Windows will not Load Nokia Suite.

[Slumdog]

Hi, My laptop decided to turn itself off and now It will not boot up again.

I have tried safe mode, repair mode, go back to last known working mode; nothing works.

I have tried repair mode but it will not run, the countdown timer just re-sets to 30 seconds.

In safe mode etc, it loads the drivers then says please wait........nothing happens.

At the moment, it is trying to start normally and for the last 20 minutes, all I have is The "@Microsoft Corporation" page with the loading dots going across the screen.

 

Thank you for any advice you can give me.

Gary.

[DSTM]

Hi Gary. Looks like Windows can't find the Hard Drive. Has the Laptop been bumped at all?

I would hook up the Hard Drive to a working computer via a docking station and run CheckDisk on the Hard Drive.

[Slumdog]

No, not bumped at all.

It started fine this morning then when it was turned off without closing down properly, it will not do anything.

[Slumdog]

I have just tried again in safe mode and it loads a lot of drivers until it gets to:

 

Windows\system32\DRIVERS\avgidshx.sys

 

then stops. At the bottom of the screen it says "please wait" but I presume it doesn't mean indefinitely? !!

[DSTM]

I wasn't aware of an incorrect shut down. If you have an OS install disc then try method 2 here from Microsoft Community.

Repair my computer will be at the bottom so look carefully for "Repair my Computer"

 

http://answers.microsoft.com/en-us/windows/forum/windows_7-system/loaded-windowssystem32driversavgidshxsys-and-stops/72666555-ab2e-4569-b844-9187e4a68804

[Slumdog]

I cannot insert a disc when the laptop is off.

When I insert disc when laptop is running, the disc is not recognised in any way.

[DSTM]

Insert the disc while running,leave the disc in, shut down the laptop and reboot. If it doesn't boot off the disc then go into the Bios and set your boot order to boot off the CD first.

[Slumdog]

The only way I can turn it off is by holding the power button down. It doesn't re-boot which is the whole problem.

Where is BIOS?

As it says under my name, I am pretty basic. Sorry.

[Plastic Nev]

Hi Gary, if you can tell us the make and model we can be sure, however a lot of laptops have a boot order page as well which can be the F2 key or sometimes the F10 key, either way you can set the disk drive to be selected to boot from by moving up and down the list. Instructions are usually on the relevant page as to how to change the boot order.

 

Nev.

[Slumdog]

thanks for all your help guys.

Somehow I worked through it myself and was able to finally run the cd which somehow rectified the problem.

Start up is very slow now though and, aswell as my own log in, there is a seperate one for administrator.

Also Windows Vista appearance keeps disappearing and resets as windows classic.

i can live with that though.

Thanks again.

[Starbuck]

Hi Slumdog,

 

If you want us to run some diagnostic scans on the system, they may help to throw some light on the problem.

Just let us know and we'll be only too glad to help.

[Ray1000]

Start up is very slow now

 

Left click the Start Orb in the bottom left and type in the search box - msconfig - then press enter.

 

Click "Start Up" in the new window and let us know how many entries are ticked.

 

Ray

 

Edit ... Sorry Pete, I was posting at the same time.

[KenB]

Hi Slumdog

 

To get rid of the Administrator login account try the following:

 

Start ....type in ....cmd ....right click on ...cmd.exe ... that appears top left.

Click on "Run as Administrator"

At the prompt ( black background ) type ..... net user Administrator active:no ..... hit ENTER [ there is a colon before "no" ]

 

See if this hides it for you.

[Slumdog]

Hi Starbuck (again!!), Please could we run some diagnostic scans.

 

Ray1000, there are three boxes ticked. Two microsoft and one AVG.

 

Thanks KenB, I'll see what happens when I re-start it. But I don't like re-starting too often because it changes my desktop every time!!

[Starbuck]

Please could we run some diagnostic scans.

No problem.

 

Note:

There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.

 

If you are unsure what you're system bit type is..... click Here for help.

 

For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.

 

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.

 

• Double-click the downloaded icon to run the tool.
   
  http://img.photobucket.com/albums/v708/starbuck50/frsticon_zpsdc3cbdc3.png
   
  
• When the tool opens click Yes to disclaimer.
   
  http://img.photobucket.com/albums/v708/starbuck50/frstdis_zps7f598f12.png
   
  
• Make sure that Addition.txt is selected at the bottom
  
• Press Scan button.
   
  http://img.photobucket.com/albums/v708/starbuck50/frst_zps6548371f.png
   
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  
• The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
  

 

 

Let me have both reports, it should give us a good idea of any problems.

 

Thanks

[Slumdog]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014 02

Ran by garysmithafc (administrator) on LAPTOP on 02-05-2014 00:44:37

Running from C:\Users\garysmithafc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DSMNU0B

Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

() C:\Windows\System32\WLTRYSVC.EXE

(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe

() C:\Program Files\Hotspot Shield\bin\hsswd.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe

(IDT, Inc.) C:\Windows\System32\stacsv.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

(Huawei Technologies Co., Ltd.) C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe

(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

() C:\Users\garysmithafc\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Huawei Technologies Co., Ltd.) C:\Users\garysmithafc\AppData\Roaming\T-Mobile Internet Manager\ouc.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

 

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DataCardMonitor] => C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe [253952 2012-05-26] (Huawei Technologies Co., Ltd.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-3510410515-3114074607-2372607737-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-3510410515-3114074607-2372607737-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig

SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =

SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3323875&octid=EB_ORIGINAL_CTID&ISID=M8F92EAA2-EFAD-4432-8403-30E8F89D1C1F&SearchSource=58&CUI=&UM=5&UP=SP538F9DE4-BBBE-46E6-9FB0-3A19B4D03568&q={searchTerms}&SSPV=

SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=BLT&o=15554&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=HH&apn_dtid=YYYYYYGAGB&apn_uid=F0D5B4F9-D54E-470E-B071-EE74952B1678&apn_sauid=908C6D78-5285-449A-8AD4-D369965D2873

SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F61F26B1-9006-48EA-AAF1-6913D0EDD9BB}&mid=acff693b357847d39634d156a7059b0e-07aa74e469bbdacc1d66871e4d57ca5f576b4efa&lang=en&ds=AVG&pr=fr&d=2013-09-20 17:43:05&v=17.1.2.1&pid=avg&sg=12&sap=dsp&q={searchTerms}

SearchScopes: HKCU - {96A9E1EC-B58E-4562-BAE7-F79E71ACEF34} URL = https://www.flickr.com/search/?q=%7BsearchTerms%7D

SearchScopes: HKCU - {9BCE324A-85C7-4461-A177-5C43111827FD} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9

SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://inboxtoolbar.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80150&lng=en

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File

DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{6CF01016-9473-408F-BF3A-FDD1FDDC080A}: [NameServer]8.8.8.8

FireFox:

========

FF ProfilePath: C:\Users\garysmithafc\AppData\Roaming\Mozilla\Firefox\Profiles\w8lqr85o.default

FF user.js: detected! => C:\Users\garysmithafc\AppData\Roaming\Mozilla\Firefox\Profiles\w8lqr85o.default\user.js

FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");

FF Homepage: about:home

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll No File

FF Plugin: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\garysmithafc\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\garysmithafc\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)

FF Extension: Microsoft .NET Framework Assistant - C:\Users\garysmithafc\AppData\Roaming\Mozilla\Firefox\Profiles\w8lqr85o.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-09-20]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-30]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-30]

FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2014-04-30]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\

FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon

FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-05-26]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://www.google.com/"

CHR DefaultSearchKeyword: google.co.uk

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Unity Player) - C:\Users\garysmithafc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\garysmithafc\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File

CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (Facebook for Desktop) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\beigfmnnhaciohpncoecphcmekklgffh [2013-10-05]

CHR Extension: (PartyCloud DJ) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko [2013-10-05]

CHR Extension: (365Scores) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocaejggjgdmkhmbinicknpbhagkblop [2013-10-05]

CHR Extension: (avast! Online Security) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-08-08]

CHR Extension: (TweetDeck by Twitter) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-10-05]

CHR Extension: (InstaTwit) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhalcamddihdpdgdjkjbgikgobnbbpif [2013-07-24]

CHR Extension: (Until AM Web App) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2013-10-05]

CHR Extension: (Party List Dj (playlist music player)) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnbjmlkceipalmoohcalibhlonbbllli [2013-10-05]

CHR Extension: (WGT Golf Game) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2013-10-05]

CHR Extension: (Google Wallet) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2013-08-22]

CHR HKLM\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files\OnlineHD.TV\onhd11.crx [2013-08-22]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-04-28] (Stardock Corporation)

R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [878888 2013-09-17] (AnchorFree Inc.)

S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-09-17] ()

R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [556840 2013-09-17] ()

S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] ()

R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.)

R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2506752 2008-05-16] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [123160 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-04-18] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [150296 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22296 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-03-27] (AVG Technologies CZ, s.r.o.)

R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [238872 2014-03-27] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [108312 2014-03-31] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [28440 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [211224 2014-03-31] (AVG Technologies CZ, s.r.o.)

R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41160 2013-09-17] (AnchorFree Inc.)

S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2011-01-30] (Huawei Technologies Co., Ltd.)

R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-09-17] (Anchorfree Inc.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]

S0 BMLoad; system32\drivers\BMLoad.sys [X]

U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [235392 2010-12-24] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

 

==================== One Month Created Files and Folders ========

2014-05-02 00:44 - 2014-05-02 00:44 - 00000000 ____D () C:\FRST

2014-05-01 20:21 - 2014-03-08 00:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-05-01 20:21 - 2014-03-07 23:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-05-01 20:21 - 2014-03-07 23:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-05-01 20:21 - 2014-03-07 23:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-05-01 20:21 - 2014-03-07 23:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-05-01 20:21 - 2014-03-07 23:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-01 20:21 - 2014-03-07 23:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-01 20:21 - 2014-03-07 23:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-05-01 20:20 - 2014-03-08 00:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-01 20:20 - 2014-03-08 00:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-05-01 20:20 - 2014-03-08 00:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-05-01 20:20 - 2014-03-08 00:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-05-01 20:20 - 2014-03-08 00:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-05-01 20:20 - 2014-03-08 00:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-05-01 20:20 - 2014-03-07 23:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-05-01 20:20 - 2014-03-07 23:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-05-01 00:49 - 2014-05-01 00:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Avg2014

2014-05-01 00:08 - 2014-05-01 00:09 - 91665264 _____ () C:\Users\Administrator\Desktop\Nokia_Ovi_Suite_webinstaller_ALL.exe

2014-05-01 00:06 - 2014-05-01 00:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014

2014-05-01 00:05 - 2014-05-01 00:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\VS Revo Group

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-04-30 19:51 - 2014-04-30 19:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-29 11:40 - 2014-04-29 11:44 - 00389654 _____ () C:\Users\garysmithafc\Club

2014-04-28 14:00 - 2014-04-28 14:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG2014

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\ProgramData\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ___HD () C:\$AVG

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ____D () C:\ProgramData\AVG2014

2014-04-28 13:56 - 2014-05-01 18:00 - 00000000 ____D () C:\ProgramData\MFAData

2014-04-28 13:56 - 2014-04-28 14:30 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Avg2014

2014-04-28 13:56 - 2014-04-28 13:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\MFAData

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Real

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer

2014-04-28 13:38 - 2014-04-28 13:38 - 00001933 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000911 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000906 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Dell

2014-04-28 13:37 - 2014-04-28 13:38 - 00000000 ____D () C:\Users\Guest

2014-04-28 13:37 - 2014-04-28 13:37 - 00067152 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-28 13:37 - 2014-04-28 13:37 - 00000877 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-28 13:37 - 2014-04-28 13:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini

2014-04-28 13:37 - 2014-04-28 13:37 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore

2014-04-28 13:37 - 2013-09-27 09:24 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\TuneUp Software

2014-04-28 13:37 - 2013-08-08 13:11 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia

2014-04-28 13:37 - 2011-05-17 23:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\SoftThinks

2014-04-28 13:37 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-04-28 13:37 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-26 15:37 - 2014-04-26 15:37 - 08434176 _____ () C:\Users\garysmithafc\Elaine.3gp

2014-04-26 01:23 - 2014-04-26 15:29 - 00002670 _____ () C:\Windows\setupact.log

2014-04-26 01:23 - 2014-04-26 01:23 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-26 01:16 - 2014-04-26 01:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-04-26 01:15 - 2014-04-26 01:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Google

2014-04-26 01:15 - 2014-04-26 01:15 - 00001933 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk

2014-04-26 01:14 - 2014-04-26 01:15 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-04-26 01:02 - 2014-04-26 01:02 - 00067152 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Real

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer

2014-04-26 01:01 - 2014-04-26 01:01 - 00000911 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000906 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000877 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Dell

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator

2014-04-26 01:01 - 2013-09-27 09:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\TuneUp Software

2014-04-26 01:01 - 2013-08-08 13:11 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia

2014-04-26 01:01 - 2011-05-17 23:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\SoftThinks

2014-04-26 01:01 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-04-26 01:01 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-26 00:47 - 2014-04-30 12:04 - 00018346 _____ () C:\Windows\DPINST.LOG

2014-04-25 15:01 - 2014-04-25 15:01 - 00067152 _____ () C:\Users\garysmithafc\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 00:26 - 2014-04-25 00:26 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\Users\Public\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\ProgramData\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\ProgramData\RealNetworks

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\Program Files\Common Files\xing shared

2014-04-25 00:25 - 2014-04-25 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

2014-04-25 00:25 - 2014-04-25 00:25 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll

2014-04-24 17:59 - 2014-04-30 21:29 - 00070646 _____ () C:\Windows\PFRO.log

2014-04-24 17:59 - 2014-04-24 17:59 - 00282152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-24 11:49 - 2014-04-24 11:49 - 00000000 ____D () C:\Windows\system32\Hotspot Shield

2014-04-21 10:10 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-04-21 10:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-04-21 10:10 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-04-21 10:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-04-21 10:07 - 2014-04-21 10:10 - 00004024 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys

2014-04-16 19:00 - 2014-04-16 19:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4814328A-E127-4274-AA2E-2B8AB3CB73CD}

2014-04-16 10:44 - 2014-04-29 10:11 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-16 10:35 - 2014-04-16 10:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-16 10:35 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-16 10:35 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-14 23:52 - 2014-04-14 23:52 - 00000314 _____ () C:\Windows\Tasks\0214dUpdateInfo.job

2014-04-14 23:52 - 2014-04-14 23:52 - 00000000 ____D () C:\ProgramData\Avg_Update_0214d

2014-04-13 23:35 - 2014-04-13 23:35 - 00000000 ____D () C:\MATS

2014-04-13 23:19 - 2014-04-13 23:20 - 00000000 ____D () C:\498ce0fcf4dc88db014a

2014-04-13 23:18 - 2014-04-13 23:21 - 00000000 ____D () C:\8b1bcfd843758430a8a328d0

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\AVG

2014-04-13 18:46 - 2014-04-13 18:56 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-04-13 18:46 - 2014-04-13 18:54 - 00000000 ____D () C:\ProgramData\AVG

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{38536DEA-5E6B-48DC-8818-A5C09B2E3CFC}

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{1C1D8C40-58D0-42CA-93EC-0929B733480E}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{8E467B96-007C-4B2D-952E-BCA02FEF80EA}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{20E0BFED-086A-44F9-ACD0-D5746A9B617B}

2014-04-09 15:38 - 2014-02-06 02:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-02 13:38 - 2014-04-02 13:38 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{0091C485-1F56-4023-90C4-5D084ACF9D65}

2014-04-02 13:37 - 2014-04-02 13:37 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4F7DD441-2E42-4ADD-A316-783B5B84DF71}

2014-04-02 09:04 - 2014-04-02 09:04 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282.job

==================== One Month Modified Files and Folders =======

2014-05-02 00:44 - 2014-05-02 00:44 - 00000000 ____D () C:\FRST

2014-05-02 00:43 - 2013-07-26 21:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-05-02 00:03 - 2010-04-01 11:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-01 23:28 - 2009-11-18 21:02 - 00082200 _____ () C:\ProgramData\nvModes.dat

2014-05-01 23:28 - 2009-11-18 21:02 - 00082200 _____ () C:\ProgramData\nvModes.001

2014-05-01 20:50 - 2006-11-02 11:33 - 00006632 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-01 20:46 - 2008-07-24 20:52 - 01495058 _____ () C:\Windows\WindowsUpdate.log

2014-05-01 20:43 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-01 20:43 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-01 20:43 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-01 20:41 - 2008-07-24 20:53 - 00001076 _____ () C:\Windows\bthservsdp.dat

2014-05-01 20:41 - 2006-11-02 14:01 - 00032654 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-05-01 19:05 - 2010-07-27 23:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\CrashDumps

2014-05-01 18:00 - 2014-04-28 13:56 - 00000000 ____D () C:\ProgramData\MFAData

2014-05-01 00:49 - 2014-05-01 00:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Avg2014

2014-05-01 00:37 - 2009-11-18 17:21 - 00000000 ____D () C:\Users\garysmithafc

2014-05-01 00:35 - 2009-11-18 20:28 - 00000000 ____D () C:\Program Files\Nokia

2014-05-01 00:16 - 2011-05-14 15:57 - 00000000 ____D () C:\Program Files\Common Files\Nokia

2014-05-01 00:09 - 2014-05-01 00:08 - 91665264 _____ () C:\Users\Administrator\Desktop\Nokia_Ovi_Suite_webinstaller_ALL.exe

2014-05-01 00:06 - 2014-05-01 00:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014

2014-05-01 00:05 - 2014-05-01 00:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014

2014-04-30 23:50 - 2010-04-12 17:08 - 00000000 ____D () C:\ProgramData\Nokia

2014-04-30 23:50 - 2010-04-12 16:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Nokia

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\VS Revo Group

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-04-30 21:29 - 2014-04-24 17:59 - 00070646 _____ () C:\Windows\PFRO.log

2014-04-30 21:29 - 2013-04-11 19:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-04-30 19:52 - 2014-04-30 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-30 12:04 - 2014-04-26 00:47 - 00018346 _____ () C:\Windows\DPINST.LOG

2014-04-29 11:44 - 2014-04-29 11:40 - 00389654 _____ () C:\Users\garysmithafc\Club

2014-04-29 10:40 - 2013-08-12 17:12 - 00000000 ____D () C:\Program Files\AVG

2014-04-29 10:11 - 2014-04-16 10:44 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-28 22:29 - 2013-07-26 21:04 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-04-28 22:29 - 2013-07-26 21:04 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-04-28 14:30 - 2014-04-28 13:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Avg2014

2014-04-28 14:00 - 2014-04-28 14:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG2014

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\ProgramData\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ___HD () C:\$AVG

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ____D () C:\ProgramData\AVG2014

2014-04-28 13:59 - 2013-10-11 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-04-28 13:56 - 2014-04-28 13:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\MFAData

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Real

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer

2014-04-28 13:38 - 2014-04-28 13:38 - 00001933 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000911 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000906 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Dell

2014-04-28 13:38 - 2014-04-28 13:37 - 00000000 ____D () C:\Users\Guest

2014-04-28 13:37 - 2014-04-28 13:37 - 00067152 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-28 13:37 - 2014-04-28 13:37 - 00000877 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-28 13:37 - 2014-04-28 13:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini

2014-04-28 13:37 - 2014-04-28 13:37 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore

2014-04-27 23:43 - 2013-07-28 11:02 - 00000000 ____D () C:\Windows\system32\Macromed

2014-04-26 15:37 - 2014-04-26 15:37 - 08434176 _____ () C:\Users\garysmithafc\Elaine.3gp

2014-04-26 15:29 - 2014-04-26 01:23 - 00002670 _____ () C:\Windows\setupact.log

2014-04-26 01:23 - 2014-04-26 01:23 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-26 01:16 - 2014-04-26 01:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-04-26 01:16 - 2014-04-26 01:15 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Google

2014-04-26 01:15 - 2014-04-26 01:15 - 00001933 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk

2014-04-26 01:15 - 2014-04-26 01:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-04-26 01:02 - 2014-04-26 01:02 - 00067152 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Real

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer

2014-04-26 01:01 - 2014-04-26 01:01 - 00000911 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000906 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000877 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Dell

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator

2014-04-26 00:50 - 2009-11-18 20:27 - 00000000 ____D () C:\ProgramData\Installations

2014-04-26 00:28 - 2009-11-18 20:34 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Nokia

2014-04-25 15:01 - 2014-04-25 15:01 - 00067152 _____ () C:\Users\garysmithafc\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 10:11 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Help

2014-04-25 00:26 - 2014-04-25 00:26 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\Users\Public\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\ProgramData\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\ProgramData\RealNetworks

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\Program Files\Common Files\xing shared

2014-04-25 00:26 - 2014-04-25 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

2014-04-25 00:26 - 2012-08-28 16:47 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Real

2014-04-25 00:26 - 2012-08-28 16:47 - 00000000 ____D () C:\Program Files\Real

2014-04-25 00:26 - 2012-08-28 16:45 - 00000000 ____D () C:\ProgramData\Real

2014-04-25 00:25 - 2014-04-25 00:25 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll

2014-04-25 00:25 - 2008-07-24 20:13 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll

2014-04-25 00:25 - 2008-07-24 20:09 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll

2014-04-24 17:59 - 2014-04-24 17:59 - 00282152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-24 17:20 - 2013-03-28 13:01 - 00000000 ____D () C:\found.001

2014-04-24 17:20 - 2012-05-30 21:24 - 00000000 ____D () C:\found.000

2014-04-24 17:20 - 2008-02-04 00:07 - 00000000 ____D () C:\Windows\Panther

2014-04-24 17:16 - 2011-04-30 12:26 - 00000000 ____D () C:\ProgramData\ParetoLogic

2014-04-24 12:16 - 2011-04-30 12:26 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\ParetoLogic

2014-04-24 11:49 - 2014-04-24 11:49 - 00000000 ____D () C:\Windows\system32\Hotspot Shield

2014-04-23 15:27 - 2009-11-18 17:22 - 00000906 _____ () C:\Users\garysmithafc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-23 15:18 - 2009-11-19 20:11 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Adobe

2014-04-21 10:10 - 2014-04-21 10:07 - 00004024 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

2014-04-21 10:10 - 2008-07-24 20:05 - 00000000 ____D () C:\Program Files\Java

2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys

2014-04-16 19:00 - 2014-04-16 19:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4814328A-E127-4274-AA2E-2B8AB3CB73CD}

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-16 10:36 - 2014-04-16 10:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-16 10:36 - 2011-05-24 16:11 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Malwarebytes

2014-04-16 10:35 - 2011-05-24 16:11 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-16 10:35 - 2011-05-24 16:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-04-14 23:52 - 2014-04-14 23:52 - 00000314 _____ () C:\Windows\Tasks\0214dUpdateInfo.job

2014-04-14 23:52 - 2014-04-14 23:52 - 00000000 ____D () C:\ProgramData\Avg_Update_0214d

2014-04-14 20:13 - 2014-04-21 10:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-04-14 20:05 - 2014-04-21 10:10 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-04-14 20:05 - 2014-04-21 10:10 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-04-14 20:04 - 2014-04-21 10:10 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-04-14 10:28 - 2013-03-29 16:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-04-14 10:27 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Provisioning

2014-04-13 23:40 - 2013-03-29 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-04-13 23:35 - 2014-04-13 23:35 - 00000000 ____D () C:\MATS

2014-04-13 23:21 - 2014-04-13 23:18 - 00000000 ____D () C:\8b1bcfd843758430a8a328d0

2014-04-13 23:20 - 2014-04-13 23:19 - 00000000 ____D () C:\498ce0fcf4dc88db014a

2014-04-13 18:56 - 2014-04-13 18:46 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-04-13 18:56 - 2013-08-21 01:21 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2014-04-13 18:56 - 2011-06-16 00:50 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Sony

2014-04-13 18:56 - 2010-04-01 16:35 - 00000000 ____D () C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2014-04-13 18:56 - 2009-11-18 20:41 - 00000000 ____D () C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2014-04-13 18:54 - 2014-04-13 18:46 - 00000000 ____D () C:\ProgramData\AVG

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\AVG

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{38536DEA-5E6B-48DC-8818-A5C09B2E3CFC}

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{1C1D8C40-58D0-42CA-93EC-0929B733480E}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{8E467B96-007C-4B2D-952E-BCA02FEF80EA}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{20E0BFED-086A-44F9-ACD0-D5746A9B617B}

2014-04-09 16:02 - 2013-07-13 01:43 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-09 15:56 - 2006-11-02 11:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-04-03 18:00 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-04-03 09:51 - 2014-04-16 10:35 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-16 10:35 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2011-05-24 16:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-02 13:38 - 2014-04-02 13:38 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{0091C485-1F56-4023-90C4-5D084ACF9D65}

2014-04-02 13:37 - 2014-04-02 13:37 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4F7DD441-2E42-4ADD-A316-783B5B84DF71}

2014-04-02 09:04 - 2014-04-02 09:04 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282.job

Some content of TEMP:

====================

C:\Users\garysmithafc\AppData\Local\temp\DseShExt-x86.dll

C:\Users\garysmithafc\AppData\Local\temp\lowproc.exe

C:\Users\garysmithafc\AppData\Local\temp\NEventMessages.dll

C:\Users\garysmithafc\AppData\Local\temp\NOSEventMessages.dll

C:\Users\garysmithafc\AppData\Local\temp\SDShelEx-win32.dll

C:\Users\garysmithafc\AppData\Local\temp\stubhelper.dll

 

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

 

LastRegBack: 2014-05-01 20:49

==================== End Of Log ============================

[Slumdog]

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-05-2014 02

Ran by garysmithafc at 2014-05-02 00:45:23

Running from C:\Users\garysmithafc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DSMNU0B

Boot Mode: Normal

==========================================================

 

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)

Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )

Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )

Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)

Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4577 - AVG Technologies)

AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4577 - AVG Technologies) Hidden

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)

Cisco EAP-FAST Module (HKLM\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Convert MP4 to MP3 1.5 (HKLM\...\{5067397A-2935-4290-AE14-1BE2863B00A3}_is1) (Version: - ConvertMP4toMP3.com)

Cooliris for Internet Explorer (HKLM\...\{9F9BE2A8-2FA2-438E-934B-6F237B641167}) (Version: 1.12.0.33689 - Cooliris Inc.)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)

Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)

Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08100 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric)

Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )

Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )

Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)

EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )

EPSON Copy Utility (HKLM\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version: - )

EPSON Photo Print (HKLM\...\EPSON Photo Print) (Version: - )

EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )

EPSON TWAIN 5 (HKLM\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)

File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)

Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden

Hotspot Shield 3.17 (HKLM\...\HotspotShield) (Version: 3.17 - AnchorFree Inc.)

iCopyExpert 3.1.2 (HKLM\...\iCopyExpert_is1) (Version: - iCopyExpert.com)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )

Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )

iRip (HKLM\...\{7662F66F-ED2D-4CB8-9E4D-5DD11CBF7D70}) (Version: 1.0.1.25 - The Little App Factory, LLC.)

iTunes (HKLM\...\{9B486871-27EB-49A5-8832-77176E63333C}) (Version: 11.0.5.5 - Apple Inc.)

Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )

Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)

Live! Cam Avatar v1.0 (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative Technology Ltd.)

Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden

Mozilla Firefox 24.0 (x86 en-US) (HKLM\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)

MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden

MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)

Nokia Suite (Version: 3.8.30.0 - Nokia) Hidden

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)

OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden

OpenAL (HKLM\...\OpenAL) (Version: - )

OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)

PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)

QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

T-Mobile Internet Manager (HKLM\...\T-Mobile Internet Manager) (Version: 11.301.05.06.105 - Huawei Technologies Co.,Ltd)

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)

Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)

Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Restore Points =========================

08-04-2014 18:39:35 Windows Update

09-04-2014 02:00:18 Windows Update

09-04-2014 14:48:53 Windows Update

10-04-2014 02:00:26 Windows Update

11-04-2014 02:00:18 Windows Update

12-04-2014 02:00:18 Windows Update

12-04-2014 16:07:30 Scheduled Checkpoint

13-04-2014 02:00:18 Windows Update

13-04-2014 17:46:56 Installed AVG PC TuneUp 2014

13-04-2014 20:45:26 Installed AVG 2014

13-04-2014 20:48:09 Installed AVG 2014

13-04-2014 21:33:27 Windows Update

13-04-2014 21:42:47 Windows Update

13-04-2014 21:44:06 Windows Update

13-04-2014 22:23:31 Windows Update

13-04-2014 22:34:57 Restore Point before Microsoft Silverlight was removed using Program Install and Uninstall troubleshooter

13-04-2014 22:35:59 Microsoft Silverlight

21-04-2014 09:06:03 Installed Java 7 Update 55

23-04-2014 14:48:53 Device Driver Package Install: Nokia Wireless Communication Devices

23-04-2014 14:49:33 Device Driver Package Install: Nokia Network adapters

23-04-2014 14:52:51 Device Driver Package Install: Nokia Wireless Communication Devices

23-04-2014 14:53:13 Device Driver Package Install: Nokia Network adapters

24-04-2014 11:12:02 Windows Update

24-04-2014 11:13:09 Windows Update

25-04-2014 23:45:42 Device Driver Package Install: Nokia Wireless Communication Devices

25-04-2014 23:46:35 Device Driver Package Install: Nokia Network adapters

28-04-2014 12:57:18 Installed AVG 2014

28-04-2014 12:58:12 Installed AVG 2014

29-04-2014 09:39:18 Removed AVG PC TuneUp 2014

29-04-2014 09:40:52 Removed AVG PC TuneUp 2014 (en-US)

30-04-2014 11:02:46 Device Driver Package Install: Nokia Wireless Communication Devices

30-04-2014 11:03:28 Device Driver Package Install: Nokia Network adapters

30-04-2014 22:35:56 Revo Uninstaller Pro's restore point - Nokia Suite

30-04-2014 22:44:23 Revo Uninstaller Pro's restore point - Nokia Suite

30-04-2014 22:50:18 Revo Uninstaller Pro's restore point - Nokia Suite

30-04-2014 22:53:37 Removed Nokia Connectivity Cable Driver

30-04-2014 22:56:57 Device Driver Package Install: Nokia Wireless Communication Devices

30-04-2014 22:57:37 Device Driver Package Install: Nokia Network adapters

30-04-2014 23:35:59 Device Driver Package Install: Nokia Wireless Communication Devices

30-04-2014 23:36:59 Device Driver Package Install: Nokia Network adapters

01-05-2014 08:57:05 Windows Modules Installer

01-05-2014 19:20:05 Windows Update

==================== Hosts content: ==========================

2006-11-02 11:23 - 2013-08-10 21:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C7C5960-A04D-4815-AC12-494F80B358EA} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

Task: {0DF2DCD1-4F52-48EB-B05B-0CFCE7EE257E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {1C265C4D-07ED-4CC7-9315-4B8840ED96BC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan

Task: {1C754BA7-581B-4684-8D5B-0E067BDE680C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {1FB6B2AF-AC36-45D6-AF24-5CB271BE0560} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {1FF20573-A382-4828-B157-C7C51C57CA92} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {32E8ED82-068E-4E2B-BFBC-FE3C3A87C098} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {3F348759-CBA4-4CF0-896F-B3A919FF4A16} - System32\Tasks\RegCure Pro => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {517C71D8-0E6E-4DA4-9E6A-29CD7511C23E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {54C95D41-DE3B-4030-B8B5-BD3B45D5317E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {5DE3985F-5F35-4DCD-B3A8-57DB502689C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {6A601C19-A9EC-4E5C-8A2B-C95D2F553A36} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: {7862986D-0D8B-43B9-8736-82D4B4850E06} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {8CE03844-C0E6-4D8A-954C-F5B4B5FE2BC5} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7f0041000920 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {9B1F79B3-BF8A-4B12-884B-9D161FD6B9D4} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-04-25] (RealNetworks, Inc.)

Task: {9F5364CE-EE72-4AB7-AF19-7774415C2E26} - System32\Tasks\Microsoft\Windows\RestartManager\{1361AA97-F071-424e-89B6-6FCD79DEF9A2} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)

Task: {A754F5D6-B2F4-4500-A164-6D2355893F77} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {A9F9F5CD-C92A-4EB7-8B41-FC484FCB9412} - System32\Tasks\Microsoft\Windows\RestartManager\{6B7CC817-BFB9-4aae-A0B7-227C28CAE080} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)

Task: {B7EF6C78-1000-47ED-AD76-FB077470454B} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns

Task: {C2967FDA-85A2-47C9-82C6-EF4793A695BD} - System32\Tasks\REGSERVO => C:\Program Files\REGSERVO\RegSERVO.exe

Task: {CD8715E8-7223-4BD0-9995-ED447AE87B71} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7958c2f247c0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {D4B4AFD4-2CCA-4505-92F3-077277BA72FE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {D8137202-A734-4DE0-958D-2AB8C83F5267} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4d96b753a090 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {DFA40750-3F23-40B7-8DFC-77803002F051} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe [2014-03-24] ()

Task: {E075E658-F648-4369-9493-B7B5885BD6FD} - System32\Tasks\GoogleUpdateTaskMachineCore1cec426df14aab0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {F3EEEEB4-D3BE-4F1D-ABA1-AF608AEA4FFE} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe

Task: {F4171F71-BF20-40E1-975B-CA3357FA1846} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: {F7CB17A3-8731-4FE0-B642-8BB5FE37E2C4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: C:\Windows\Tasks\0214dUpdateInfo.job => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-07-24 20:10 - 2008-05-16 13:17 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE

2008-07-24 20:10 - 2008-05-16 13:16 - 00054784 _____ () C:\Windows\System32\bcmwlrmt.dll

2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-17 23:18 - 2013-09-17 23:18 - 00902440 _____ () C:\Program Files\Hotspot Shield\bin\af_proxy.dll

2013-09-17 23:27 - 2013-09-17 23:27 - 00556840 _____ () C:\Program Files\Hotspot Shield\bin\hsswd.exe

2013-04-14 01:13 - 2012-11-09 05:02 - 01752576 _____ () C:\Program Files\File Shredder\fsshell.dll

2013-05-22 20:04 - 2013-05-22 20:04 - 00400704 _____ () C:\Users\garysmithafc\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

AlternateDataStreams: C:\ProgramData\TEMP:A2947BEA

AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: GoToAssist => 3

MSCONFIG\Services: Norton Internet Security => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\garysmithafc\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

MSCONFIG\startupreg: HW_OPENEYE_OUC_T-Mobile Internet Manager => "C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"

MSCONFIG\startupreg: IAAnotif => "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SigmatelSysTrayApp => %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot

==================== Faulty Device Manager Devices =============

 

==================== Event log errors: =========================

Application errors:

==================

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf) (User: )

Description: WmiApRplWmiApRpl8

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf) (User: )

Description: Performance16

Error: (05/01/2014 08:43:34 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:37:08 PM) (Source: LoadPerf) (User: )

Description: WmiApRplWmiApRpl8

Error: (05/01/2014 08:37:08 PM) (Source: LoadPerf) (User: )

Description: Performance16

Error: (05/01/2014 08:29:52 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 07:26:48 PM) (Source: MsiInstaller) (User: laptop)

Description: Product: QuickTime 7 -- Error 1303. The installer has insufficient privileges to access this directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime. The installation cannot continue. Log on as administrator or contact your system administrator.

Error: (05/01/2014 07:19:49 PM) (Source: MsiInstaller) (User: laptop)

Description: Product: Nokia Suite -- Error 1326. Error getting file security: C:\ProgramData\Nokia\ GetLastError: 5

Error: (05/01/2014 07:11:25 PM) (Source: MsiInstaller) (User: laptop)

Description: Product: Nokia Suite -- Error 1326. Error getting file security: C:\ProgramData\Nokia\ GetLastError: 5

Error: (05/01/2014 07:04:58 PM) (Source: Application Error) (User: )

Description: Faulting application nokia_pc_suite_en.exe, version 0.0.0.0, time stamp 0x2a425e19, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0x0eedfade, fault offset 0x0003fc16,

process id 0x2d1c, application start time 0xnokia_pc_suite_en.exe0.

 

System errors:

=============

Error: (05/01/2014 11:29:02 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:29:02 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:29:00 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:28:59 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:28:58 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:28:57 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:28:56 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:28:56 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 11:28:55 PM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/01/2014 08:44:27 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

 

Microsoft Office Sessions:

=========================

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf)(User: )

Description: WmiApRplWmiApRpl8

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf)(User: )

Description: Performance16

Error: (05/01/2014 08:43:34 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:37:08 PM) (Source: LoadPerf)(User: )

Description: WmiApRplWmiApRpl8

Error: (05/01/2014 08:37:08 PM) (Source: LoadPerf)(User: )

Description: Performance16

Error: (05/01/2014 08:29:52 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 07:26:48 PM) (Source: MsiInstaller)(User: laptop)

Description: Product: QuickTime 7 -- Error 1303. The installer has insufficient privileges to access this directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime. The installation cannot continue. Log on as administrator or contact your system administrator.(NULL)(NULL)(NULL)(NULL)

Error: (05/01/2014 07:19:49 PM) (Source: MsiInstaller)(User: laptop)

Description: Product: Nokia Suite -- Error 1326. Error getting file security: C:\ProgramData\Nokia\ GetLastError: 5(NULL)(NULL)(NULL)(NULL)

Error: (05/01/2014 07:11:25 PM) (Source: MsiInstaller)(User: laptop)

Description: Product: Nokia Suite -- Error 1326. Error getting file security: C:\ProgramData\Nokia\ GetLastError: 5(NULL)(NULL)(NULL)(NULL)

Error: (05/01/2014 07:04:58 PM) (Source: Application Error)(User: )

Description: nokia_pc_suite_en.exe0.0.0.02a425e19kernel32.dll6.0.6002.187045065ccb60eedfade0003fc162d1c01cf6567d5393574

 

CodeIntegrity Errors:

===================================

Date: 2014-05-02 00:45:13.258

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:13.003

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:12.748

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:12.493

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:12.236

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:11.983

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:11.726

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:11.464

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:10.903

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 00:45:10.646

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

==================== Memory info ===========================

Percentage of memory in use: 61%

Total physical RAM: 3069.33 MB

Available physical RAM: 1179.57 MB

Total Pagefile: 6344.92 MB

Available Pagefile: 4396.16 MB

Total Virtual: 2047.88 MB

Available Virtual: 1874.66 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.26 GB) (Free:113.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 60000000)

Partition 1: (Not Active) - (Size=125 MB) - (Type=DE)

Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

Partition 3: (Active) - (Size=220 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)

==================== End Of Log ============================

[Starbuck]

Running from C:\Users\garysmithafc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DSMNU0B

Unfortunately FRST is being run from the wrong location.

Because of this the fix i need to write will not work.

Please download FRST again and make sure that the fresh copy is saved to the Desktop or the Download folder.

Please post another scan report once this has been done.

 

Thanks.

Edited May 2, 2014 by Starbuck

[Slumdog]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014

Ran by garysmithafc (administrator) on LAPTOP on 02-05-2014 09:32:34

Running from C:\Users\garysmithafc\Desktop

Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

() C:\Windows\System32\WLTRYSVC.EXE

(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe

() C:\Program Files\Hotspot Shield\bin\hsswd.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe

(IDT, Inc.) C:\Windows\System32\stacsv.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

(Huawei Technologies Co., Ltd.) C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

 

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DataCardMonitor] => C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe [253952 2012-05-26] (Huawei Technologies Co., Ltd.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-3510410515-3114074607-2372607737-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-3510410515-3114074607-2372607737-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-3510410515-3114074607-2372607737-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-14] (Google Inc.)

Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig

SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =

SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3323875&octid=EB_ORIGINAL_CTID&ISID=M8F92EAA2-EFAD-4432-8403-30E8F89D1C1F&SearchSource=58&CUI=&UM=5&UP=SP538F9DE4-BBBE-46E6-9FB0-3A19B4D03568&q={searchTerms}&SSPV=

SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=BLT&o=15554&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=HH&apn_dtid=YYYYYYGAGB&apn_uid=F0D5B4F9-D54E-470E-B071-EE74952B1678&apn_sauid=908C6D78-5285-449A-8AD4-D369965D2873

SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F61F26B1-9006-48EA-AAF1-6913D0EDD9BB}&mid=acff693b357847d39634d156a7059b0e-07aa74e469bbdacc1d66871e4d57ca5f576b4efa&lang=en&ds=AVG&pr=fr&d=2013-09-20 17:43:05&v=17.1.2.1&pid=avg&sg=12&sap=dsp&q={searchTerms}

SearchScopes: HKCU - {96A9E1EC-B58E-4562-BAE7-F79E71ACEF34} URL = https://www.flickr.com/search/?q=%7BsearchTerms%7D

SearchScopes: HKCU - {9BCE324A-85C7-4461-A177-5C43111827FD} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9

SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://inboxtoolbar.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80150&lng=en

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File

DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{6CF01016-9473-408F-BF3A-FDD1FDDC080A}: [NameServer]8.8.8.8

FireFox:

========

FF ProfilePath: C:\Users\garysmithafc\AppData\Roaming\Mozilla\Firefox\Profiles\w8lqr85o.default

FF user.js: detected! => C:\Users\garysmithafc\AppData\Roaming\Mozilla\Firefox\Profiles\w8lqr85o.default\user.js

FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");

FF Homepage: about:home

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll No File

FF Plugin: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\garysmithafc\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\garysmithafc\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)

FF Extension: Microsoft .NET Framework Assistant - C:\Users\garysmithafc\AppData\Roaming\Mozilla\Firefox\Profiles\w8lqr85o.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-09-20]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-30]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-30]

FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2014-04-30]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\

FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon

FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-05-26]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://www.google.com/"

CHR DefaultSearchKeyword: google.co.uk

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Unity Player) - C:\Users\garysmithafc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\garysmithafc\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File

CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (Facebook for Desktop) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\beigfmnnhaciohpncoecphcmekklgffh [2013-10-05]

CHR Extension: (PartyCloud DJ) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko [2013-10-05]

CHR Extension: (365Scores) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocaejggjgdmkhmbinicknpbhagkblop [2013-10-05]

CHR Extension: (avast! Online Security) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-08-08]

CHR Extension: (TweetDeck by Twitter) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-10-05]

CHR Extension: (InstaTwit) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhalcamddihdpdgdjkjbgikgobnbbpif [2013-07-24]

CHR Extension: (Until AM Web App) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2013-10-05]

CHR Extension: (Party List Dj (playlist music player)) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnbjmlkceipalmoohcalibhlonbbllli [2013-10-05]

CHR Extension: (WGT Golf Game) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2013-10-05]

CHR Extension: (Google Wallet) - C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2013-08-22]

CHR HKLM\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files\OnlineHD.TV\onhd11.crx [2013-08-22]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-04-28] (Stardock Corporation)

R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [878888 2013-09-17] (AnchorFree Inc.)

S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-09-17] ()

R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [556840 2013-09-17] ()

S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] ()

R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.)

R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2506752 2008-05-16] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [123160 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-04-18] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [150296 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22296 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-03-27] (AVG Technologies CZ, s.r.o.)

R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [238872 2014-03-27] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [108312 2014-03-31] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [28440 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [211224 2014-03-31] (AVG Technologies CZ, s.r.o.)

R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41160 2013-09-17] (AnchorFree Inc.)

S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2011-01-30] (Huawei Technologies Co., Ltd.)

R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-09-17] (Anchorfree Inc.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]

S0 BMLoad; system32\drivers\BMLoad.sys [X]

U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [235392 2010-12-24] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

 

==================== One Month Created Files and Folders ========

2014-05-02 09:32 - 2014-05-02 09:32 - 00020439 _____ () C:\Users\garysmithafc\Desktop\FRST.txt

2014-05-02 09:31 - 2014-05-02 09:31 - 01050624 _____ (Farbar) C:\Users\garysmithafc\Desktop\FRST.exe

2014-05-02 09:24 - 2014-04-29 11:28 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-02 09:24 - 2014-04-29 11:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-02 00:44 - 2014-05-02 09:32 - 00000000 ____D () C:\FRST

2014-05-01 20:21 - 2014-03-08 00:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-05-01 20:21 - 2014-03-07 23:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-05-01 20:21 - 2014-03-07 23:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-05-01 20:21 - 2014-03-07 23:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-05-01 20:21 - 2014-03-07 23:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-05-01 20:21 - 2014-03-07 23:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-01 20:21 - 2014-03-07 23:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-05-01 20:20 - 2014-03-08 00:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-05-01 20:20 - 2014-03-08 00:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-05-01 20:20 - 2014-03-08 00:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-05-01 20:20 - 2014-03-08 00:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-05-01 20:20 - 2014-03-08 00:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-05-01 20:20 - 2014-03-07 23:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-05-01 20:20 - 2014-03-07 23:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-05-01 00:49 - 2014-05-01 00:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Avg2014

2014-05-01 00:08 - 2014-05-01 00:09 - 91665264 _____ () C:\Users\Administrator\Desktop\Nokia_Ovi_Suite_webinstaller_ALL.exe

2014-05-01 00:06 - 2014-05-01 00:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014

2014-05-01 00:05 - 2014-05-01 00:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\VS Revo Group

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-04-30 19:51 - 2014-04-30 19:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-29 11:40 - 2014-04-29 11:44 - 00389654 _____ () C:\Users\garysmithafc\Club

2014-04-28 14:00 - 2014-04-28 14:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG2014

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\ProgramData\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ___HD () C:\$AVG

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ____D () C:\ProgramData\AVG2014

2014-04-28 13:56 - 2014-05-01 18:00 - 00000000 ____D () C:\ProgramData\MFAData

2014-04-28 13:56 - 2014-04-28 14:30 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Avg2014

2014-04-28 13:56 - 2014-04-28 13:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\MFAData

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Real

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer

2014-04-28 13:38 - 2014-04-28 13:38 - 00001933 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000911 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000906 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Dell

2014-04-28 13:37 - 2014-04-28 13:38 - 00000000 ____D () C:\Users\Guest

2014-04-28 13:37 - 2014-04-28 13:37 - 00067152 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-28 13:37 - 2014-04-28 13:37 - 00000877 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-28 13:37 - 2014-04-28 13:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini

2014-04-28 13:37 - 2014-04-28 13:37 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore

2014-04-28 13:37 - 2013-09-27 09:24 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\TuneUp Software

2014-04-28 13:37 - 2013-08-08 13:11 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia

2014-04-28 13:37 - 2011-05-17 23:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\SoftThinks

2014-04-28 13:37 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-04-28 13:37 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-26 15:37 - 2014-04-26 15:37 - 08434176 _____ () C:\Users\garysmithafc\Elaine.3gp

2014-04-26 01:23 - 2014-04-26 15:29 - 00002670 _____ () C:\Windows\setupact.log

2014-04-26 01:23 - 2014-04-26 01:23 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-26 01:16 - 2014-04-26 01:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-04-26 01:15 - 2014-04-26 01:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Google

2014-04-26 01:15 - 2014-04-26 01:15 - 00001933 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk

2014-04-26 01:14 - 2014-04-26 01:15 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-04-26 01:02 - 2014-04-26 01:02 - 00067152 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Real

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer

2014-04-26 01:01 - 2014-04-26 01:01 - 00000911 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000906 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000877 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Dell

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator

2014-04-26 01:01 - 2013-09-27 09:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\TuneUp Software

2014-04-26 01:01 - 2013-08-08 13:11 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia

2014-04-26 01:01 - 2011-05-17 23:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\SoftThinks

2014-04-26 01:01 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-04-26 01:01 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-26 00:47 - 2014-04-30 12:04 - 00018346 _____ () C:\Windows\DPINST.LOG

2014-04-25 15:01 - 2014-04-25 15:01 - 00067152 _____ () C:\Users\garysmithafc\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 00:26 - 2014-04-25 00:26 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\Users\Public\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\ProgramData\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\ProgramData\RealNetworks

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\Program Files\Common Files\xing shared

2014-04-25 00:25 - 2014-04-25 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

2014-04-25 00:25 - 2014-04-25 00:25 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll

2014-04-24 17:59 - 2014-04-30 21:29 - 00070646 _____ () C:\Windows\PFRO.log

2014-04-24 17:59 - 2014-04-24 17:59 - 00282152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-24 11:49 - 2014-04-24 11:49 - 00000000 ____D () C:\Windows\system32\Hotspot Shield

2014-04-21 10:10 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-04-21 10:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-04-21 10:10 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-04-21 10:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-04-21 10:07 - 2014-04-21 10:10 - 00004024 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys

2014-04-16 19:00 - 2014-04-16 19:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4814328A-E127-4274-AA2E-2B8AB3CB73CD}

2014-04-16 10:44 - 2014-04-29 10:11 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-16 10:35 - 2014-04-16 10:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-16 10:35 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-16 10:35 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-14 23:52 - 2014-04-14 23:52 - 00000314 _____ () C:\Windows\Tasks\0214dUpdateInfo.job

2014-04-14 23:52 - 2014-04-14 23:52 - 00000000 ____D () C:\ProgramData\Avg_Update_0214d

2014-04-13 23:35 - 2014-04-13 23:35 - 00000000 ____D () C:\MATS

2014-04-13 23:19 - 2014-04-13 23:20 - 00000000 ____D () C:\498ce0fcf4dc88db014a

2014-04-13 23:18 - 2014-04-13 23:21 - 00000000 ____D () C:\8b1bcfd843758430a8a328d0

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\AVG

2014-04-13 18:46 - 2014-04-13 18:56 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-04-13 18:46 - 2014-04-13 18:54 - 00000000 ____D () C:\ProgramData\AVG

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{38536DEA-5E6B-48DC-8818-A5C09B2E3CFC}

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{1C1D8C40-58D0-42CA-93EC-0929B733480E}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{8E467B96-007C-4B2D-952E-BCA02FEF80EA}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{20E0BFED-086A-44F9-ACD0-D5746A9B617B}

2014-04-09 15:38 - 2014-02-06 02:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-02 13:38 - 2014-04-02 13:38 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{0091C485-1F56-4023-90C4-5D084ACF9D65}

2014-04-02 13:37 - 2014-04-02 13:37 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4F7DD441-2E42-4ADD-A316-783B5B84DF71}

2014-04-02 09:04 - 2014-04-02 09:04 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282.job

==================== One Month Modified Files and Folders =======

2014-05-02 09:32 - 2014-05-02 09:32 - 00020439 _____ () C:\Users\garysmithafc\Desktop\FRST.txt

2014-05-02 09:32 - 2014-05-02 00:44 - 00000000 ____D () C:\FRST

2014-05-02 09:31 - 2014-05-02 09:31 - 01050624 _____ (Farbar) C:\Users\garysmithafc\Desktop\FRST.exe

2014-05-02 09:31 - 2008-07-24 20:52 - 01542906 _____ () C:\Windows\WindowsUpdate.log

2014-05-02 09:03 - 2010-04-01 11:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-02 08:43 - 2013-07-26 21:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-05-02 08:32 - 2006-11-02 11:33 - 00006632 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-02 08:30 - 2009-11-18 21:02 - 00082200 _____ () C:\ProgramData\nvModes.dat

2014-05-02 08:30 - 2009-11-18 21:02 - 00082200 _____ () C:\ProgramData\nvModes.001

2014-05-02 01:13 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-02 01:13 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-02 01:13 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-02 01:12 - 2008-07-24 20:53 - 00001076 _____ () C:\Windows\bthservsdp.dat

2014-05-02 01:12 - 2006-11-02 14:01 - 00032654 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-05-01 19:05 - 2010-07-27 23:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\CrashDumps

2014-05-01 18:00 - 2014-04-28 13:56 - 00000000 ____D () C:\ProgramData\MFAData

2014-05-01 00:49 - 2014-05-01 00:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Avg2014

2014-05-01 00:37 - 2009-11-18 17:21 - 00000000 ____D () C:\Users\garysmithafc

2014-05-01 00:35 - 2009-11-18 20:28 - 00000000 ____D () C:\Program Files\Nokia

2014-05-01 00:16 - 2011-05-14 15:57 - 00000000 ____D () C:\Program Files\Common Files\Nokia

2014-05-01 00:09 - 2014-05-01 00:08 - 91665264 _____ () C:\Users\Administrator\Desktop\Nokia_Ovi_Suite_webinstaller_ALL.exe

2014-05-01 00:06 - 2014-05-01 00:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014

2014-05-01 00:05 - 2014-05-01 00:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2014

2014-04-30 23:50 - 2010-04-12 17:08 - 00000000 ____D () C:\ProgramData\Nokia

2014-04-30 23:50 - 2010-04-12 16:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Nokia

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\VS Revo Group

2014-04-30 23:34 - 2014-04-30 23:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-04-30 21:29 - 2014-04-24 17:59 - 00070646 _____ () C:\Windows\PFRO.log

2014-04-30 21:29 - 2013-04-11 19:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-04-30 19:52 - 2014-04-30 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-30 12:04 - 2014-04-26 00:47 - 00018346 _____ () C:\Windows\DPINST.LOG

2014-04-29 11:44 - 2014-04-29 11:40 - 00389654 _____ () C:\Users\garysmithafc\Club

2014-04-29 11:28 - 2014-05-02 09:24 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-29 11:07 - 2014-05-02 09:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-29 10:40 - 2013-08-12 17:12 - 00000000 ____D () C:\Program Files\AVG

2014-04-29 10:11 - 2014-04-16 10:44 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-28 22:29 - 2013-07-26 21:04 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-04-28 22:29 - 2013-07-26 21:04 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-04-28 14:30 - 2014-04-28 13:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Avg2014

2014-04-28 14:00 - 2014-04-28 14:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG2014

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000804 _____ () C:\ProgramData\Desktop\AVG 2014.lnk

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ___HD () C:\$AVG

2014-04-28 13:59 - 2014-04-28 13:59 - 00000000 ____D () C:\ProgramData\AVG2014

2014-04-28 13:59 - 2013-10-11 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-04-28 13:56 - 2014-04-28 13:56 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\MFAData

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Real

2014-04-28 13:39 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer

2014-04-28 13:38 - 2014-04-28 13:38 - 00001933 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000911 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000906 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-28 13:38 - 2014-04-28 13:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Dell

2014-04-28 13:38 - 2014-04-28 13:37 - 00000000 ____D () C:\Users\Guest

2014-04-28 13:37 - 2014-04-28 13:37 - 00067152 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-28 13:37 - 2014-04-28 13:37 - 00000877 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-28 13:37 - 2014-04-28 13:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini

2014-04-28 13:37 - 2014-04-28 13:37 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore

2014-04-27 23:43 - 2013-07-28 11:02 - 00000000 ____D () C:\Windows\system32\Macromed

2014-04-26 15:37 - 2014-04-26 15:37 - 08434176 _____ () C:\Users\garysmithafc\Elaine.3gp

2014-04-26 15:29 - 2014-04-26 01:23 - 00002670 _____ () C:\Windows\setupact.log

2014-04-26 01:23 - 2014-04-26 01:23 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-26 01:16 - 2014-04-26 01:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-04-26 01:16 - 2014-04-26 01:15 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Google

2014-04-26 01:15 - 2014-04-26 01:15 - 00001933 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk

2014-04-26 01:15 - 2014-04-26 01:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-04-26 01:02 - 2014-04-26 01:02 - 00067152 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Real

2014-04-26 01:02 - 2014-04-26 01:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer

2014-04-26 01:01 - 2014-04-26 01:01 - 00000911 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000906 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000877 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-04-26 01:01 - 2014-04-26 01:01 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Dell

2014-04-26 01:01 - 2014-04-26 01:01 - 00000000 ____D () C:\Users\Administrator

2014-04-26 00:50 - 2009-11-18 20:27 - 00000000 ____D () C:\ProgramData\Installations

2014-04-26 00:28 - 2009-11-18 20:34 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Nokia

2014-04-25 15:01 - 2014-04-25 15:01 - 00067152 _____ () C:\Users\garysmithafc\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-25 10:11 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Help

2014-04-25 00:26 - 2014-04-25 00:26 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\Users\Public\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00001031 _____ () C:\ProgramData\Desktop\RealPlayer.lnk

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\ProgramData\RealNetworks

2014-04-25 00:26 - 2014-04-25 00:26 - 00000000 ____D () C:\Program Files\Common Files\xing shared

2014-04-25 00:26 - 2014-04-25 00:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

2014-04-25 00:26 - 2012-08-28 16:47 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Real

2014-04-25 00:26 - 2012-08-28 16:47 - 00000000 ____D () C:\Program Files\Real

2014-04-25 00:26 - 2012-08-28 16:45 - 00000000 ____D () C:\ProgramData\Real

2014-04-25 00:25 - 2014-04-25 00:25 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll

2014-04-25 00:25 - 2014-04-25 00:25 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll

2014-04-25 00:25 - 2008-07-24 20:13 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll

2014-04-25 00:25 - 2008-07-24 20:09 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll

2014-04-24 17:59 - 2014-04-24 17:59 - 00282152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-24 17:20 - 2013-03-28 13:01 - 00000000 ____D () C:\found.001

2014-04-24 17:20 - 2012-05-30 21:24 - 00000000 ____D () C:\found.000

2014-04-24 17:20 - 2008-02-04 00:07 - 00000000 ____D () C:\Windows\Panther

2014-04-24 17:16 - 2011-04-30 12:26 - 00000000 ____D () C:\ProgramData\ParetoLogic

2014-04-24 12:16 - 2011-04-30 12:26 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\ParetoLogic

2014-04-24 11:49 - 2014-04-24 11:49 - 00000000 ____D () C:\Windows\system32\Hotspot Shield

2014-04-23 15:27 - 2009-11-18 17:22 - 00000906 _____ () C:\Users\garysmithafc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-23 15:18 - 2009-11-19 20:11 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\Adobe

2014-04-21 10:10 - 2014-04-21 10:07 - 00004024 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

2014-04-21 10:10 - 2008-07-24 20:05 - 00000000 ____D () C:\Program Files\Java

2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys

2014-04-16 19:00 - 2014-04-16 19:00 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4814328A-E127-4274-AA2E-2B8AB3CB73CD}

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000861 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 10:36 - 2014-04-16 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-16 10:36 - 2014-04-16 10:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-16 10:36 - 2011-05-24 16:11 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Malwarebytes

2014-04-16 10:35 - 2011-05-24 16:11 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-16 10:35 - 2011-05-24 16:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-04-14 23:52 - 2014-04-14 23:52 - 00000314 _____ () C:\Windows\Tasks\0214dUpdateInfo.job

2014-04-14 23:52 - 2014-04-14 23:52 - 00000000 ____D () C:\ProgramData\Avg_Update_0214d

2014-04-14 20:13 - 2014-04-21 10:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-04-14 20:05 - 2014-04-21 10:10 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-04-14 20:05 - 2014-04-21 10:10 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-04-14 20:04 - 2014-04-21 10:10 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-04-14 10:28 - 2013-03-29 16:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-04-14 10:27 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Provisioning

2014-04-13 23:40 - 2013-03-29 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-04-13 23:35 - 2014-04-13 23:35 - 00000000 ____D () C:\MATS

2014-04-13 23:21 - 2014-04-13 23:18 - 00000000 ____D () C:\8b1bcfd843758430a8a328d0

2014-04-13 23:20 - 2014-04-13 23:19 - 00000000 ____D () C:\498ce0fcf4dc88db014a

2014-04-13 18:56 - 2014-04-13 18:46 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-04-13 18:56 - 2013-08-21 01:21 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2014-04-13 18:56 - 2011-06-16 00:50 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\Sony

2014-04-13 18:56 - 2010-04-01 16:35 - 00000000 ____D () C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2014-04-13 18:56 - 2009-11-18 20:41 - 00000000 ____D () C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2014-04-13 18:54 - 2014-04-13 18:46 - 00000000 ____D () C:\ProgramData\AVG

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Roaming\AVG

2014-04-13 18:48 - 2014-04-13 18:48 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\AVG

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{38536DEA-5E6B-48DC-8818-A5C09B2E3CFC}

2014-04-12 21:31 - 2014-04-12 21:31 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{1C1D8C40-58D0-42CA-93EC-0929B733480E}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{8E467B96-007C-4B2D-952E-BCA02FEF80EA}

2014-04-11 18:41 - 2014-04-11 18:41 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{20E0BFED-086A-44F9-ACD0-D5746A9B617B}

2014-04-09 16:02 - 2013-07-13 01:43 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-09 15:56 - 2006-11-02 11:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-04-03 18:00 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-04-03 09:51 - 2014-04-16 10:35 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-16 10:35 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2011-05-24 16:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-02 13:38 - 2014-04-02 13:38 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{0091C485-1F56-4023-90C4-5D084ACF9D65}

2014-04-02 13:37 - 2014-04-02 13:37 - 00000000 ____D () C:\Users\garysmithafc\AppData\Local\{4F7DD441-2E42-4ADD-A316-783B5B84DF71}

2014-04-02 09:04 - 2014-04-02 09:04 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282.job

Some content of TEMP:

====================

C:\Users\garysmithafc\AppData\Local\temp\DseShExt-x86.dll

C:\Users\garysmithafc\AppData\Local\temp\lowproc.exe

C:\Users\garysmithafc\AppData\Local\temp\NEventMessages.dll

C:\Users\garysmithafc\AppData\Local\temp\NOSEventMessages.dll

C:\Users\garysmithafc\AppData\Local\temp\SDShelEx-win32.dll

C:\Users\garysmithafc\AppData\Local\temp\stubhelper.dll

 

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

 

LastRegBack: 2014-05-02 01:20

==================== End Of Log ============================

[Slumdog]

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-05-2014

Ran by garysmithafc at 2014-05-02 09:33:21

Running from C:\Users\garysmithafc\Desktop

Boot Mode: Normal

==========================================================

 

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)

Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )

Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )

Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)

Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4577 - AVG Technologies)

AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4577 - AVG Technologies) Hidden

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)

Cisco EAP-FAST Module (HKLM\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Convert MP4 to MP3 1.5 (HKLM\...\{5067397A-2935-4290-AE14-1BE2863B00A3}_is1) (Version: - ConvertMP4toMP3.com)

Cooliris for Internet Explorer (HKLM\...\{9F9BE2A8-2FA2-438E-934B-6F237B641167}) (Version: 1.12.0.33689 - Cooliris Inc.)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)

Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)

Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08100 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric)

Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )

Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )

Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)

EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )

EPSON Copy Utility (HKLM\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version: - )

EPSON Photo Print (HKLM\...\EPSON Photo Print) (Version: - )

EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )

EPSON TWAIN 5 (HKLM\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)

File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)

Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden

Hotspot Shield 3.17 (HKLM\...\HotspotShield) (Version: 3.17 - AnchorFree Inc.)

iCopyExpert 3.1.2 (HKLM\...\iCopyExpert_is1) (Version: - iCopyExpert.com)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )

Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )

iRip (HKLM\...\{7662F66F-ED2D-4CB8-9E4D-5DD11CBF7D70}) (Version: 1.0.1.25 - The Little App Factory, LLC.)

iTunes (HKLM\...\{9B486871-27EB-49A5-8832-77176E63333C}) (Version: 11.0.5.5 - Apple Inc.)

Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )

Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)

Live! Cam Avatar v1.0 (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative Technology Ltd.)

Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden

Mozilla Firefox 24.0 (x86 en-US) (HKLM\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)

MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden

MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)

Nokia Suite (Version: 3.8.30.0 - Nokia) Hidden

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)

OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden

OpenAL (HKLM\...\OpenAL) (Version: - )

OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)

PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)

QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

T-Mobile Internet Manager (HKLM\...\T-Mobile Internet Manager) (Version: 11.301.05.06.105 - Huawei Technologies Co.,Ltd)

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)

Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)

Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Restore Points =========================

09-04-2014 14:48:53 Windows Update

10-04-2014 02:00:26 Windows Update

11-04-2014 02:00:18 Windows Update

12-04-2014 02:00:18 Windows Update

12-04-2014 16:07:30 Scheduled Checkpoint

13-04-2014 02:00:18 Windows Update

13-04-2014 17:46:56 Installed AVG PC TuneUp 2014

13-04-2014 20:45:26 Installed AVG 2014

13-04-2014 20:48:09 Installed AVG 2014

13-04-2014 21:33:27 Windows Update

13-04-2014 21:42:47 Windows Update

13-04-2014 21:44:06 Windows Update

13-04-2014 22:23:31 Windows Update

13-04-2014 22:34:57 Restore Point before Microsoft Silverlight was removed using Program Install and Uninstall troubleshooter

13-04-2014 22:35:59 Microsoft Silverlight

21-04-2014 09:06:03 Installed Java 7 Update 55

23-04-2014 14:48:53 Device Driver Package Install: Nokia Wireless Communication Devices

23-04-2014 14:49:33 Device Driver Package Install: Nokia Network adapters

23-04-2014 14:52:51 Device Driver Package Install: Nokia Wireless Communication Devices

23-04-2014 14:53:13 Device Driver Package Install: Nokia Network adapters

24-04-2014 11:12:02 Windows Update

24-04-2014 11:13:09 Windows Update

25-04-2014 23:45:42 Device Driver Package Install: Nokia Wireless Communication Devices

25-04-2014 23:46:35 Device Driver Package Install: Nokia Network adapters

28-04-2014 12:57:18 Installed AVG 2014

28-04-2014 12:58:12 Installed AVG 2014

29-04-2014 09:39:18 Removed AVG PC TuneUp 2014

29-04-2014 09:40:52 Removed AVG PC TuneUp 2014 (en-US)

30-04-2014 11:02:46 Device Driver Package Install: Nokia Wireless Communication Devices

30-04-2014 11:03:28 Device Driver Package Install: Nokia Network adapters

30-04-2014 22:35:56 Revo Uninstaller Pro's restore point - Nokia Suite

30-04-2014 22:44:23 Revo Uninstaller Pro's restore point - Nokia Suite

30-04-2014 22:50:18 Revo Uninstaller Pro's restore point - Nokia Suite

30-04-2014 22:53:37 Removed Nokia Connectivity Cable Driver

30-04-2014 22:56:57 Device Driver Package Install: Nokia Wireless Communication Devices

30-04-2014 22:57:37 Device Driver Package Install: Nokia Network adapters

30-04-2014 23:35:59 Device Driver Package Install: Nokia Wireless Communication Devices

30-04-2014 23:36:59 Device Driver Package Install: Nokia Network adapters

01-05-2014 08:57:05 Windows Modules Installer

01-05-2014 19:20:05 Windows Update

01-05-2014 23:59:34 Windows Backup

02-05-2014 08:23:41 Windows Update

==================== Hosts content: ==========================

2006-11-02 11:23 - 2013-08-10 21:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C7C5960-A04D-4815-AC12-494F80B358EA} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

Task: {0DF2DCD1-4F52-48EB-B05B-0CFCE7EE257E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {10E99F0A-0404-4980-9DC9-D102E416471B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {1C265C4D-07ED-4CC7-9315-4B8840ED96BC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan

Task: {1C754BA7-581B-4684-8D5B-0E067BDE680C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {1FB6B2AF-AC36-45D6-AF24-5CB271BE0560} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {1FF20573-A382-4828-B157-C7C51C57CA92} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

Task: {2CAA762F-F8D9-4B31-AEC3-017918E98C2D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {32E8ED82-068E-4E2B-BFBC-FE3C3A87C098} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {3F348759-CBA4-4CF0-896F-B3A919FF4A16} - System32\Tasks\RegCure Pro => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {517C71D8-0E6E-4DA4-9E6A-29CD7511C23E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {54C95D41-DE3B-4030-B8B5-BD3B45D5317E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {5DE3985F-5F35-4DCD-B3A8-57DB502689C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {6A601C19-A9EC-4E5C-8A2B-C95D2F553A36} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: {8CE03844-C0E6-4D8A-954C-F5B4B5FE2BC5} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7f0041000920 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {9B1F79B3-BF8A-4B12-884B-9D161FD6B9D4} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-04-25] (RealNetworks, Inc.)

Task: {9F5364CE-EE72-4AB7-AF19-7774415C2E26} - System32\Tasks\Microsoft\Windows\RestartManager\{1361AA97-F071-424e-89B6-6FCD79DEF9A2} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)

Task: {A754F5D6-B2F4-4500-A164-6D2355893F77} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {A9F9F5CD-C92A-4EB7-8B41-FC484FCB9412} - System32\Tasks\Microsoft\Windows\RestartManager\{6B7CC817-BFB9-4aae-A0B7-227C28CAE080} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)

Task: {B7EF6C78-1000-47ED-AD76-FB077470454B} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns

Task: {C2967FDA-85A2-47C9-82C6-EF4793A695BD} - System32\Tasks\REGSERVO => C:\Program Files\REGSERVO\RegSERVO.exe

Task: {CD8715E8-7223-4BD0-9995-ED447AE87B71} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7958c2f247c0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {D4B4AFD4-2CCA-4505-92F3-077277BA72FE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {D8137202-A734-4DE0-958D-2AB8C83F5267} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4d96b753a090 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {DFA40750-3F23-40B7-8DFC-77803002F051} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe [2014-03-24] ()

Task: {E075E658-F648-4369-9493-B7B5885BD6FD} - System32\Tasks\GoogleUpdateTaskMachineCore1cec426df14aab0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01] (Google Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {F3EEEEB4-D3BE-4F1D-ABA1-AF608AEA4FFE} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe

Task: {F4171F71-BF20-40E1-975B-CA3357FA1846} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3510410515-3114074607-2372607737-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\Windows\Tasks\0214dUpdateInfo.job => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4e4a2a673282.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-07-24 20:10 - 2008-05-16 13:17 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE

2008-07-24 20:10 - 2008-05-16 13:16 - 00054784 _____ () C:\Windows\System32\bcmwlrmt.dll

2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-17 23:18 - 2013-09-17 23:18 - 00902440 _____ () C:\Program Files\Hotspot Shield\bin\af_proxy.dll

2013-09-17 23:27 - 2013-09-17 23:27 - 00556840 _____ () C:\Program Files\Hotspot Shield\bin\hsswd.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

AlternateDataStreams: C:\ProgramData\TEMP:A2947BEA

AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: GoToAssist => 3

MSCONFIG\Services: Norton Internet Security => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\garysmithafc\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

MSCONFIG\startupreg: HW_OPENEYE_OUC_T-Mobile Internet Manager => "C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"

MSCONFIG\startupreg: IAAnotif => "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SigmatelSysTrayApp => %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot

==================== Faulty Device Manager Devices =============

 

==================== Event log errors: =========================

Application errors:

==================

Error: (05/02/2014 08:32:19 AM) (Source: LoadPerf) (User: )

Description: WmiApRplWmiApRpl8

Error: (05/02/2014 08:32:19 AM) (Source: LoadPerf) (User: )

Description: Performance16

Error: (05/02/2014 08:30:05 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 25774563

Error: (05/02/2014 08:30:05 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 25774563

Error: (05/02/2014 08:30:05 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/02/2014 01:20:33 AM) (Source: LoadPerf) (User: )

Description: WmiApRplWmiApRpl8

Error: (05/02/2014 01:20:33 AM) (Source: LoadPerf) (User: )

Description: Performance16

Error: (05/02/2014 01:14:33 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf) (User: )

Description: WmiApRplWmiApRpl8

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf) (User: )

Description: Performance16

 

System errors:

=============

Error: (05/02/2014 08:30:19 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:19 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:15 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:13 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:13 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:13 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:12 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:12 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:11 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

Error: (05/02/2014 08:30:08 AM) (Source: Service Control Manager) (User: )

Description: BCM42RLY%%2

 

Microsoft Office Sessions:

=========================

Error: (05/02/2014 08:32:19 AM) (Source: LoadPerf)(User: )

Description: WmiApRplWmiApRpl8

Error: (05/02/2014 08:32:19 AM) (Source: LoadPerf)(User: )

Description: Performance16

Error: (05/02/2014 08:30:05 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 25774563

Error: (05/02/2014 08:30:05 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 25774563

Error: (05/02/2014 08:30:05 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/02/2014 01:20:33 AM) (Source: LoadPerf)(User: )

Description: WmiApRplWmiApRpl8

Error: (05/02/2014 01:20:33 AM) (Source: LoadPerf)(User: )

Description: Performance16

Error: (05/02/2014 01:14:33 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf)(User: )

Description: WmiApRplWmiApRpl8

Error: (05/01/2014 08:50:02 PM) (Source: LoadPerf)(User: )

Description: Performance16

 

CodeIntegrity Errors:

===================================

Date: 2014-05-02 09:33:11.320

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:11.054

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:10.789

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:10.524

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:10.243

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:09.962

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:09.697

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:09.416

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:08.948

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-05-02 09:33:08.683

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

==================== Memory info ===========================

Percentage of memory in use: 48%

Total physical RAM: 3069.33 MB

Available physical RAM: 1567.55 MB

Total Pagefile: 6342.92 MB

Available Pagefile: 4891.98 MB

Total Virtual: 2047.88 MB

Available Virtual: 1915.39 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.26 GB) (Free:113.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 60000000)

Partition 1: (Not Active) - (Size=125 MB) - (Type=DE)

Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

Partition 3: (Active) - (Size=220 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)

==================== End Of Log ============================

[Slumdog]

Hi Starbuck, hope this is correct? If not, could you please explain what I am doing wrong, ta.

[Starbuck]

Hi Slumdog,

 

hope this is correct?

Yep, those are correct. :)

 

I'll move this thread to the Malware Removal forum until we have finished the scans.

It'll save any confusion.

Just reply normally to this thread.

 

Step 1

Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.

NOTE.

It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

 

NOTICE: This script was written specifically for this user, for use on that particular machine.

Running this on another machine may cause damage to your operating system

 

Re-run FRST/FRST64 and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.

 

 

 

Step 2

• Click Start >> Computer
  
• Right click on your main drive (usually 'C')
  
• Select Properties
  
• Click on the Tools tab
  
• Under Error Checking.. Click Check Now
  
• Please tick both options.
  
• Click Start
  
• On the screen that comes up.. Click Yes then OK
  
• Now restart your computer.

Note: Be patient. Analyzing the drive can be a lengthy process

 

 

Step 3

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Post the contents of JRT.txt into your next message.
  

 

 

 

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
  
• Double click on adwcleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator.
  
• Click on the Scan button.
  
• AdwCleaner will begin to scan your computer.
  
• After the scan has finished...
  
• Click on the Clean button.
  
• Press OK when asked to close all programs and follow the onscreen prompts.
  
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  
• After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  
• Copy and paste the contents of that logfile in your next reply.
  
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

In your next reply, please submit:

Fixlog.txt

JRT.txt

AdwCleaner report

 

 

Thanks.

fixlist.txt

[Slumdog]

I cannot do Step 2. It says Windows cannot check while disk is in use.

Will this effect steps 3 and 4 or should I continue with them?

 

Thanks

[Starbuck]

I cannot do Step 2. It says Windows cannot check while disk is in use.

That's right, it will say that.

All you do then is reboot the system.

The check should then run before windows boots up.

[Slumdog]

# AdwCleaner v3.205 - Report created 02/05/2014 at 20:07:09

# Updated 28/04/2014 by Xplode

# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

# Username : garysmithafc - LAPTOP

# Running from : C:\Users\garysmithafc\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

[#] Service Deleted : hsswd

***** [ Files / Folders ] *****

Folder Deleted : C:\Windows\system32\hotspot shield

Folder Deleted : C:\Users\GARYSM~1\AppData\Local\Temp\hotspot shield

Folder Deleted : C:\Users\garysmithafc\AppData\Local\Bundled software uninstaller

Folder Deleted : C:\Users\garysmithafc\AppData\Local\Media Get LLC

Folder Deleted : C:\Users\garysmithafc\AppData\Local\MediaGet2

Folder Deleted : C:\Users\garysmithafc\AppData\Local\PackageAware

Folder Deleted : C:\Users\garysmithafc\AppData\Roaming\ParetoLogic

File Deleted : C:\Windows\system32\bandoolmx.dll

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}

Key Deleted : HKCU\Software\ParetoLogic

Key Deleted : HKLM\Software\ParetoLogic

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\clickpotatolitesa

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hotspotshield

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

 

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\garysmithafc\AppData\Roaming\Mozilla\Firefox\Profiles\w8lqr85o.default\prefs.js ]

 

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

[ File : C:\Users\garysmithafc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={D4C7B0A7-DA9D-475A-B35D-B0E094B1D1AC}&mid=7876928f013247d39dcad5343d3b094e-8ef8b61af5b4fbb7678a476b28e2568301b69fdc&lang=en&ds=AVG&pr=fr&d=2013-08-27%2017:14:06&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}

Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3323875&octid=EB_ORIGINAL_CTID&ISID=M8F92EAA2-EFAD-4432-8403-30E8F89D1C1F&SearchSource=58&CUI=&UM=5&UP=SP538F9DE4-BBBE-46E6-9FB0-3A19B4D03568&q={searchTerms}&SSPV=

Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [3995 octets] - [02/05/2014 20:05:48]

AdwCleaner[s0].txt - [3776 octets] - [02/05/2014 20:07:09]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3836 octets] ##########