMO LabelWriter Drivers (HKLM\...\{CE16D92B-50F3-4FC5-B29C-13FAFEE1A6C6}) (Version: 8.3.0.443 - Sanford L.P.)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Geeks Toy - Betdaq (HKLM\...\{3E4BCE99-B746-4BA8-A8DB-BA49AD2A7044}) (Version: 1.3.7 - The Geek)
GhostMouse (HKLM\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Chrome (HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Photos Backup (HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Google Photos Backup) (Version: 1.1.0.239 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{35C0A1E4-D02A-412C-841F-266DBB116ABB}) (Version: 12.02.0000 - Intel(R) Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
JDiskReport 1.4.0 (HKLM\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (Version: 1.4.142.1 - http://www.lightscribe.com) Hidden
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
LiveUpdate Notice (Symantec Corporation) (HKLM\...\{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}) (Version: 1.4.5 - Symantec Corporation)
Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7916 - Memeo Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access 2003 (HKLM\...\{90150409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mp3tag v2.66 (HKLM\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nectar Search Toolbar (HKU\S-1-5-21-1851843919-258154983-2237051013-1003\...\Nectar Search Toolbar) (Version: - )
Nectar Toolbar (HKLM\...\Nectar Toolbar) (Version: 0.4.25 - AIMIA Coalition Loyalty UK Ltd)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (Version: 3.8.54.0 - Nokia) Hidden
NTI Backup NOW! 4.7 (HKLM\...\{67ADE9AF-5CD9-4089-8825-55DE4B366799}) (Version: 4 - NewTech Infosystems)
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NTI Shadow (HKLM\...\InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}) (Version: 3.7.6.31 - NewTech Infosystems)
NTI Shadow (Version: 3.7.6.31 - NewTech Infosystems) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Perfect Keyboard (HKLM\...\Perfect Keyboard) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.32.2811h.0 - CyberLink Corporation)
QuickMac (HKLM\...\{9B5E08A5-DBDB-40F6-9BBC-366CB1A7B82A}) (Version: 4.6 - Azad Ratzki)
QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5423 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1548 - Memeo Inc.)
Secure Download Manager (HKLM\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Toolbars (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Skype™ 7.7 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spotify (HKLM\...\Spotify) (Version: 0.3.13 - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.0.3.0 - Synaptics)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}) (Version: 2.00.0002 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0001 - Texas Instruments Inc.) Hidden
TIPCI (Version: 2.00.0002 - Texas Instruments Inc.) Hidden
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 3.2.0 - Tweaking.com)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ailsa\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.27.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ailsa\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.1\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.28.13\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1851843919-258154983-2237051013-1003_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Ailsa\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
29-08-2015 10:06:07 Windows Update
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07C23750-7655-4BB2-8F05-5862CBE453A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-15] (Adobe Systems Incorporated)
Task: {14399D7D-8C0E-4DCE-AF59-5AD2896B39E3} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1A150E69-8C9A-4235-9473-F0CD7EE3780B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003UA => C:\Users\Ailsa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1BA4E51A-2EA3-4BA6-B068-892D94A21940} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {231B9B2D-AE21-45C4-82A6-23991405DECD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003Core => C:\Users\Ailsa\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {32F9455D-B6B4-43A3-936B-0342131A92E5} - System32\Tasks\{6DB105D4-208F-4E72-B27B-9AB836537FA5} => C:\Program Files\Skype\\Phone\Skype.exe [2015-07-28] (Skype Technologies S.A.)
Task: {3F7D771E-6931-4998-8E6F-4DB94BB708FC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003Core => C:\Users\Ailsa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {43559459-78C4-4390-8124-8BCE610D0312} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003UA => C:\Users\Ailsa\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {6ACDDC89-9EE4-4F72-A017-9C28B5DEC489} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6B682E46-86E4-4126-B2C8-C757C36F7E4E} - \{22116563-108C-42c0-A7CE-60161B75E508} -> No File <==== ATTENTION
Task: {7BB79B0D-1B22-46F3-9F80-6695C8C994A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7F16C5BC-BF5A-4B5D-AA02-881546AA5E60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {8973136A-56CF-440C-99F9-5996447B882C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A2B20511-6485-44D4-A9C4-E56EA6398679} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {EC39891C-E364-470C-B83B-88B98B9BD5DB} - \{35DC3473-A719-4d14-B7C1-FD326CA84A0C} -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003Core.job => C:\Users\Ailsa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003UA.job => C:\Users\Ailsa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003Core.job => C:\Users\Ailsa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1851843919-258154983-2237051013-1003UA.job => C:\Users\Ailsa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
==================== Loaded Modules (Whitelisted) ==============
2008-10-16 16:57 - 2008-10-16 16:57 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2007-04-26 01:30 - 2007-04-26 01:30 - 00063488 _____ () C:\Windows\system32\ShowErrMsg.dll
2007-04-26 01:31 - 2007-04-26 01:31 - 00028672 _____ () C:\Windows\system32\BatchCrypto.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-31 10:53 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-31 10:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2007-12-08 10:35 - 2006-11-24 21:57 - 00107008 _____ () C:\Acer\Mobility Center\MobilityService.exe
2007-12-08 10:35 - 2006-10-24 19:54 - 00033280 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2007-12-08 10:31 - 2007-04-03 07:07 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2007-12-08 10:35 - 2007-06-29 03:50 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
2007-12-08 10:35 - 2007-06-29 03:50 - 00114688 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
2007-12-08 10:35 - 2007-06-29 03:50 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
2007-12-08 10:35 - 2007-06-29 03:50 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
2007-12-08 10:35 - 2007-06-29 03:50 - 00006656 _____ () C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
2007-12-08 11:06 - 2003-06-07 22:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll
2012-11-30 03:06 - 2012-11-30 03:06 - 01263512 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2012-11-30 03:07 - 2012-11-30 03:07 - 00100248 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 08507232 _____ () C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02354016 _____ () C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01014624 _____ () C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00364384 _____ () C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02480992 _____ () C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01346912 _____ () C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00206176 _____ () C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02653024 _____ () C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00033120 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qgif4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00035680 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qico4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00207200 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 11166560 _____ () C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00276832 _____ () C:\Program Files\Nokia\Nokia Suite\phonon4.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00392552 _____ () C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00059752 _____ () C:\Program Files\Nokia\Nokia Suite\securestorage.dll
2014-11-19 12:47 - 2014-11-19 12:47 - 00438624 _____ () C:\Program Files\Nokia\Nokia Suite\NService.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00446304 _____ () C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00520544 _____ () C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00720736 _____ () C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
2014-11-19 12:46 - 2014-11-19 12:46 - 00606560 _____ () C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00093024 _____ () C:\Program Files\Nokia\Nokia Suite\qjson.dll
2015-08-29 08:34 - 2015-08-29 08:34 - 00071168 _____ () c:\users\ailsa\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr8kosx.dll
2007-12-08 10:30 - 2007-07-24 19:39 - 00208896 _____ () C:\Acer\Empowering Technology\EPOWER\SysHook.dll
2007-06-25 02:57 - 2007-08-29 19:35 - 00057344 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
2007-06-25 02:57 - 2007-08-29 19:34 - 00024576 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
2007-12-08 10:30 - 2007-04-12 01:42 - 00307200 _____ () C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
2007-12-08 10:33 - 2007-05-24 18:53 - 00679936 _____ () C:\Acer\Empowering Technology\eLock\eLockCTL.dll
2007-12-08 10:34 - 2007-02-13 15:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
2007-12-08 10:35 - 2007-06-29 03:50 - 00028672 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
2007-12-08 10:35 - 2007-06-29 03:50 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
2007-12-08 10:35 - 2007-06-29 03:50 - 03420160 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
2007-12-08 10:35 - 2007-06-29 03:50 - 00155648 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
2007-12-08 10:31 - 2007-06-14 01:56 - 00249856 ____R () C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
2007-12-08 10:31 - 2007-06-14 01:48 - 00339968 ____R () C:\Acer\Empowering Technology\eNet\eNMWidget.dll
2007-06-25 02:57 - 2007-04-15 02:29 - 00331776 _____ () C:\Acer\Empowering Technology\ScrollBarLib.dll
2011-11-03 19:09 - 2011-11-03 19:09 - 00102912 _____ () C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
2011-11-03 19:10 - 2011-11-03 19:10 - 00025600 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2011-11-03 19:10 - 2011-11-03 19:10 - 00015360 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.TroubleshootingPlugin.dll
2011-11-03 19:10 - 2011-11-03 19:10 - 00014848 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.VideoTutorialsPlugin.dll
2011-04-06 16:22 - 2011-04-06 16:22 - 00325344 _____ () C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
2011-04-06 16:22 - 2011-04-06 16:22 - 02896608 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
2011-04-06 16:22 - 2011-04-06 16:22 - 00027360 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 23:59 - 2010-03-22 23:59 - 00504293 _____ () C:\Program Files\Memeo\AutoBackup\sqlite3.dll
2010-04-20 18:22 - 2010-04-20 18:22 - 00241664 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2010-04-20 18:22 - 2010-04-20 18:22 - 00971776 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2014-04-15 21:34 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-15 21:34 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Ailsa\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-08-31 10:53 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-31 10:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-31 10:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1851843919-258154983-2237051013-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{0F44D612-2F4F-47CF-AA11-223F93757F53}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{8D977D6E-527B-4FE3-A992-3FA5C84F0BCE}] => (Allow) C:\Program Files\Kontiki\KService.exe
FirewallRules: [{9C7519EB-8881-4559-A4D5-9468FE1B5252}] => (Allow) C:\Program Files\Kontiki\KService.exe
FirewallRules: [{B1AE48CA-808D-4565-80C6-C5A1F5E8FC3E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F9DEBD7F-2C38-40B1-8998-3F16854211CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8B6E4768-C059-488E-BEC6-F7A228ECB867}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [UDP Query User{F3A93B19-C052-44C1-BE2B-DF0A9290E221}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [TCP Query User{8C53144D-2C4F-4D87-B10E-03A58F1A9981}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [UDP Query User{F1D188D0-8E0F-4028-A15D-01ACAE4507C3}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [TCP Query User{DAFDD46E-51F5-47C6-87F1-56BA208A04B8}C:\program files\ubisoft\lost via domus\yeti_final_win32.exe] => (Allow) C:\program files\ubisoft\lost via domus\yeti_final_win32.exe
FirewallRules: [UDP Query User{AFCAD42F-AAC0-4E92-81EE-FC7AE8AE6F53}C:\program files\ubisoft\lost via domus\yeti_final_win32.exe] => (Allow) C:\program files\ubisoft\lost via domus\yeti_final_win32.exe
FirewallRules: [{A72871BD-DE75-48C5-B6C2-771D3759DD0D}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [{5C9DDA3F-255F-42D3-912A-862EC0DA63CA}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [{37A345BF-3707-4351-B5D0-BF6865962E47}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D7123290-6FD2-4370-B713-2BC8423D0DEF}] => (Allow) svchost.exe
FirewallRules: [{40C629F4-6600-47D9-9E2B-00DC2C8C27E2}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{332DC154-6237-4900-9911-7D741BA5E56D}] => (Allow) LPort=80
FirewallRules: [{A8B831DA-68CD-48D6-9623-A376FE7AE7B1}] => (Allow) LPort=80
FirewallRules: [{C88F560F-66F2-46A7-A20B-530551E0F8AA}] => (Allow) LPort=80
FirewallRules: [{E7D6A98B-4BF0-4C67-AE7C-999419033E49}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{134A29F9-FDB1-4436-9395-AE651A7B881F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{207DD8A4-3B08-41D2-9E44-8CA37AD5333F}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C57CAC97-8C0F-4798-B870-FBC3190C0903}] => (Allow) LPort=2869
FirewallRules: [{0F5180E0-1ACE-4EAD-83EA-D1D19F5B6AC1}] => (Allow) LPort=1900
FirewallRules: [{9A354FE2-C26A-4482-AF96-36A3BE7129DA}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{ACB480A2-1E7F-4AE6-B52A-95426B2887EB}C:\users\ailsa\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ailsa\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{98C6E45E-D004-4CF4-BCEE-072713EF56B4}C:\users\ailsa\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ailsa\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4D7982C0-35AE-4821-983B-74CE1302D186}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{B5352EBE-6711-4DB5-A6C2-ED762D9D9762}C:\users\ailsa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ailsa\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{385D8A1D-2458-4749-B6C1-8A245AEF909B}C:\users\ailsa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ailsa\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B273256F-2896-463D-B3DE-2D3AD4805B7A}C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{5E85D4E7-55D1-44F6-A21A-B38AB248E8E4}C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{0859884F-FAD7-4A26-834C-32E13E03EA24}C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D42FF727-1885-4D0B-87F7-8F5CDC069EF7}C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\ailsa\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{53D4BF09-C6FE-4CD7-9749-7A004CF435AD}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C24BCC73-A1F4-49CA-A013-968D9A56DF77}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{203E85BC-C86C-4467-BD15-50BC2B3087CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E48A8750-F94C-4F34-8CD7-7B607F1E363A}] => (Allow) C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
FirewallRules: [TCP Query User{C087FDEA-F47C-4212-8595-BF6044EA386E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{871425BC-AD01-4667-BB45-04147E067B99}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{BBCEB98F-3C62-4091-B116-DB254D1D50D2}C:\program files\digiguide tv guide\digiguide.exe] => (Allow) C:\program files\digiguide tv guide\digiguide.exe
FirewallRules: [UDP Query User{99FEE6D1-0C41-457B-BBF2-07A967A37FBA}C:\program files\digiguide tv guide\digiguide.exe] => (Allow) C:\program files\digiguide tv guide\digiguide.exe
FirewallRules: [{4C4B13B3-56CE-4E7A-BDD0-43142F21CB6D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9441AC52-9983-4B3E-8DBC-C429F89882D8}] => (Allow) C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C6E2C2B1-C2FE-49A3-A9C3-0210AC09CE8F}] => (Allow) C:\Users\Ailsa\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{F9E20622-979C-4F96-BE2E-BFB3E0CA57B5}C:\users\ailsa\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ailsa\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FFD8AACD-F3EA-4E11-9E40-7F8B6F7E8DFD}C:\users\ailsa\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ailsa\appdata\roaming\dropbox\bin\dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/31/2015 03:39:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4038055
Error: (08/31/2015 03:39:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4038055
Error: (08/31/2015 03:39:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/31/2015 03:39:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4036901
Error: (08/31/2015 03:39:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4036901
Error: (08/31/2015 03:39:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/31/2015 03:39:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4035855
Error: (08/31/2015 03:39:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4035855
Error: (08/31/2015 03:39:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/31/2015 03:39:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4034857
System errors:
=============
Error: (08/30/2015 10:21:41 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 115.13.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (08/30/2015 10:21:40 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.205.998.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (08/30/2015 10:21:40 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.205.998.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (08/30/2015 10:21:36 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.205.998.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (08/30/2015 10:21:36 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.205.998.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (08/29/2015 09:55:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
Error: (08/29/2015 09:55:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 120000Windows Search
Error: (08/29/2015 09:55:09 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (08/29/2015 08:38:29 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 10.141.91.34 for the Network Card with network address 001CBF63CAA3 has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent a DHCPNACK message).
Error: (08/29/2015 08:32:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: eRecovery Service%%2
Microsoft Office:
=========================
Error: (08/31/2015 03:39:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4038055
Error: (08/31/2015 03:39:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4038055
Error: (08/31/2015 03:39:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/31/2015 03:39:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4036901
Error: (08/31/2015 03:39:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4036901
Error: (08/31/2015 03:39:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/31/2015 03:39:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4035855
Error: (08/31/2015 03:39:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4035855
Error: (08/31/2015 03:39:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/31/2015 03:39:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4034857
CodeIntegrity:
===================================
Date: 2012-04-30 22:21:39.037
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-04-30 22:21:38.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-04-30 22:21:38.428
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-04-30 22:21:38.179
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-04-30 22:21:37.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2011-08-13 19:47:36.778
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2011-08-13 19:47:36.621
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2011-08-13 19:47:36.492
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2011-08-13 19:47:36.369
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2011-08-13 19:47:36.180
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
Percentage of memory in use: 81%
Total physical RAM: 2037.68 MB
Available physical RAM: 386.67 MB
Total Virtual: 4896.2 MB
Available Virtual: 1231.63 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:69.65 GB) (Free:3.41 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:69.64 GB) (Free:10.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: D4E33358)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=69.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=69.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-09-18 11:06:30
-----------------------------
11:06:30.061 OS Version: Windows 6.0.6002 Service Pack 2
11:06:30.062 Number of processors: 2 586 0xF0A
11:06:30.063 ComputerName: AILSAS_LAPTOP UserName: Ailsa
11:07:16.126 Initialize success
11:07:16.991 VM: initialized successfully
11:07:16.992 VM: Intel CPU supported
11:07:35.666 VM: disk I/O iaStor.sys
11:12:55.715 AVAST engine defs: 15091800
11:14:59.362 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
11:14:59.367 Disk 0 Vendor: WDC_WD16 04.0 Size: 152627MB BusType: 3
11:14:59.510 Disk 0 MBR read successfully
11:14:59.515 Disk 0 MBR scan
11:14:59.751 Disk 0 unknown MBR code
11:14:59.773 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
11:14:59.801 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71317 MB offset 20482048
11:14:59.852 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71308 MB offset 166539264
11:14:59.887 Disk 0 scanning sectors +312578048
11:15:00.125 Disk 0 scanning C:\Windows\system32\drivers
11:15:56.285 Service scanning
11:16:34.447 Service MpKsle71b1bcf C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{214E977A-265D-428E-BC42-670136E5DCE3}\MpKsle71b1bcf.sys **LOCKED** 32
11:17:26.173 Modules scanning
11:17:26.184 Disk 0 trace - called modules:
11:17:26.279 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys tcpip.sys NETIO.SYS
11:17:26.288 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ec64a0]
11:17:26.297 3 CLASSPNP.SYS[883c48b3] -> nt!IofCallDriver -> [0x84e69860]
11:17:26.305 5 acpi.sys[806a46bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84e5d030]
11:17:28.992 AVAST engine scan C:\Windows
11:17:41.037 AVAST engine scan C:\Windows\system32
11:27:51.232 AVAST engine scan C:\Windows\system32\drivers
11:28:51.216 AVAST engine scan C:\Users\Ailsa
12:28:06.826 AVAST engine scan C:\ProgramData
12:33:29.381 Disk 0 statistics 3798327/0/0 @ 0.72 MB/s
12:33:29.395 Scan finished successfully
12:35:10.393 Disk 0 MBR has been saved successfully to "C:\Users\Ailsa\Downloads\Desktop\MBR.dat"
12:35:10.458 The log file has been saved successfully to "C:\Users\Ailsa\Downloads\Desktop\aswMBR.txt"
Last edited by tashi; 2015-09-19 at 01:04.
Reason: Added link
-
-
-
This thread will now be closed for lack of response for the second time. Understand that it takes time to evaluate your logs, come up with some sort of solution , post the solution to you and get no response back TWICE, there will not be a third time.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
