I downloaded Avast on a comp in hopes to help out with a virus, but it does nothing when clicked on.
This is for a Windows 7
I already tried the repair/reboot method…still nothing. Any advice? I’d really like this to work.
I downloaded Avast on a comp in hopes to help out with a virus, but it does nothing when clicked on.
This is for a Windows 7
I already tried the repair/reboot method…still nothing. Any advice? I’d really like this to work.
If you are already infected it may be blocking Avast from installing properly… What are the symptoms ?
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Select additions at the bottom
[*]Press Scan button.
https://dl.dropboxusercontent.com/u/73555776/frst.JPG
[*]It will produce a log called FRST.txt in the same directory the tool is run from.
[*]Please attach both logs generated.
Thank you for the quick reply, but how can I post the log here? I’m only allowed 20k characters
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft) C:\Program Files (x86)\Personalized Software\Childcare Manager 10\Utilities\CCMLogManagerService\CCMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Lethal Tonight\Lethal Tonight.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
() C:\ProgramData{2899c890-57cb-72e8-2899-9c89057c2241}\FIFA Soccer 64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\Shaky Entertainment\Shaky Entertainment.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM.…\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM.…\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [508312 2009-12-15] (CANON INC.)
HKLM.…\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32.…\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32.…\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32.…\Run: =>
HKLM-x32.…\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32.…\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32.…\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32.…\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32.…\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-14] ()
HKLM-x32.…\Run: [MFARestart] => “C:\ProgramData\MFAData\pack\avgrunasx.exe” /usereg
HKLM-x32.…\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-23] (AVAST Software)
HKLM-x32.…\RunOnce: [Import FF:0] => “C:\Users\Little Wonders\AppData\Local\browser extensions\Resources\certutil.exe” -A -n “DO_NOT_TRUST_FiddlerRoot” -t “TCu,TCu,TCu” -i "C:\Users\Little Wonders\AppData\Local\browser extensions\Trusted (the data entry has 96 more characters).
HKU\S-1-5-21-443951736-1583617210-2315430799-1001.…\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
IFEO\a.exe: [Debugger] svchost.exe
IFEO\aAvgApi.exe: [Debugger] svchost.exe
IFEO\AAWTray.exe: [Debugger] svchost.exe
IFEO\About.exe: [Debugger] svchost.exe
IFEO\ackwin32.exe: [Debugger] svchost.exe
IFEO\Ad-Aware.exe: [Debugger] svchost.exe
IFEO\adaware.exe: [Debugger] svchost.exe
IFEO\advxdwin.exe: [Debugger] svchost.exe
IFEO\AdwarePrj.exe: [Debugger] svchost.exe
IFEO\agent.exe: [Debugger] svchost.exe
IFEO\agentsvr.exe: [Debugger] svchost.exe
IFEO\agentw.exe: [Debugger] svchost.exe
IFEO\alertsvc.exe: [Debugger] svchost.exe
IFEO\alevir.exe: [Debugger] svchost.exe
IFEO\alogserv.exe: [Debugger] svchost.exe
IFEO\AlphaAV: [Debugger] svchost.exe
IFEO\AlphaAV.exe: [Debugger] svchost.exe
IFEO\AluSchedulerSvc.exe: [Debugger] svchost.exe
IFEO\amon9x.exe: [Debugger] svchost.exe
IFEO\anti-trojan.exe: [Debugger] svchost.exe
IFEO\Anti-Virus Professional.exe: [Debugger] svchost.exe
IFEO\AntispywarXP2009.exe: [Debugger] svchost.exe
IFEO\antivirus.exe: [Debugger] svchost.exe
IFEO\AntivirusPlus: [Debugger] svchost.exe
IFEO\AntivirusPlus.exe: [Debugger] svchost.exe
IFEO\AntivirusPro_2010.exe: [Debugger] svchost.exe
IFEO\AntivirusXP: [Debugger] svchost.exe
IFEO\AntivirusXP.exe: [Debugger] svchost.exe
IFEO\antivirusxppro2009.exe: [Debugger] svchost.exe
IFEO\AntiVirus_Pro.exe: [Debugger] svchost.exe
IFEO\ants.exe: [Debugger] svchost.exe
IFEO\apimonitor.exe: [Debugger] svchost.exe
IFEO\aplica32.exe: [Debugger] svchost.exe
IFEO\apvxdwin.exe: [Debugger] svchost.exe
IFEO\arr.exe: [Debugger] svchost.exe
IFEO\ashAvast.exe: [Debugger] svchost.exe
IFEO\ashBug.exe: [Debugger] svchost.exe
IFEO\ashChest.exe: [Debugger] svchost.exe
IFEO\ashCnsnt.exe: [Debugger] svchost.exe
IFEO\ashDisp.exe: [Debugger] svchost.exe
IFEO\ashLogV.exe: [Debugger] svchost.exe
IFEO\ashMaiSv.exe: [Debugger] svchost.exe
IFEO\ashPopWz.exe: [Debugger] svchost.exe
IFEO\ashQuick.exe: [Debugger] svchost.exe
IFEO\ashServ.exe: [Debugger] svchost.exe
IFEO\ashSimp2.exe: [Debugger] svchost.exe
IFEO\ashSimpl.exe: [Debugger] svchost.exe
IFEO\ashSkPcc.exe: [Debugger] svchost.exe
IFEO\ashSkPck.exe: [Debugger] svchost.exe
IFEO\ashUpd.exe: [Debugger] svchost.exe
IFEO\ashWebSv.exe: [Debugger] svchost.exe
IFEO\aswChLic.exe: [Debugger] svchost.exe
IFEO\aswRegSvr.exe: [Debugger] svchost.exe
IFEO\aswRunDll.exe: [Debugger] svchost.exe
IFEO\aswUpdSv.exe: [Debugger] svchost.exe
IFEO\atcon.exe: [Debugger] svchost.exe
IFEO\atguard.exe: [Debugger] svchost.exe
IFEO\atro55en.exe: [Debugger] svchost.exe
IFEO\atupdater.exe: [Debugger] svchost.exe
IFEO\atwatch.exe: [Debugger] svchost.exe
IFEO\au.exe: [Debugger] svchost.exe
IFEO\aupdate.exe: [Debugger] svchost.exe
IFEO\auto-protect.nav80try.exe: [Debugger] svchost.exe
IFEO\autodown.exe: [Debugger] svchost.exe
IFEO\autotrace.exe: [Debugger] svchost.exe
IFEO\autoupdate.exe: [Debugger] svchost.exe
IFEO\av360.exe: [Debugger] svchost.exe
IFEO\avadmin.exe: [Debugger] svchost.exe
IFEO\avastSvc.exe: [Debugger] svchost.exe
IFEO\avastUI.exe: [Debugger] svchost.exe
IFEO\AVCare.exe: [Debugger] svchost.exe
IFEO\avcenter.exe: [Debugger] svchost.exe
IFEO\avciman.exe: [Debugger] svchost.exe
IFEO\avconfig.exe: [Debugger] svchost.exe
IFEO\avconsol.exe: [Debugger] svchost.exe
IFEO\ave32.exe: [Debugger] svchost.exe
IFEO\AVENGINE.EXE: [Debugger] svchost.exe
IFEO\avgcc32.exe: [Debugger] svchost.exe
IFEO\avgchk.exe: [Debugger] svchost.exe
IFEO\avgcmgr.exe: [Debugger] svchost.exe
IFEO\avgcsrvx.exe: [Debugger] svchost.exe
IFEO\avgctrl.exe: [Debugger] svchost.exe
IFEO\avgdumpx.exe: [Debugger] svchost.exe
IFEO\avgemc.exe: [Debugger] svchost.exe
IFEO\avgiproxy.exe: [Debugger] svchost.exe
IFEO\avgnsx.exe: [Debugger] svchost.exe
IFEO\avgnt.exe: [Debugger] svchost.exe
IFEO\avgrsx.exe: [Debugger] svchost.exe
IFEO\avgscanx.exe: [Debugger] svchost.exe
IFEO\avgserv.exe: [Debugger] svchost.exe
IFEO\avgserv9.exe: [Debugger] svchost.exe
IFEO\avgsrmax.exe: [Debugger] svchost.exe
IFEO\avgtray.exe: [Debugger] svchost.exe
IFEO\avguard.exe: [Debugger] svchost.exe
IFEO\avgui.exe: [Debugger] svchost.exe
IFEO\avgupd.exe: [Debugger] svchost.exe
IFEO\avgw.exe: [Debugger] svchost.exe
IFEO\avgwdsvc.exe: [Debugger] svchost.exe
IFEO\avkpop.exe: [Debugger] svchost.exe
IFEO\avkserv.exe: [Debugger] svchost.exe
IFEO\avkservice.exe: [Debugger] svchost.exe
IFEO\avkwctl9.exe: [Debugger] svchost.exe
IFEO\avltmain.exe: [Debugger] svchost.exe
IFEO\avmailc.exe: [Debugger] svchost.exe
IFEO\avmcdlg.exe: [Debugger] svchost.exe
IFEO\avnotify.exe: [Debugger] svchost.exe
IFEO\avnt.exe: [Debugger] svchost.exe
IFEO\avp32.exe: [Debugger] svchost.exe
IFEO\avpcc.exe: [Debugger] svchost.exe
IFEO\avpdos32.exe: [Debugger] svchost.exe
IFEO\avpm.exe: [Debugger] svchost.exe
IFEO\avptc32.exe: [Debugger] svchost.exe
IFEO\avpupd.exe: [Debugger] svchost.exe
IFEO\avsched32.exe: [Debugger] svchost.exe
IFEO\avshadow.exe: [Debugger] svchost.exe
IFEO\avsynmgr.exe: [Debugger] svchost.exe
IFEO\avupgsvc.exe: [Debugger] svchost.exe
IFEO\AVWEBGRD.EXE: [Debugger] svchost.exe
IFEO\avwin.exe: [Debugger] svchost.exe
IFEO\avwin95.exe: [Debugger] svchost.exe
IFEO\avwinnt.exe: [Debugger] svchost.exe
IFEO\avwsc.exe: [Debugger] svchost.exe
IFEO\avwupd.exe: [Debugger] svchost.exe
IFEO\avwupd32.exe: [Debugger] svchost.exe
IFEO\avwupsrv.exe: [Debugger] svchost.exe
IFEO\avxmonitor9x.exe: [Debugger] svchost.exe
IFEO\avxmonitornt.exe: [Debugger] svchost.exe
IFEO\avxquar.exe: [Debugger] svchost.exe
IFEO\b.exe: [Debugger] svchost.exe
IFEO\backweb.exe: [Debugger] svchost.exe
IFEO\bargains.exe: [Debugger] svchost.exe
IFEO\bdfvcl.exe: [Debugger] svchost.exe
IFEO\bdfvwiz.exe: [Debugger] svchost.exe
IFEO\BDInProcPatch.exe: [Debugger] svchost.exe
IFEO\bdmcon.exe: [Debugger] svchost.exe
IFEO\BDMsnScan.exe: [Debugger] svchost.exe
IFEO\BDSurvey.exe: [Debugger] svchost.exe
IFEO\bd_professional.exe: [Debugger] svchost.exe
IFEO\beagle.exe: [Debugger] svchost.exe
IFEO\belt.exe: [Debugger] svchost.exe
IFEO\bidef.exe: [Debugger] svchost.exe
IFEO\bidserver.exe: [Debugger] svchost.exe
IFEO\bipcp.exe: [Debugger] svchost.exe
IFEO\bipcpevalsetup.exe: [Debugger] svchost.exe
IFEO\bisp.exe: [Debugger] svchost.exe
IFEO\blackd.exe: [Debugger] svchost.exe
IFEO\blackice.exe: [Debugger] svchost.exe
IFEO\blink.exe: [Debugger] svchost.exe
IFEO\blss.exe: [Debugger] svchost.exe
IFEO\bootconf.exe: [Debugger] svchost.exe
IFEO\bootwarn.exe: [Debugger] svchost.exe
IFEO\borg2.exe: [Debugger] svchost.exe
IFEO\bpc.exe: [Debugger] svchost.exe
IFEO\brasil.exe: [Debugger] svchost.exe
IFEO\brastk.exe: [Debugger] svchost.exe
IFEO\brw.exe: [Debugger] svchost.exe
IFEO\bs120.exe: [Debugger] svchost.exe
IFEO\bspatch.exe: [Debugger] svchost.exe
IFEO\bundle.exe: [Debugger] svchost.exe
IFEO\bvt.exe: [Debugger] svchost.exe
IFEO\c.exe: [Debugger] svchost.exe
IFEO\cavscan.exe: [Debugger] svchost.exe
IFEO\ccapp.exe: [Debugger] svchost.exe
IFEO\ccevtmgr.exe: [Debugger] svchost.exe
IFEO\ccpxysvc.exe: [Debugger] svchost.exe
IFEO\ccSvcHst.exe: [Debugger] svchost.exe
IFEO\cdp.exe: [Debugger] svchost.exe
IFEO\cfd.exe: [Debugger] svchost.exe
IFEO\cfgwiz.exe: [Debugger] svchost.exe
IFEO\cfiadmin.exe: [Debugger] svchost.exe
IFEO\cfiaudit.exe: [Debugger] svchost.exe
IFEO\cfinet.exe: [Debugger] svchost.exe
IFEO\cfinet32.exe: [Debugger] svchost.exe
IFEO\cfp.exe: [Debugger] svchost.exe
IFEO\cfpconfg.exe: [Debugger] svchost.exe
IFEO\cfplogvw.exe: [Debugger] svchost.exe
IFEO\cfpupdat.exe: [Debugger] svchost.exe
IFEO\claw95.exe: [Debugger] svchost.exe
IFEO\claw95cf.exe: [Debugger] svchost.exe
IFEO\clean.exe: [Debugger] svchost.exe
IFEO\cleaner.exe: [Debugger] svchost.exe
IFEO\cleaner3.exe: [Debugger] svchost.exe
IFEO\cleanIELow.exe: [Debugger] svchost.exe
IFEO\cleanpc.exe: [Debugger] svchost.exe
IFEO\click.exe: [Debugger] svchost.exe
IFEO\cmd32.exe: [Debugger] svchost.exe
IFEO\cmdagent.exe: [Debugger] svchost.exe
IFEO\cmesys.exe: [Debugger] svchost.exe
IFEO\cmgrdian.exe: [Debugger] svchost.exe
IFEO\cmon016.exe: [Debugger] svchost.exe
IFEO\connectionmonitor.exe: [Debugger] svchost.exe
IFEO\control: [Debugger] svchost.exe
IFEO\cpd.exe: [Debugger] svchost.exe
IFEO\cpf9x206.exe: [Debugger] svchost.exe
IFEO\cpfnt206.exe: [Debugger] svchost.exe
IFEO\crashrep.exe: [Debugger] svchost.exe
IFEO\csc.exe: [Debugger] svchost.exe
IFEO\cssconfg.exe: [Debugger] svchost.exe
IFEO\cssupdat.exe: [Debugger] svchost.exe
IFEO\cssurf.exe: [Debugger] svchost.exe
IFEO\ctrl.exe: [Debugger] svchost.exe
IFEO\cv.exe: [Debugger] svchost.exe
IFEO\cwnb181.exe: [Debugger] svchost.exe
IFEO\cwntdwmo.exe: [Debugger] svchost.exe
IFEO\d.exe: [Debugger] svchost.exe
IFEO\datemanager.exe: [Debugger] svchost.exe
IFEO\dcomx.exe: [Debugger] svchost.exe
IFEO\defalert.exe: [Debugger] svchost.exe
IFEO\defscangui.exe: [Debugger] svchost.exe
IFEO\defwatch.exe: [Debugger] svchost.exe
IFEO\deloeminfs.exe: [Debugger] svchost.exe
IFEO\deputy.exe: [Debugger] svchost.exe
IFEO\divx.exe: [Debugger] svchost.exe
IFEO\dllcache.exe: [Debugger] svchost.exe
IFEO\dllreg.exe: [Debugger] svchost.exe
IFEO\doors.exe: [Debugger] svchost.exe
IFEO\dop.exe: [Debugger] svchost.exe
IFEO\dpf.exe: [Debugger] svchost.exe
IFEO\dpfsetup.exe: [Debugger] svchost.exe
IFEO\dpps2.exe: [Debugger] svchost.exe
IFEO\driverctrl.exe: [Debugger] svchost.exe
IFEO\drwatson.exe: [Debugger] svchost.exe
IFEO\drweb32.exe: [Debugger] svchost.exe
IFEO\drwebupw.exe: [Debugger] svchost.exe
IFEO\dssagent.exe: [Debugger] svchost.exe
IFEO\dvp95.exe: [Debugger] svchost.exe
IFEO\dvp95_0.exe: [Debugger] svchost.exe
IFEO\ecengine.exe: [Debugger] svchost.exe
IFEO\efpeadm.exe: [Debugger] svchost.exe
IFEO\emsw.exe: [Debugger] svchost.exe
IFEO\ent.exe: [Debugger] svchost.exe
IFEO\esafe.exe: [Debugger] svchost.exe
IFEO\escanhnt.exe: [Debugger] svchost.exe
IFEO\escanv95.exe: [Debugger] svchost.exe
IFEO\espwatch.exe: [Debugger] svchost.exe
IFEO\ethereal.exe: [Debugger] svchost.exe
IFEO\etrustcipe.exe: [Debugger] svchost.exe
IFEO\evpn.exe: [Debugger] svchost.exe
IFEO\exantivirus-cnet.exe: [Debugger] svchost.exe
IFEO\exe.avxw.exe: [Debugger] svchost.exe
IFEO\expert.exe: [Debugger] svchost.exe
IFEO\explore.exe: [Debugger] svchost.exe
IFEO\f-agnt95.exe: [Debugger] svchost.exe
IFEO\f-prot.exe: [Debugger] svchost.exe
IFEO\f-prot95.exe: [Debugger] svchost.exe
IFEO\f-stopw.exe: [Debugger] svchost.exe
IFEO\fact.exe: [Debugger] svchost.exe
IFEO\fameh32.exe: [Debugger] svchost.exe
IFEO\fast.exe: [Debugger] svchost.exe
IFEO\fch32.exe: [Debugger] svchost.exe
IFEO\fih32.exe: [Debugger] svchost.exe
IFEO\findviru.exe: [Debugger] svchost.exe
IFEO\firewall.exe: [Debugger] svchost.exe
IFEO\fixcfg.exe: [Debugger] svchost.exe
IFEO\fixfp.exe: [Debugger] svchost.exe
IFEO\fnrb32.exe: [Debugger] svchost.exe
IFEO\fp-win.exe: [Debugger] svchost.exe
IFEO\fp-win_trial.exe: [Debugger] svchost.exe
IFEO\fprot.exe: [Debugger] svchost.exe
IFEO\frmwrk32.exe: [Debugger] svchost.exe
IFEO\frw.exe: [Debugger] svchost.exe
IFEO\fsaa.exe: [Debugger] svchost.exe
IFEO\fsav.exe: [Debugger] svchost.exe
IFEO\fsav32.exe: [Debugger] svchost.exe
IFEO\fsav530stbyb.exe: [Debugger] svchost.exe
IFEO\fsav530wtbyb.exe: [Debugger] svchost.exe
IFEO\fsav95.exe: [Debugger] svchost.exe
IFEO\fsgk32.exe: [Debugger] svchost.exe
IFEO\fsm32.exe: [Debugger] svchost.exe
IFEO\fsma32.exe: [Debugger] svchost.exe
IFEO\fsmb32.exe: [Debugger] svchost.exe
IFEO\gator.exe: [Debugger] svchost.exe
IFEO\gav.exe: [Debugger] svchost.exe
IFEO\gbmenu.exe: [Debugger] svchost.exe
IFEO\gbn976rl.exe: [Debugger] svchost.exe
IFEO\gbpoll.exe: [Debugger] svchost.exe
IFEO\generics.exe: [Debugger] svchost.exe
IFEO\gmt.exe: [Debugger] svchost.exe
IFEO\guard.exe: [Debugger] svchost.exe
IFEO\guarddog.exe: [Debugger] svchost.exe
IFEO\guardgui.exe: [Debugger] svchost.exe
IFEO\guardxkickoff.exe: [Debugger] svchost.exe
IFEO\hacktracersetup.exe: [Debugger] svchost.exe
IFEO\hbinst.exe: [Debugger] svchost.exe
IFEO\hbsrv.exe: [Debugger] svchost.exe
IFEO\History.exe: [Debugger] svchost.exe
IFEO\homeav2010.exe: [Debugger] svchost.exe
IFEO\hotactio.exe: [Debugger] svchost.exe
IFEO\hotpatch.exe: [Debugger] svchost.exe
IFEO\htlog.exe: [Debugger] svchost.exe
IFEO\htpatch.exe: [Debugger] svchost.exe
IFEO\hwpe.exe: [Debugger] svchost.exe
IFEO\hxdl.exe: [Debugger] svchost.exe
IFEO\hxiul.exe: [Debugger] svchost.exe
IFEO\iamapp.exe: [Debugger] svchost.exe
IFEO\iamserv.exe: [Debugger] svchost.exe
IFEO\iamstats.exe: [Debugger] svchost.exe
IFEO\ibmasn.exe: [Debugger] svchost.exe
IFEO\ibmavsp.exe: [Debugger] svchost.exe
IFEO\icload95.exe: [Debugger] svchost.exe
IFEO\icloadnt.exe: [Debugger] svchost.exe
IFEO\icmon.exe: [Debugger] svchost.exe
IFEO\icsupp95.exe: [Debugger] svchost.exe
IFEO\icsuppnt.exe: [Debugger] svchost.exe
IFEO\Identity.exe: [Debugger] svchost.exe
IFEO\idle.exe: [Debugger] svchost.exe
IFEO\iedll.exe: [Debugger] svchost.exe
IFEO\iedriver.exe: [Debugger] svchost.exe
IFEO\IEShow.exe: [Debugger] svchost.exe
IFEO\iface.exe: [Debugger] svchost.exe
IFEO\ifw2000.exe: [Debugger] svchost.exe
IFEO\inetlnfo.exe: [Debugger] svchost.exe
IFEO\infus.exe: [Debugger] svchost.exe
IFEO\infwin.exe: [Debugger] svchost.exe
IFEO\init.exe: [Debugger] svchost.exe
IFEO\init32.exe : [Debugger] svchost.exe
IFEO\install[1].exe: [Debugger] svchost.exe
IFEO\install[2].exe: [Debugger] svchost.exe
IFEO\install[3].exe: [Debugger] svchost.exe
IFEO\install[4].exe: [Debugger] svchost.exe
IFEO\install[5].exe: [Debugger] svchost.exe
IFEO\intdel.exe: [Debugger] svchost.exe
IFEO\intren.exe: [Debugger] svchost.exe
IFEO\iomon98.exe: [Debugger] svchost.exe
IFEO\istsvc.exe: [Debugger] svchost.exe
IFEO\jammer.exe: [Debugger] svchost.exe
IFEO\jdbgmrg.exe: [Debugger] svchost.exe
IFEO\jedi.exe: [Debugger] svchost.exe
IFEO\JsRcGen.exe: [Debugger] svchost.exe
IFEO\kavlite40eng.exe: [Debugger] svchost.exe
IFEO\kavpers40eng.exe: [Debugger] svchost.exe
IFEO\kavpf.exe: [Debugger] svchost.exe
IFEO\kazza.exe: [Debugger] svchost.exe
IFEO\keenvalue.exe: [Debugger] svchost.exe
IFEO\kerio-pf-213-en-win.exe: [Debugger] svchost.exe
IFEO\kerio-wrl-421-en-win.exe: [Debugger] svchost.exe
IFEO\kerio-wrp-421-en-win.exe: [Debugger] svchost.exe
IFEO\killprocesssetup161.exe: [Debugger] svchost.exe
IFEO\ldnetmon.exe: [Debugger] svchost.exe
IFEO\ldpro.exe: [Debugger] svchost.exe
IFEO\ldpromenu.exe: [Debugger] svchost.exe
IFEO\ldscan.exe: [Debugger] svchost.exe
IFEO\licmgr.exe: [Debugger] svchost.exe
IFEO\lnetinfo.exe: [Debugger] svchost.exe
IFEO\loader.exe: [Debugger] svchost.exe
IFEO\localnet.exe: [Debugger] svchost.exe
IFEO\lockdown.exe: [Debugger] svchost.exe
IFEO\lockdown2000.exe: [Debugger] svchost.exe
IFEO\lookout.exe: [Debugger] svchost.exe
IFEO\lordpe.exe: [Debugger] svchost.exe
IFEO\lsetup.exe: [Debugger] svchost.exe
IFEO\luall.exe: [Debugger] svchost.exe
IFEO\luau.exe: [Debugger] svchost.exe
IFEO\lucomserver.exe: [Debugger] svchost.exe
IFEO\luinit.exe: [Debugger] svchost.exe
IFEO\luspt.exe: [Debugger] svchost.exe
IFEO\MalwareRemoval.exe: [Debugger] svchost.exe
IFEO\mapisvc32.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\mbamgui.exe: [Debugger] svchost.exe
IFEO\mbamservice.exe: [Debugger] svchost.exe
IFEO\mcagent.exe: [Debugger] svchost.exe
IFEO\mcmnhdlr.exe: [Debugger] svchost.exe
IFEO\mcmpeng.exe: [Debugger] svchost.exe
IFEO\mcmscsvc.exe: [Debugger] svchost.exe
IFEO\mcnasvc.exe: [Debugger] svchost.exe
IFEO\mcproxy.exe: [Debugger] svchost.exe
IFEO\McSACore.exe: [Debugger] svchost.exe
IFEO\mcshell.exe: [Debugger] svchost.exe
IFEO\mcshield.exe: [Debugger] svchost.exe
IFEO\mcsysmon.exe: [Debugger] svchost.exe
IFEO\mctool.exe: [Debugger] svchost.exe
IFEO\mcupdate.exe: [Debugger] svchost.exe
IFEO\mcvsrte.exe: [Debugger] svchost.exe
IFEO\mcvsshld.exe: [Debugger] svchost.exe
IFEO\md.exe: [Debugger] svchost.exe
IFEO\mfin32.exe: [Debugger] svchost.exe
IFEO\mfw2en.exe: [Debugger] svchost.exe
IFEO\mfweng3.02d30.exe: [Debugger] svchost.exe
IFEO\mgavrtcl.exe: [Debugger] svchost.exe
IFEO\mgavrte.exe: [Debugger] svchost.exe
IFEO\mghtml.exe: [Debugger] svchost.exe
IFEO\mgui.exe: [Debugger] svchost.exe
IFEO\minilog.exe: [Debugger] svchost.exe
IFEO\mmod.exe: [Debugger] svchost.exe
IFEO\monitor.exe: [Debugger] svchost.exe
IFEO\moolive.exe: [Debugger] svchost.exe
IFEO\mostat.exe: [Debugger] svchost.exe
IFEO\mpfagent.exe: [Debugger] svchost.exe
IFEO\mpfservice.exe: [Debugger] svchost.exe
IFEO\MPFSrv.exe: [Debugger] svchost.exe
IFEO\mpftray.exe: [Debugger] svchost.exe
IFEO\mrflux.exe: [Debugger] svchost.exe
IFEO\mrt.exe: [Debugger] svchost.exe
IFEO\msa.exe: [Debugger] svchost.exe
IFEO\msapp.exe: [Debugger] svchost.exe
IFEO\MSASCui.exe: [Debugger] svchost.exe
IFEO\msbb.exe: [Debugger] svchost.exe
IFEO\msblast.exe: [Debugger] svchost.exe
IFEO\mscache.exe: [Debugger] svchost.exe
IFEO\msccn32.exe: [Debugger] svchost.exe
IFEO\mscman.exe: [Debugger] svchost.exe
IFEO\msconfig: [Debugger] svchost.exe
IFEO\msdm.exe: [Debugger] svchost.exe
IFEO\msdos.exe: [Debugger] svchost.exe
IFEO\msiexec16.exe: [Debugger] svchost.exe
IFEO\mslaugh.exe: [Debugger] svchost.exe
IFEO\msmgt.exe: [Debugger] svchost.exe
IFEO\msmsgri32.exe: [Debugger] svchost.exe
IFEO\msseces.exe: [Debugger] svchost.exe
IFEO\mssmmc32.exe: [Debugger] svchost.exe
IFEO\mssys.exe: [Debugger] svchost.exe
IFEO\msvxd.exe: [Debugger] svchost.exe
IFEO\mu0311ad.exe: [Debugger] svchost.exe
IFEO\mwatch.exe: [Debugger] svchost.exe
IFEO\n32scanw.exe: [Debugger] svchost.exe
IFEO\nav.exe: [Debugger] svchost.exe
IFEO\navap.navapsvc.exe: [Debugger] svchost.exe
IFEO\navapsvc.exe: [Debugger] svchost.exe
IFEO\navapw32.exe: [Debugger] svchost.exe
IFEO\navdx.exe: [Debugger] svchost.exe
IFEO\navlu32.exe: [Debugger] svchost.exe
IFEO\navnt.exe: [Debugger] svchost.exe
IFEO\navstub.exe: [Debugger] svchost.exe
IFEO\nc2000.exe: [Debugger] svchost.exe
IFEO\ncinst4.exe: [Debugger] svchost.exe
IFEO\ndd32.exe: [Debugger] svchost.exe
IFEO\neomonitor.exe: [Debugger] svchost.exe
IFEO\neowatchlog.exe: [Debugger] svchost.exe
IFEO\netarmor.exe: [Debugger] svchost.exe
IFEO\netd32.exe: [Debugger] svchost.exe
IFEO\netinfo.exe: [Debugger] svchost.exe
IFEO\netmon.exe: [Debugger] svchost.exe
IFEO\netscanpro.exe: [Debugger] svchost.exe
IFEO\netspyhunter-1.2.exe: [Debugger] svchost.exe
IFEO\netutils.exe: [Debugger] svchost.exe
IFEO\nisserv.exe: [Debugger] svchost.exe
IFEO\nisum.exe: [Debugger] svchost.exe
IFEO\nmain.exe: [Debugger] svchost.exe
IFEO\nod32.exe: [Debugger] svchost.exe
IFEO\normist.exe: [Debugger] svchost.exe
IFEO\norton_internet_secu_3.0_407.exe: [Debugger] svchost.exe
IFEO\notstart.exe: [Debugger] svchost.exe
IFEO\npf40_tw_98_nt_me_2k.exe: [Debugger] svchost.exe
IFEO\npfmessenger.exe: [Debugger] svchost.exe
IFEO\nprotect.exe: [Debugger] svchost.exe
IFEO\npscheck.exe: [Debugger] svchost.exe
IFEO\npssvc.exe: [Debugger] svchost.exe
IFEO\nsched32.exe: [Debugger] svchost.exe
IFEO\nssys32.exe: [Debugger] svchost.exe
IFEO\nstask32.exe: [Debugger] svchost.exe
IFEO\nsupdate.exe: [Debugger] svchost.exe
IFEO\nt.exe: [Debugger] svchost.exe
IFEO\ntrtscan.exe: [Debugger] svchost.exe
IFEO\ntvdm.exe: [Debugger] svchost.exe
IFEO\ntxconfig.exe: [Debugger] svchost.exe
IFEO\nui.exe: [Debugger] svchost.exe
IFEO\nupgrade.exe: [Debugger] svchost.exe
IFEO\nvarch16.exe: [Debugger] svchost.exe
IFEO\nvc95.exe: [Debugger] svchost.exe
IFEO\nvsvc32.exe: [Debugger] svchost.exe
IFEO\nwinst4.exe: [Debugger] svchost.exe
IFEO\nwservice.exe: [Debugger] svchost.exe
IFEO\nwtool16.exe: [Debugger] svchost.exe
IFEO\OAcat.exe: [Debugger] svchost.exe
IFEO\OAhlp.exe: [Debugger] svchost.exe
IFEO\OAReg.exe: [Debugger] svchost.exe
IFEO\oasrv.exe: [Debugger] svchost.exe
IFEO\oaui.exe: [Debugger] svchost.exe
IFEO\oaview.exe: [Debugger] svchost.exe
IFEO\ODSW.exe: [Debugger] svchost.exe
IFEO\ollydbg.exe: [Debugger] svchost.exe
IFEO\onsrvr.exe: [Debugger] svchost.exe
IFEO\optimize.exe: [Debugger] svchost.exe
IFEO\ostronet.exe: [Debugger] svchost.exe
IFEO\otfix.exe: [Debugger] svchost.exe
IFEO\outpost.exe: [Debugger] svchost.exe
IFEO\outpostinstall.exe: [Debugger] svchost.exe
IFEO\outpostproinstall.exe: [Debugger] svchost.exe
IFEO\ozn695m5.exe: [Debugger] svchost.exe
IFEO\padmin.exe: [Debugger] svchost.exe
IFEO\panixk.exe: [Debugger] svchost.exe
IFEO\patch.exe: [Debugger] svchost.exe
IFEO\pav.exe: [Debugger] svchost.exe
IFEO\pavcl.exe: [Debugger] svchost.exe
IFEO\PavFnSvr.exe: [Debugger] svchost.exe
IFEO\pavproxy.exe: [Debugger] svchost.exe
IFEO\pavprsrv.exe: [Debugger] svchost.exe
IFEO\pavsched.exe: [Debugger] svchost.exe
IFEO\pavsrv51.exe: [Debugger] svchost.exe
IFEO\pavw.exe: [Debugger] svchost.exe
IFEO\pc.exe: [Debugger] svchost.exe
IFEO\pccwin98.exe: [Debugger] svchost.exe
IFEO\pcfwallicon.exe: [Debugger] svchost.exe
IFEO\pcip10117_0.exe: [Debugger] svchost.exe
IFEO\pcscan.exe: [Debugger] svchost.exe
IFEO\pctsAuxs.exe: [Debugger] svchost.exe
IFEO\pctsGui.exe: [Debugger] svchost.exe
IFEO\pctsSvc.exe: [Debugger] svchost.exe
IFEO\pctsTray.exe: [Debugger] svchost.exe
IFEO\PC_Antispyware2010.exe: [Debugger] svchost.exe
IFEO\pdfndr.exe: [Debugger] svchost.exe
IFEO\pdsetup.exe: [Debugger] svchost.exe
IFEO\PerAvir.exe: [Debugger] svchost.exe
IFEO\periscope.exe: [Debugger] svchost.exe
IFEO\persfw.exe: [Debugger] svchost.exe
IFEO\personalguard: [Debugger] svchost.exe
IFEO\personalguard.exe: [Debugger] svchost.exe
IFEO\perswf.exe: [Debugger] svchost.exe
IFEO\pf2.exe: [Debugger] svchost.exe
IFEO\pfwadmin.exe: [Debugger] svchost.exe
IFEO\pgmonitr.exe: [Debugger] svchost.exe
IFEO\pingscan.exe: [Debugger] svchost.exe
IFEO\platin.exe: [Debugger] svchost.exe
IFEO\pop3trap.exe: [Debugger] svchost.exe
IFEO\poproxy.exe: [Debugger] svchost.exe
IFEO\popscan.exe: [Debugger] svchost.exe
IFEO\portdetective.exe: [Debugger] svchost.exe
IFEO\portmonitor.exe: [Debugger] svchost.exe
IFEO\powerscan.exe: [Debugger] svchost.exe
IFEO\ppinupdt.exe: [Debugger] svchost.exe
IFEO\pptbc.exe: [Debugger] svchost.exe
IFEO\ppvstop.exe: [Debugger] svchost.exe
IFEO\prizesurfer.exe: [Debugger] svchost.exe
IFEO\prmt.exe: [Debugger] svchost.exe
IFEO\prmvr.exe: [Debugger] svchost.exe
IFEO\procdump.exe: [Debugger] svchost.exe
IFEO\processmonitor.exe: [Debugger] svchost.exe
IFEO\procexplorerv1.0.exe: [Debugger] svchost.exe
IFEO\programauditor.exe: [Debugger] svchost.exe
IFEO\proport.exe: [Debugger] svchost.exe
IFEO\protector.exe: [Debugger] svchost.exe
IFEO\protectx.exe: [Debugger] svchost.exe
IFEO\PSANCU.exe: [Debugger] svchost.exe
IFEO\PSANHost.exe: [Debugger] svchost.exe
IFEO\PSANToManager.exe: [Debugger] svchost.exe
IFEO\PsCtrls.exe: [Debugger] svchost.exe
IFEO\PsImSvc.exe: [Debugger] svchost.exe
IFEO\PskSvc.exe: [Debugger] svchost.exe
IFEO\pspf.exe: [Debugger] svchost.exe
IFEO\PSUNMain.exe: [Debugger] svchost.exe
IFEO\purge.exe: [Debugger] svchost.exe
IFEO\qconsole.exe: [Debugger] svchost.exe
IFEO\qh.exe: [Debugger] svchost.exe
IFEO\qserver.exe: [Debugger] svchost.exe
IFEO\Quick Heal.exe: [Debugger] svchost.exe
IFEO\QuickHealCleaner.exe: [Debugger] svchost.exe
IFEO\rapapp.exe: [Debugger] svchost.exe
IFEO\rav7.exe: [Debugger] svchost.exe
IFEO\rav7win.exe: [Debugger] svchost.exe
IFEO\rav8win32eng.exe: [Debugger] svchost.exe
IFEO\ray.exe: [Debugger] svchost.exe
IFEO\rb32.exe: [Debugger] svchost.exe
IFEO\rcsync.exe: [Debugger] svchost.exe
IFEO\realmon.exe: [Debugger] svchost.exe
IFEO\reged.exe: [Debugger] svchost.exe
IFEO\regedt32.exe: [Debugger] svchost.exe
IFEO\rescue.exe: [Debugger] svchost.exe
IFEO\rescue32.exe: [Debugger] svchost.exe
IFEO\rrguard.exe: [Debugger] svchost.exe
IFEO\rscdwld.exe: [Debugger] svchost.exe
IFEO\rshell.exe: [Debugger] svchost.exe
IFEO\rtvscan.exe: [Debugger] svchost.exe
IFEO\rtvscn95.exe: [Debugger] svchost.exe
IFEO\rulaunch.exe: [Debugger] svchost.exe
IFEO\rwg: [Debugger] svchost.exe
IFEO\rwg.exe: [Debugger] svchost.exe
IFEO\SafetyKeeper.exe: [Debugger] svchost.exe
IFEO\safeweb.exe: [Debugger] svchost.exe
IFEO\sahagent.exe: [Debugger] svchost.exe
IFEO\Save.exe: [Debugger] svchost.exe
IFEO\SaveArmor.exe: [Debugger] svchost.exe
IFEO\SaveDefense.exe: [Debugger] svchost.exe
IFEO\SaveKeep.exe: [Debugger] svchost.exe
IFEO\savenow.exe: [Debugger] svchost.exe
IFEO\sbserv.exe: [Debugger] svchost.exe
IFEO\sc.exe: [Debugger] svchost.exe
IFEO\scam32.exe: [Debugger] svchost.exe
IFEO\scan32.exe: [Debugger] svchost.exe
IFEO\scan95.exe: [Debugger] svchost.exe
IFEO\scanpm.exe: [Debugger] svchost.exe
IFEO\scrscan.exe: [Debugger] svchost.exe
IFEO\Secure Veteran.exe: [Debugger] svchost.exe
IFEO\secureveteran.exe: [Debugger] svchost.exe
IFEO\Security Center.exe: [Debugger] svchost.exe
IFEO\SecurityFighter.exe: [Debugger] svchost.exe
IFEO\securitysoldier.exe: [Debugger] svchost.exe
IFEO\serv95.exe: [Debugger] svchost.exe
IFEO\setloadorder.exe: [Debugger] svchost.exe
IFEO\setupvameeval.exe: [Debugger] svchost.exe
IFEO\setup_flowprotector_us.exe: [Debugger] svchost.exe
IFEO\sgssfw32.exe: [Debugger] svchost.exe
IFEO\sh.exe: [Debugger] svchost.exe
IFEO\shellspyinstall.exe: [Debugger] svchost.exe
IFEO\shield.exe: [Debugger] svchost.exe
IFEO\shn.exe: [Debugger] svchost.exe
IFEO\showbehind.exe: [Debugger] svchost.exe
IFEO\signcheck.exe: [Debugger] svchost.exe
IFEO\smart.exe: [Debugger] svchost.exe
IFEO\smartprotector.exe: [Debugger] svchost.exe
IFEO\smc.exe: [Debugger] svchost.exe
IFEO\smrtdefp.exe: [Debugger] svchost.exe
IFEO\sms.exe: [Debugger] svchost.exe
IFEO\smss32.exe: [Debugger] svchost.exe
IFEO\snetcfg.exe: [Debugger] svchost.exe
IFEO\soap.exe: [Debugger] svchost.exe
IFEO\sofi.exe: [Debugger] svchost.exe
IFEO\SoftSafeness.exe: [Debugger] svchost.exe
IFEO\sperm.exe: [Debugger] svchost.exe
IFEO\spf.exe: [Debugger] svchost.exe
IFEO\sphinx.exe: [Debugger] svchost.exe
IFEO\spoler.exe: [Debugger] svchost.exe
IFEO\spoolcv.exe: [Debugger] svchost.exe
IFEO\spoolsv32.exe: [Debugger] svchost.exe
IFEO\spywarexpguard.exe: [Debugger] svchost.exe
IFEO\spyxx.exe: [Debugger] svchost.exe
IFEO\srexe.exe: [Debugger] svchost.exe
IFEO\srng.exe: [Debugger] svchost.exe
IFEO\ss3edit.exe: [Debugger] svchost.exe
IFEO\ssgrate.exe: [Debugger] svchost.exe
IFEO\ssg_4104.exe: [Debugger] svchost.exe
IFEO\st2.exe: [Debugger] svchost.exe
IFEO\start.exe: [Debugger] svchost.exe
IFEO\stcloader.exe: [Debugger] svchost.exe
IFEO\supftrl.exe: [Debugger] svchost.exe
IFEO\support.exe: [Debugger] svchost.exe
IFEO\supporter5.exe: [Debugger] svchost.exe
IFEO\svc.exe: [Debugger] svchost.exe
IFEO\svchostc.exe: [Debugger] svchost.exe
IFEO\svchosts.exe: [Debugger] svchost.exe
IFEO\svshost.exe: [Debugger] svchost.exe
IFEO\sweep95.exe: [Debugger] svchost.exe
IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: [Debugger] svchost.exe
IFEO\symlcsvc.exe: [Debugger] svchost.exe
IFEO\symproxysvc.exe: [Debugger] svchost.exe
IFEO\symtray.exe: [Debugger] svchost.exe
IFEO\system.exe: [Debugger] svchost.exe
IFEO\system32.exe: [Debugger] svchost.exe
IFEO\sysupd.exe: [Debugger] svchost.exe
IFEO\tapinstall.exe: [Debugger] svchost.exe
IFEO\taumon.exe: [Debugger] svchost.exe
IFEO\tbscan.exe: [Debugger] svchost.exe
IFEO\tc.exe: [Debugger] svchost.exe
IFEO\tca.exe: [Debugger] svchost.exe
IFEO\tcm.exe: [Debugger] svchost.exe
IFEO\tds-3.exe: [Debugger] svchost.exe
IFEO\tds2-98.exe: [Debugger] svchost.exe
IFEO\tds2-nt.exe: [Debugger] svchost.exe
IFEO\teekids.exe: [Debugger] svchost.exe
IFEO\tfak.exe: [Debugger] svchost.exe
IFEO\tfak5.exe: [Debugger] svchost.exe
IFEO\tgbob.exe: [Debugger] svchost.exe
IFEO\titanin.exe: [Debugger] svchost.exe
IFEO\titaninxp.exe: [Debugger] svchost.exe
IFEO\TPSrv.exe: [Debugger] svchost.exe
IFEO\trickler.exe: [Debugger] svchost.exe
IFEO\trjscan.exe: [Debugger] svchost.exe
IFEO\trjsetup.exe: [Debugger] svchost.exe
IFEO\trojantrap3.exe: [Debugger] svchost.exe
IFEO\TrustWarrior.exe: [Debugger] svchost.exe
IFEO\tsadbot.exe: [Debugger] svchost.exe
IFEO\tsc.exe: [Debugger] svchost.exe
IFEO\tvmd.exe: [Debugger] svchost.exe
IFEO\tvtmd.exe: [Debugger] svchost.exe
IFEO\undoboot.exe: [Debugger] svchost.exe
IFEO\updat.exe: [Debugger] svchost.exe
IFEO\upgrad.exe: [Debugger] svchost.exe
IFEO\utpost.exe: [Debugger] svchost.exe
IFEO\vbcmserv.exe: [Debugger] svchost.exe
IFEO\vbcons.exe: [Debugger] svchost.exe
IFEO\vbust.exe: [Debugger] svchost.exe
IFEO\vbwin9x.exe: [Debugger] svchost.exe
IFEO\vbwinntw.exe: [Debugger] svchost.exe
IFEO\vcsetup.exe: [Debugger] svchost.exe
IFEO\vet32.exe: [Debugger] svchost.exe
IFEO\vet95.exe: [Debugger] svchost.exe
IFEO\vettray.exe: [Debugger] svchost.exe
IFEO\vfsetup.exe: [Debugger] svchost.exe
IFEO\vir-help.exe: [Debugger] svchost.exe
IFEO\virusmdpersonalfirewall.exe: [Debugger] svchost.exe
IFEO\virusutilities.exe: [Debugger] svchost.exe
IFEO\VisthAux.exe: [Debugger] svchost.exe
IFEO\VisthLic.exe: [Debugger] svchost.exe
IFEO\VisthUpd.exe: [Debugger] svchost.exe
IFEO\vnlan300.exe: [Debugger] svchost.exe
IFEO\vnpc3000.exe: [Debugger] svchost.exe
IFEO\vpc32.exe: [Debugger] svchost.exe
IFEO\vpc42.exe: [Debugger] svchost.exe
IFEO\vpfw30s.exe: [Debugger] svchost.exe
IFEO\vptray.exe: [Debugger] svchost.exe
IFEO\vscan40.exe: [Debugger] svchost.exe
IFEO\vscenu6.02d30.exe: [Debugger] svchost.exe
IFEO\vsched.exe: [Debugger] svchost.exe
IFEO\vsecomr.exe: [Debugger] svchost.exe
IFEO\vshwin32.exe: [Debugger] svchost.exe
IFEO\vsisetup.exe: [Debugger] svchost.exe
IFEO\vsmain.exe: [Debugger] svchost.exe
IFEO\vsmon.exe: [Debugger] svchost.exe
IFEO\vsstat.exe: [Debugger] svchost.exe
IFEO\vswin9xe.exe: [Debugger] svchost.exe
IFEO\vswinntse.exe: [Debugger] svchost.exe
IFEO\vswinperse.exe: [Debugger] svchost.exe
IFEO\w32dsm89.exe: [Debugger] svchost.exe
IFEO\W3asbas.exe: [Debugger] svchost.exe
IFEO\w9x.exe: [Debugger] svchost.exe
IFEO\watchdog.exe: [Debugger] svchost.exe
IFEO\webdav.exe: [Debugger] svchost.exe
IFEO\WebProxy.exe: [Debugger] svchost.exe
IFEO\webscanx.exe: [Debugger] svchost.exe
IFEO\webtrap.exe: [Debugger] svchost.exe
IFEO\wfindv32.exe: [Debugger] svchost.exe
IFEO\whoswatchingme.exe: [Debugger] svchost.exe
IFEO\wimmun32.exe: [Debugger] svchost.exe
IFEO\win-bugsfix.exe: [Debugger] svchost.exe
IFEO\win32.exe: [Debugger] svchost.exe
IFEO\win32us.exe: [Debugger] svchost.exe
IFEO\winactive.exe: [Debugger] svchost.exe
IFEO\winav.exe: [Debugger] svchost.exe
IFEO\windll32.exe: [Debugger] svchost.exe
IFEO\window.exe: [Debugger] svchost.exe
IFEO\windows Police Pro.exe: [Debugger] svchost.exe
IFEO\windows.exe: [Debugger] svchost.exe
IFEO\wininetd.exe: [Debugger] svchost.exe
IFEO\wininitx.exe: [Debugger] svchost.exe
IFEO\winlogin.exe: [Debugger] svchost.exe
IFEO\winmain.exe: [Debugger] svchost.exe
IFEO\winppr32.exe: [Debugger] svchost.exe
IFEO\winrecon.exe: [Debugger] svchost.exe
IFEO\winservn.exe: [Debugger] svchost.exe
IFEO\winssk32.exe: [Debugger] svchost.exe
IFEO\winstart.exe: [Debugger] svchost.exe
IFEO\winstart001.exe: [Debugger] svchost.exe
IFEO\wintsk32.exe: [Debugger] svchost.exe
IFEO\winupdate.exe: [Debugger] svchost.exe
IFEO\wkufind.exe: [Debugger] svchost.exe
IFEO\wnad.exe: [Debugger] svchost.exe
IFEO\wnt.exe: [Debugger] svchost.exe
IFEO\wradmin.exe: [Debugger] svchost.exe
IFEO\wrctrl.exe: [Debugger] svchost.exe
IFEO\wsbgate.exe: [Debugger] svchost.exe
IFEO\wscfxas.exe: [Debugger] svchost.exe
IFEO\wscfxav.exe: [Debugger] svchost.exe
IFEO\wscfxfw.exe: [Debugger] svchost.exe
IFEO\wsctool.exe: [Debugger] svchost.exe
IFEO\wupdater.exe: [Debugger] svchost.exe
IFEO\wupdt.exe: [Debugger] svchost.exe
IFEO\wyvernworksfirewall.exe: [Debugger] svchost.exe
IFEO\xpdeluxe.exe: [Debugger] svchost.exe
IFEO\xpf202en.exe: [Debugger] svchost.exe
IFEO\xp_antispyware.exe: [Debugger] svchost.exe
IFEO\zapro.exe: [Debugger] svchost.exe
IFEO\zapsetup3001.exe: [Debugger] svchost.exe
IFEO\zatutor.exe: [Debugger] svchost.exe
IFEO\zonalm2601.exe: [Debugger] svchost.exe
IFEO\zonealarm.exe: [Debugger] svchost.exe
IFEO_avp32.exe: [Debugger] svchost.exe
IFEO_avpcc.exe: [Debugger] svchost.exe
IFEO_avpm.exe: [Debugger] svchost.exe
IFEO~1.exe: [Debugger] svchost.exe
IFEO~2.exe: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-01-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk → C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Little Wonders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA Soccer 64.lnk [2015-03-13]
ShortcutTarget: FIFA Soccer 64.lnk → C:\ProgramData{2899c890-57cb-72e8-2899-9c89057c2241}\FIFA Soccer 64.exe ()
ShellIconOverlayIdentifiers: [00avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-23] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-443951736-1583617210-2315430799-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.aol.com/?mtmhp=txtlnkusaolp00000800
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.cnn.com/
HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=88B8E0CB4E30AE28&affID=119351&tsp=5010
HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM → DefaultScope {6F6D87DE-DD42-479E-BD07-A61B01025604} URL = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM → {338A6B13-A8A3-4AF0-906C-1CC9EDEC0832} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKLM → {6F6D87DE-DD42-479E-BD07-A61B01025604} URL = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 → DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 → {338A6B13-A8A3-4AF0-906C-1CC9EDEC0832} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKLM-x32 → {6F6D87DE-DD42-479E-BD07-A61B01025604} URL = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 → {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=88B8E0CB4E30AE28&affID=119351&tsp=5010
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → {338A6B13-A8A3-4AF0-906C-1CC9EDEC0832} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → {63140ECF-C629-BE59-8F0E-90B4FF340C03} URL = http://www.bing.com/search?q={searchTerms}&pc=Z128&form=ZGAIDF&install_date=20110907&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → {6F6D87DE-DD42-479E-BD07-A61B01025604} URL = http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → {ABD93EAF-D775-BC54-E63B-2804F22FD156} URL = http://search.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20140228&user_guid=4B1D612982D341B2ABB13D76A10EF756&machine_id=7a27995b166c8b20db199f9d9cd3c534&browser=ie&os=win&os_version=6.1-x64-SP1
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-23] (AVAST Software)
BHO: MinimuumPrice → {AC747515-F000-40F9-9CD9-9F0FBCC80464} → C:\Program Files (x86)\MinimuumPrice\AqHg2CNGpDYc9p.x64.dll [2015-08-04] ()
BHO: AAllDeaalAApp → {F8862CE0-DB5C-4627-8136-3CDB9C2B6ED8} → C:\Program Files (x86)\AAllDeaalAApp\W2xYSTAMAjXwlS.x64.dll [2015-08-03] ()
BHO-x32: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-23] (AVAST Software)
BHO-x32: MinimuumPrice → {AC747515-F000-40F9-9CD9-9F0FBCC80464} → C:\Program Files (x86)\MinimuumPrice\AqHg2CNGpDYc9p.dll [2015-08-04] ()
BHO-x32: AAllDeaalAApp → {F8862CE0-DB5C-4627-8136-3CDB9C2B6ED8} → C:\Program Files (x86)\AAllDeaalAApp\W2xYSTAMAjXwlS.dll [2015-08-03] ()
Toolbar: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 → No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{35A80055-AF4B-4050-A202-E01638B934EF}: [DhcpNameServer] 192.168.1.1
FF ProfilePath: C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default
FF Homepage: hxxp://homepage.aol.com/?mtmhp=txtlnkusaolp00000800
FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 → C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 → C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @java.com/JavaPlugin → C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2010-11-10] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-07-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-07-06] (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer → C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2008-07-17] (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-443951736-1583617210-2315430799-1001: @citrixonline.com/appdetectorplugin → C:\Users\Little Wonders\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-05-01] (Citrix Online)
FF user.js: detected! => C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\user.js [2014-03-22]
FF SearchPlugin: C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\searchplugins\startnow.xml [2014-02-28]
FF HKLM-x32.…\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-30]
FF HKLM-x32.…\Firefox\Extensions: [gethighlightly@gethighlightly.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\gethighlightly@gethighlightly.com
FF HKLM-x32.…\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-23]
FF HKU\S-1-5-21-443951736-1583617210-2315430799-1001.…\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\extensions_qvxbkbnnuzqukzjj_i@frnhpojlbr_in.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
CHR Profile: C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-06]
CHR HKLM-x32.…\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 8338240e; c:\Program Files (x86)\PragmaEdit\PragmaEdit.dll [1776640 2015-06-16] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-23] (AVAST Software)
R2 CCMService; C:\Program Files (x86)\Personalized Software\Childcare Manager 10\Utilities\CCMLogManagerService\CCMService.exe [12288 2010-06-03] (Microsoft) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 ec9c17f1; c:\Program Files (x86)\SoftwarePlus\SoftwarePlus.dll [1771520 2015-07-05] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [923136 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 Lethal Tonight; C:\Program Files (x86)\Lethal Tonight\Lethal Tonight.exe [8016461 2015-07-10] () [File not signed] <==== ATTENTION
R2 MSSQL$CCMSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Shaky Entertainment; C:\Program Files (x86)\Shaky Entertainment\Shaky Entertainment.exe [8016385 2015-07-22] () [File not signed] <==== ATTENTION
S2 AVGIDSAgent; “C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe”
S2 gupdate; “C:\Program Files (x86)\Google\Update\GoogleUpdate.exe” /svc
S3 gupdatem; “C:\Program Files (x86)\Google\Update\GoogleUpdate.exe” /medsvc
S2 IHA_MessageCenter; “C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe”
S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-23] (AVAST Software)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61128 2014-03-18] (StdLib)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; ??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 14:58 - 2015-08-10 14:59 - 00053107 _____ C:\Users\Little Wonders\Desktop\FRST.txt
2015-08-10 14:58 - 2015-08-10 14:59 - 00000000 ____D C:\FRST
2015-08-10 14:58 - 2015-08-10 14:58 - 02171392 _____ (Farbar) C:\Users\Little Wonders\Desktop\FRST64.exe
2015-08-10 14:23 - 2015-08-10 14:23 - 00003288 ____N C:\bootsqm.dat
2015-08-10 14:11 - 2015-07-23 11:27 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-10 14:05 - 2015-08-10 14:05 - 00000024 _____ C:\Users\Little Wonders\AppData\Roaming\appdataFr25.bin
2015-08-05 09:33 - 2015-08-10 13:21 - 00000370 _____ C:\Windows\Tasks\FontElite.job
2015-08-05 09:33 - 2015-08-05 09:33 - 00003300 _____ C:\Windows\System32\Tasks\FontElite
2015-08-05 09:33 - 2015-08-05 09:33 - 00000000 ____D C:\ProgramData{3fac1441-b731-99d6-3fac-c1441b735106}
2015-08-04 14:36 - 2015-08-04 14:37 - 00000000 ____D C:\Program Files (x86)\MinimuumPrice
2015-08-04 14:36 - 2015-08-04 14:36 - 00000000 ____D C:\ProgramData\ikjdlleeejckkdkkapkcphmplhmpnfcc
2015-08-04 09:33 - 2015-08-10 13:21 - 00000372 _____ C:\Windows\Tasks\DreamDecode.job
2015-08-04 09:33 - 2015-08-04 09:33 - 00003302 _____ C:\Windows\System32\Tasks\DreamDecode
2015-08-04 09:33 - 2015-08-04 09:33 - 00000000 ____D C:\ProgramData{09efe88c-330f-6cfa-09ef-fe88c330a230}
2015-08-04 09:23 - 2015-06-26 11:05 - 00012063 _____ C:\Users\Little Wonders\Documents\Brave Knights Sept 15.xlsx
2015-08-04 09:20 - 2015-06-18 11:08 - 00011894 _____ C:\Users\Little Wonders\Documents\Magical Wizards Sept 15.xlsx
2015-08-04 09:16 - 2015-06-18 11:02 - 00011900 _____ C:\Users\Little Wonders\Documents\Playful Elves Sept 15.xlsx
2015-08-03 09:33 - 2015-08-03 09:33 - 00000000 ____D C:\Program Files (x86)\Talk and Comment for
2015-08-03 09:31 - 2015-08-03 09:31 - 00000000 ____D C:\Program Files (x86)\AAllDeaalAApp
2015-07-28 17:30 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 17:30 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 17:30 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 17:30 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 17:30 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 17:30 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 17:30 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 17:30 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-23 11:28 - 2015-08-10 14:13 - 00002081 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-23 11:28 - 2015-08-10 14:11 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-23 11:28 - 2015-07-23 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-23 11:27 - 2015-07-23 11:27 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-23 11:27 - 2015-07-23 11:27 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-23 11:27 - 2015-07-23 11:27 - 00150160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-23 11:27 - 2015-07-23 11:27 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-23 11:27 - 2015-07-23 11:27 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-23 11:27 - 2015-07-23 11:27 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-23 11:27 - 2015-07-23 11:27 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-23 11:27 - 2015-07-23 11:26 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-23 11:26 - 2015-07-23 11:26 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-23 11:25 - 2015-07-23 11:25 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-23 11:22 - 2015-07-23 11:22 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-23 11:05 - 2015-07-23 11:05 - 05961024 _____ (AVAST Software) C:\Users\Little Wonders\Desktop\avastclear.exe
2015-07-23 10:51 - 2015-07-23 10:51 - 05685544 _____ (AVAST Software) C:\Users\Little Wonders\Desktop\avast_free_antivirus_setup_online.exe
2015-07-23 09:22 - 2015-08-03 09:31 - 00000000 ____D C:\Program Files (x86)\AlllChEapPraicea
2015-07-23 09:21 - 2015-07-23 09:21 - 00000000 ____D C:\Program Files (x86)\WIKI 2 Wikipedia Republished
2015-07-23 09:19 - 2015-08-03 09:31 - 00000000 ____D C:\Program Files (x86)\AllCheapPrIcE
2015-07-23 09:19 - 2015-07-23 09:19 - 00000000 ____D C:\Program Files (x86)\FunDeaalas
2015-07-22 10:01 - 2015-08-03 09:31 - 00000000 ____D C:\Program Files (x86)\RoaboSaoveR
2015-07-22 10:00 - 2015-08-03 09:31 - 00000000 ____D C:\Program Files (x86)\ROboSavEer
2015-07-22 10:00 - 2015-07-22 10:00 - 00000000 ____D C:\Program Files (x86)\Assistantto Scheduling Assistant
2015-07-22 09:58 - 2015-07-22 09:58 - 00000000 ____D C:\Program Files (x86)\RobiooSaver
2015-07-22 09:49 - 2015-07-22 09:49 - 00000000 ____D C:\Program Files (x86)\Shaky Entertainment
2015-07-21 09:58 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 09:58 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 09:58 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 09:58 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 09:58 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 09:58 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 09:58 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 09:58 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 09:58 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 09:58 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 10:37 - 2015-07-09 13:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 10:37 - 2015-07-09 13:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 10:37 - 2015-07-09 13:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:37 - 2015-07-09 13:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 10:37 - 2015-07-09 13:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 10:37 - 2015-07-09 13:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 10:37 - 2015-07-09 13:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 10:37 - 2015-07-09 13:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 10:37 - 2015-06-25 04:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 10:37 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 10:37 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 10:37 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 10:37 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 10:36 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 10:36 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 10:36 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 10:36 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 10:36 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 10:36 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 10:36 - 2015-07-02 16:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 10:36 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 10:36 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 10:36 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 10:36 - 2015-07-02 16:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 10:36 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 10:36 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 10:36 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 10:36 - 2015-07-01 16:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 10:36 - 2015-07-01 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 10:36 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 10:36 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 10:36 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 10:36 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 10:36 - 2015-07-01 16:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 10:36 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 10:36 - 2015-07-01 16:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 10:36 - 2015-07-01 16:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 10:36 - 2015-07-01 16:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 10:36 - 2015-07-01 16:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 10:36 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 10:36 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 10:36 - 2015-07-01 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 10:36 - 2015-07-01 16:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 10:36 - 2015-07-01 16:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 10:36 - 2015-07-01 16:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 10:36 - 2015-07-01 15:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 10:36 - 2015-07-01 15:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 10:36 - 2015-07-01 15:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 10:36 - 2015-06-26 22:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 10:36 - 2015-06-26 22:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 10:36 - 2015-06-26 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 10:36 - 2015-06-26 21:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 10:36 - 2015-06-25 14:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 10:36 - 2015-06-25 13:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 10:36 - 2015-06-20 16:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:36 - 2015-06-20 15:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 10:36 - 2015-06-20 15:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 10:36 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 10:36 - 2015-06-20 15:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:36 - 2015-06-20 15:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:36 - 2015-06-20 15:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 10:36 - 2015-06-20 15:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 10:36 - 2015-06-20 15:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 10:36 - 2015-06-20 15:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 10:36 - 2015-06-20 15:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:36 - 2015-06-20 15:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:36 - 2015-06-20 15:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 10:36 - 2015-06-20 15:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:36 - 2015-06-20 15:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 10:36 - 2015-06-20 15:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 10:36 - 2015-06-20 15:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 10:36 - 2015-06-20 14:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 10:36 - 2015-06-20 14:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 10:36 - 2015-06-20 14:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 10:36 - 2015-06-20 14:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:36 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 10:36 - 2015-06-20 14:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 10:36 - 2015-06-19 14:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 10:36 - 2015-06-19 14:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 10:36 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 10:36 - 2015-06-19 14:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 10:36 - 2015-06-19 14:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 10:36 - 2015-06-19 14:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 10:36 - 2015-06-19 14:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 10:36 - 2015-06-19 14:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 10:36 - 2015-06-19 14:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 10:36 - 2015-06-19 14:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 10:36 - 2015-06-19 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:36 - 2015-06-19 13:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 10:36 - 2015-06-19 13:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 10:36 - 2015-06-19 13:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 10:36 - 2015-06-19 13:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 10:36 - 2015-06-19 13:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 10:36 - 2015-06-19 13:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 10:36 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 10:36 - 2015-06-19 13:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 10:36 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 10:36 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 10:36 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 10:36 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 10:36 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 10:36 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 10:36 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 10:36 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 10:35 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 10:35 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 10:35 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 10:35 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 10:35 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 10:35 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 10:35 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 10:35 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 10:35 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 10:35 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 10:35 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 10:35 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-13 10:12 - 2015-07-22 10:01 - 00000000 ____D C:\Program Files (x86)\CooupExxtensiOn
2015-07-13 10:12 - 2015-07-22 10:01 - 00000000 ____D C:\Program Files (x86)\CooUpExteinsion
2015-07-13 10:12 - 2015-07-13 10:12 - 00000000 ____D C:\Program Files (x86)\new metroTab
2015-07-13 10:12 - 2015-07-13 10:12 - 00000000 ____D C:\Program Files (x86)\CoupEExuTension
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 14:41 - 2013-09-19 11:28 - 00000316 _____ C:\Windows\Tasks\UpdaterEX.job
2015-08-10 14:39 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-10 14:39 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-10 14:32 - 2014-03-21 17:54 - 01602038 _____ C:\Windows\WindowsUpdate.log
2015-08-10 14:25 - 2015-06-25 14:25 - 00000370 _____ C:\Windows\Tasks\BreakfastBunny.job
2015-08-10 14:25 - 2015-05-15 14:25 - 00000372 _____ C:\Windows\Tasks\Bidaily Synchronize Task[pr].job
2015-08-10 14:23 - 2014-03-22 16:09 - 00009282 _____ C:\Windows\setupact.log
2015-08-10 14:23 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-10 14:07 - 2015-07-07 10:14 - 00002129 _____ C:\Users\Little Wonders\Desktop\Internet Explorer (No Add-ons).lnk
2015-08-10 14:07 - 2015-07-06 10:24 - 00000020 _____ C:\Users\Little Wonders\AppData\Roaming\appdataFr2.bin
2015-08-10 14:02 - 2014-01-13 13:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-10 13:43 - 2015-03-25 13:51 - 00000000 ____D C:\Users\Little Wonders\Desktop\Andrew’s scans
2015-08-10 13:42 - 2013-09-18 15:43 - 00000000 ____D C:\Users\Little Wonders\Desktop\Andrew
2015-08-10 13:40 - 2015-03-17 15:16 - 00000000 ____D C:\Users\Little Wonders\Desktop\Scans
2015-08-10 13:33 - 2010-02-23 09:41 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A26D9F52-0687-4B29-BF28-F83CFD1978B6}
2015-08-10 13:21 - 2015-07-09 15:33 - 00000372 _____ C:\Windows\Tasks\LightningNet.job
2015-08-10 13:21 - 2015-07-06 10:20 - 00000372 _____ C:\Windows\Tasks\BugBreaker.job
2015-08-10 13:21 - 2015-07-01 16:46 - 00000372 _____ C:\Windows\Tasks\CaseKeeper.job
2015-08-10 13:21 - 2015-06-26 09:34 - 00000372 _____ C:\Windows\Tasks\WheatWizard.job
2015-08-10 13:21 - 2015-06-18 23:14 - 00000372 _____ C:\Windows\Tasks\TubeControl.job
2015-08-10 13:21 - 2015-06-17 09:33 - 00000372 _____ C:\Windows\Tasks\IceApps.job
2015-08-10 13:21 - 2011-02-08 10:11 - 00000000 ____D C:\tmp
2015-08-05 10:06 - 2014-03-13 13:50 - 00000000 ____D C:\Users\Little Wonders\Desktop\Sept
2015-08-04 15:25 - 2009-07-14 01:13 - 00852260 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 14:33 - 2010-02-23 11:53 - 00000072 _____ C:\Windows\iltwain.ini
2015-08-04 14:02 - 2014-03-22 16:09 - 01981874 _____ C:\Windows\PFRO.log
2015-08-04 09:36 - 2010-02-23 18:28 - 00000000 ____D C:\Users\Little Wonders\AppData\Local\CrashDumps
2015-08-04 09:23 - 2010-02-15 16:09 - 00013350 _____ C:\Users\Little Wonders\AppData\Roaming\wklnhst.dat
2015-08-03 09:33 - 2015-04-13 10:02 - 00000000 ____D C:\ProgramData\3513037906374832000
2015-07-29 03:01 - 2014-05-17 03:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-27 05:06 - 2015-04-15 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 09:21 - 2015-06-23 10:12 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-07-22 10:02 - 2010-02-16 09:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-22 10:01 - 2015-07-05 17:36 - 00000000 ____D C:\Program Files (x86)\NiceOffErs
2015-07-22 09:56 - 2014-06-18 10:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-22 03:21 - 2009-07-14 00:45 - 00528752 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-18 03:17 - 2015-04-15 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 14:17 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 09:07 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 09:06 - 2014-12-10 04:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 15:02 - 2014-01-13 13:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 15:02 - 2013-10-01 11:44 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 15:02 - 2011-09-09 11:00 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-06-23 10:12 - 2015-07-23 09:21 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-07-06 10:24 - 2015-08-10 14:07 - 0000020 _____ () C:\Users\Little Wonders\AppData\Roaming\appdataFr2.bin
2015-08-10 14:05 - 2015-08-10 14:05 - 0000024 _____ () C:\Users\Little Wonders\AppData\Roaming\appdataFr25.bin
2011-07-17 23:10 - 2011-09-17 23:21 - 0001854 _____ () C:\Users\Little Wonders\AppData\Roaming\GhostObjGAFix.xml
2012-06-11 16:48 - 2012-06-11 17:10 - 0001144 _____ () C:\Users\Little Wonders\AppData\Roaming\result.db
2013-12-19 11:16 - 2014-03-24 09:00 - 0000254 _____ () C:\Users\Little Wonders\AppData\Roaming\WB.CFG
2014-01-27 18:22 - 2014-01-27 18:22 - 0000005 _____ () C:\Users\Little Wonders\AppData\Roaming\WBPU-TTL.DAT
2010-02-15 16:09 - 2015-08-04 09:23 - 0013350 _____ () C:\Users\Little Wonders\AppData\Roaming\wklnhst.dat
2015-02-23 11:22 - 2015-02-23 11:22 - 0000088 _____ () C:\Users\Little Wonders\AppData\Local\3a56fb676e8325036d49b57c05209aef
2015-04-14 14:00 - 2015-04-14 14:03 - 0011784 _____ () C:\Users\Little Wonders\AppData\Local\Temp-log.txt
2015-05-22 15:13 - 2015-05-22 15:13 - 0000000 _____ () C:\Users\Little Wonders\AppData\Local\Temp.dat
2012-01-30 16:10 - 2015-02-23 11:33 - 0004386 _____ () C:\ProgramData\hpzinstall.log
C:\Users\Little Wonders\AppData\Local\Temp\88896e8a8a88486ea609f31b41ec3718171344.exe
C:\Users\Little Wonders\AppData\Local\Temp\9EC5.exe
C:\Users\Little Wonders\AppData\Local\Temp\appupdater-{A03B844E-3BC3-DF4E-B802-6292092065EE}.exe
C:\Users\Little Wonders\AppData\Local\Temp\appupdater-{C9B8DB29-CDBB-A540-BEE7-DDA8C123A88E}.exe
C:\Users\Little Wonders\AppData\Local\Temp\e5292c01c66143b78d7b6d4c6f539757374931.exe
C:\Users\Little Wonders\AppData\Local\Temp\ICReinstall_ImgBurn_Setup.exe
C:\Users\Little Wonders\AppData\Local\Temp\ICSW1.9_0C1F1F1I0R0O0M1.9.exe
C:\Users\Little Wonders\AppData\Local\Temp\setacl.exe
C:\Users\Little Wonders\AppData\Local\Temp\sp-downloader.exe
C:\Users\Little Wonders\AppData\Local\Temp\SpOrder.dll
C:\Users\Little Wonders\AppData\Local\Temp\SymCCIS.dll
C:\Windows\SysWOW64\Drivers\AVGIDSDRIVERA.SYS
C:\Windows\SysWOW64\Drivers\AVGIDSHA.SYS
C:\Windows\SysWOW64\Drivers\AVGLOGA.SYS
C:\Windows\SysWOW64\Drivers\AVGRKX64.SYS
C:\Windows\SysWOW64\Drivers\AVGTDIA.SYS
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-04 11:40
==================== End of log ============================
Second part:
==================== Accounts: =============================
Administrator (S-1-5-21-443951736-1583617210-2315430799-500 - Administrator - Disabled)
Guest (S-1-5-21-443951736-1583617210-2315430799-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-443951736-1583617210-2315430799-1002 - Limited - Enabled)
Little Wonders (S-1-5-21-443951736-1583617210-2315430799-1001 - Administrator - Enabled) => C:\Users\Little Wonders
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
AAllDeaalAApp (HKLM-x32.…{47B2010D-2F1B-7A72-E485-51BA1F6D5901}) (Version: - )
Adblock for Pirate Bay (HKLM-x32.…{C816B74A-76DD-F936-7C6E-56E2B881B487}) (Version: - )
Adobe Flash Player 18 ActiveX (HKLM-x32.…\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32.…\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader 9.5.1 (HKLM-x32.…{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
AlllChEapPraicea (HKLM-x32.…{5A1D3F9E-73B5-95EC-1233-6646E1358965}) (Version: - “”) <==== ATTENTION
Apple Application Support (32-bit) (HKLM-x32.…{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM.…{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM.…{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32.…{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32.…\Avast) (Version: 10.3.2223 - AVAST Software)
AVG 2014 (Version: 14.0.3722 - AVG Technologies) Hidden
Awesome Widget ANTP (HKLM-x32.…{3112BDB8-7DB9-279D-EC5F-30BC1ABC266C}) (Version: - )
bestadblocker (HKLM-x32.…{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
Bing Bar (HKLM-x32.…{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon MF4800 Series (HKLM.…{444085BE-389B-4330-A291-3FC258B846EC}) (Version: 4.1.0.0 - CANON INC.)
Childcare Manager 10 (HKLM-x32.…{579249CA-0BC9-456E-80BC-4972913564E8}) (Version: 10.0.2905 - Personalized Software)
Cite This For Me Web Citer (HKLM-x32.…{60EACF28-3304-CDE7-8F98-5992F85D389C}) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM-x32.…{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CooupExxtensiOn (HKLM-x32.…{6933C2BA-C67D-42C7-8C77-1FF4B364AF54}) (Version: - “”) <==== ATTENTION
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DiscountBomb (HKLM-x32.…{37476589-E48E-439E-A706-56189E2ED4C4}) (Version: - DiscountBomb) <==== ATTENTION
DivX Setup (HKLM-x32.…\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fastime 8000 (HKLM-x32.…{3AFF92E5-8080-41B7-BB5B-2B7B939A50BB}) (Version: 02.00.0000 - Pyramid Technologies)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FoxTab PDF Converter (HKU\S-1-5-21-443951736-1583617210-2315430799-1001.…\FoxTab PDF Converter) (Version: - ) <==== ATTENTION
FunDeaalas (HKLM-x32.…{478472F9-9E09-492A-BDAB-42EE595EF1AD}) (Version: - “”) <==== ATTENTION
Fuune2Save (HKLM-x32.…{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}) (Version: - “”) <==== ATTENTION
Google Chrome (HKLM-x32.…{C529D155-657E-35C0-8A38-95AE8B671B9A}) (Version: 66.88.49282 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32.…{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM.…\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM.…\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Odometer (HKLM-x32.…{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 4500 G510g-m (HKLM.…{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Setup (HKLM-x32.…{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.5 (HKLM.…\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM.…\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32.…{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32.…{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32.…{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM-x32.…\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
iTunes (HKLM.…{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java™ 6 Update 22 (HKLM-x32.…{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Keep My OptOuts (HKLM-x32.…{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
KidsCare 5 (HKLM-x32.…\KidsCare 5) (Version: - )
LSI PCI-SV92EX Soft Modem (HKLM.…\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM.…{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32.…{91170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32.…\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32.…{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32.…{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Outlook 2013 - en-us (HKLM.…\OutlookRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32.…\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM.…{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32.…{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM.…{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Store Download Manager (HKLM-x32.…{A3D88A98-506E-4CFC-B294-E256C679B0EE}) (Version: 2.5.2219.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM.…{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32.…{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32.…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM.…{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM.…{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM.…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM.…{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32.…{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM.…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM.…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM.…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32.…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32.…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32.…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM.…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32.…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM.…\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32.…{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MinimuumPrice (HKLM-x32.…{CA1838EF-A497-194E-3850-37A62CEE398B}) (Version: - ) <==== ATTENTION
ModuleEdit (HKLM-x32.…{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{8338240e}) (Version: - ModuleEdit) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (HKLM-x32.…{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32.…{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetOCoupoN (HKLM-x32.…{317D8BB4-16C3-CFBD-3777-AED69667DA46}) (Version: - “”) <==== ATTENTION
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
NewSaverr (HKLM-x32.…{6A08B379-76FB-B4CF-0C70-CAFCD3635A77}) (Version: - “”) <==== ATTENTION
NiceOffErs (HKLM-x32.…{E9AD2F38-EF9C-B9DA-048A-A92FBC17701E}) (Version: - )
No Cyrus (HKLM-x32.…{C2E3DB8B-C43B-9203-7BE7-D03BA334FD8A}) (Version: - )
NVIDIA Drivers (HKLM.…\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM.…\HPOCR) (Version: 13.0 - HP)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-443951736-1583617210-2315430799-1001.…\Octoshape add-in for Adobe Flash Player) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Pinner for Pinterest (HKLM-x32.…{F6C44C71-2CFE-8176-3A4D-CBD0DCE5AEFA}) (Version: - “”) <==== ATTENTION
PL-2303 USB-to-Serial (HKLM-x32.…{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: - )
PL-2303 Vista Driver Installer (HKLM-x32.…{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
PriceMiinus (HKLM-x32.…{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version: - ) <==== ATTENTION
Print Perfect Deluxe (HKLM-x32.…{AF06F78B-ACF7-40E3-9D1A-BC5A0529298B}) (Version: 9.2.28 - Cosmi Corporation)
Quicken 2010 (HKLM-x32.…{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}) (Version: 19.1.3.19 - Intuit)
QuickTime (HKLM-x32.…\QuickTime) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32.…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
RenderPointer (HKLM-x32.…{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ec9c17f1}) (Version: - RenderPointer) <==== ATTENTION
RoaboSaoveR (HKLM-x32.…{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}) (Version: - “”) <==== ATTENTION
SAVELOtoss (HKLM-x32.…{35E13884-BAC3-5F4A-799B-05F882E0BD9F}) (Version: - “”) <==== ATTENTION
SAveNEwaAppz (HKLM-x32.…{7304C9D1-98AD-55F0-636E-22D8DD57F176}) (Version: - “”) <==== ATTENTION
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32.…{90140000-003D-0000-0000-0000000FF1CE}Office14.SingleImage{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpoaceCouPonAPp (HKLM-x32.…{9777123F-5BF8-6C86-217E-7EB783C2E885}) (Version: - ) <==== ATTENTION
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Unity Web Player (HKLM-x32.…\UnityWebPlayer) (Version: 2.1.0f5_16147 - Unity Technologies ApS)
UpdaterEX (HKU\S-1-5-21-443951736-1583617210-2315430799-1001.…\UpdaterEX) (Version: - UpdaterEX)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VentureStand (HKLM-x32.…{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f6d5a24}) (Version: - VentureStand) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM.…{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM.…\2DC0AA065FA83047D7ECD51C7000C1620D79A4C5) (Version: 02/17/2009 2.04.16 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM.…\51A4D522DD31538335EF5736F0E7F588C70BCB12) (Version: 02/17/2009 2.04.16 - FTDI)
WinRAR archiver (HKLM.…\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
14-07-2015 12:00:07 Scheduled Checkpoint
16-07-2015 03:01:21 Windows Update
18-07-2015 03:00:24 Windows Update
22-07-2015 03:00:38 Windows Update
23-07-2015 10:52:02 avast! antivirus system restore point
23-07-2015 10:59:02 avast! antivirus system restore point
23-07-2015 11:23:09 avast! antivirus system restore point
29-07-2015 03:00:23 Windows Update
05-08-2015 08:54:55 Scheduled Checkpoint
10-08-2015 13:59:19 avast! antivirus system restore point
10-08-2015 14:09:51 avast! antivirus system restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12E94DB0-B70A-4B50-A7A1-26C280A3F598} - System32\Tasks{00BA7C04-2930-4BA0-85D8-9C64416E6396} => pcalua.exe -a C:\Users\LITTLE~1\AppData\Local\Temp\F295A114\ChildcareManagerSetup.exe -d C:\Windows\SysWOW64 -c /embed"{F4AC2A05-BDC8-48BC-9962-A2766D6B8A18}" /hide_splash /hide_progress /runprerequisites"Help,Reports,ChildcareManager,ProgramFiles,Manual,NetworkServer" /l1033
Task: {145C09E7-C51C-410E-809B-D1D6DF87BCC3} - System32\Tasks\FontElite => c:\programdata{3fac1441-b731-99d6-3fac-c1441b735106}\972258657956586775b.exe [2014-08-05] () <==== ATTENTION
Task: {16F8B35A-340A-4C37-A7BA-A9660273CFDC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {197C0B92-89AD-4CD4-B33D-B64D5AA6944C} - System32\Tasks\UpdaterEX => C:\Users\Little Wonders\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {2721C2CE-DA44-4A0F-BD21-9928294F2794} - System32\Tasks{B1ED28FA-8139-42D6-AD80-BE820BFD604E} => pcalua.exe -a “C:\Users\Little Wonders\AppData\Local\Temp\Temp2_vista_prolific_chip_driver_for_serial_adapters.zip\Vista_Installer.exe”
Task: {2BE69A0B-F686-4C14-B04C-78557AAEE036} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {2CC08B04-A9AA-49B1-9399-6782B3812F9F} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {35FCEF7B-1977-4904-AA47-CC7385080968} - System32\Tasks\LightningNet => c:\programdata{7df4e096-4fa3-a2c8-7df4-4e0964fa8259}\1870006610398162240b.exe [2014-07-09] () <==== ATTENTION
Task: {3A29F414-D5EC-41D7-BE1F-F3F40B8A31BC} - System32\Tasks{B5AB9C9D-5DF1-4D36-BC1A-6DA8FA87347F} => pcalua.exe -a “C:\Program Files (x86)\DiscountBomb\DiscountBomb.exe” -c /s /n /i:“ExecuteCommands;UninstallCommands” “”
Task: {44626177-BBC2-419D-A128-AC36568AE6DF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-23] (AVAST Software)
Task: {523F2DF2-EBDF-4F6C-A038-7C0C19698158} - System32\Tasks\TubeControl => c:\programdata{43d6bae8-8f68-ff4b-43d6-6bae88f6eba2}\9176317559037144580b.exe [2014-06-18] () <==== ATTENTION
Task: {53632F53-7F9D-45C5-B801-1A8B4E9F34D8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {53DB096A-9CE9-4829-9029-6A6DF6866477} - System32\Tasks\BreakfastBunny => c:\programdata{a92ed771-f64b-5489-a92e-ed771f645dc7}\985828238009730919b.exe [2014-06-25] () <==== ATTENTION
Task: {57FF410B-E3C2-4807-9B80-3EA9E52A7488} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {5897B68E-06D9-4FDF-B7E1-E614DD116997} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {6B4697D6-2AB3-4189-B570-1DA4747F7B3D} - System32\Tasks{EBD12ADD-9B7C-491A-94B3-2CFFC7CC35DE} => pcalua.exe -a “C:\Users\Little Wonders\Documents\Downloads\CCM-Server_Setup(V10.0.2905).exe” -d C:\Windows\SysWOW64 -c /embed"{ADC05057-2056-4B14-B859-E67CCB2EA230}" /hide_splash /hide_progress /runprerequisites"Help,Reports,ChildcareManager,ProgramFiles,Manual,NetworkServer" /l1033
Task: {70548205-EF43-437F-A831-750097F694F6} - System32\Tasks\BugBreaker => c:\programdata{e6afbdcc-b0a1-db48-e6af-fbdccb0af732}\6093383361760305201b.exe [2014-07-06] () <==== ATTENTION
Task: {725B9D6F-FA35-438F-98D1-2AE8A5A02815} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7441EABB-1BE3-4601-B490-516A306BABF0} - System32\Tasks{1796F9BB-E4C4-4DA4-8335-24DC731E4708} => pcalua.exe -a “C:\Users\Little Wonders\Desktop\USBSrDvr.exe” -d “C:\Users\Little Wonders\Desktop”
Task: {768F60AD-DB89-4776-A45B-279E797A150F} - System32\Tasks{395F898C-0DAF-4DFA-AA08-E8F8BAB1DF30} => pcalua.exe -a C:\kc5\setup\setup.exe
Task: {7CE2A72D-BB2F-44ED-89CA-1F6D1E32A005} - System32\Tasks{51B1EBD4-DD09-442F-B202-70DFD26090F7} => E:\ACMSETUP.EXE
Task: {8049C92F-D897-483C-B3E6-40FF954EF611} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {84514CBE-C7B2-4DEF-9150-CD8CBD6B36A8} - System32\Tasks\Bidaily Synchronize Task[pr] => c:\programdata{3639608d-237d-13b3-3639-9608d2378234}\3712898977138005454s.exe [2014-05-15] () <==== ATTENTION
Task: {8BD6DF11-C071-48A3-9DE2-2EBCA579554F} - System32\Tasks\CaseKeeper => c:\programdata{8913d3ad-afc8-60a0-8913-3d3adafc4eb6}\2455391211969052693b.exe [2014-07-01] () <==== ATTENTION
Task: {9B476CE9-154B-4B29-B65C-142F2DF8890F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F3E6CA9-E64E-4969-8635-7EB5D7CB6D66} - System32\Tasks{C56306F3-67B6-486D-B81F-0B8E937C7C99} => C:\Users\Little Wonders\Desktop\MDAC_TYP.EXE
Task: {A16FA5C8-B08E-4D6F-9629-3DFF74337E5E} - System32\Tasks\DreamDecode => c:\programdata{09efe88c-330f-6cfa-09ef-fe88c330a230}\5140254858507817303b.exe [2014-08-04] () <==== ATTENTION
Task: {A199DC14-46D5-4A7A-B41D-B6BFBCEAE0E5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {A1B72E7F-5675-4CF7-9D5E-5EDAE564FA3F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {AA3705FC-DA72-4B29-B704-062C8E6A10F1} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {BF8421A3-00F1-49B6-BE69-8ADCFD4C5696} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {CA28FE0A-8394-4928-9950-5D9710D93598} - System32\Tasks{29639896-F900-4CCA-B787-6BC9FAE525A0} => E:\ACMSETUP.EXE
Task: {CD869D50-E5B3-4553-B82A-BBEB072F6BB7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {D37F3308-16E6-4800-9687-DB07E918E18C} - System32\Tasks{6FE15A16-DF91-49D1-BCCE-E758CB864855} => pcalua.exe -a “C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” -c /uninstall HOMESTUDENTR /dll OSETUP.DLL
Task: {EE3CA4E9-7BFF-49B7-889F-47DF91E9B351} - System32\Tasks\IceApps => c:\programdata{d43a3e12-6ad8-c794-d43a-a3e126adf849}\7438011186733298683b.exe [2014-06-17] () <==== ATTENTION
Task: {EF4F2429-35B8-44FE-A8BD-25995276C545} - System32\Tasks{B1769513-4A93-4EFF-95C5-F720E95A94AC} => C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exe [2011-03-11] (Personalized Software, Inc.)
Task: {FECC4792-8E0E-402F-B0E9-77FE466164DD} - System32\Tasks\WheatWizard => c:\programdata{89ffb3a7-2acc-f95f-89ff-fb3a72acce9c}\6586289048286789679b.exe [2014-06-26] () <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Bidaily Synchronize Task[pr].job => c:\programdata{3639608d-237d-13b3-3639-9608d2378234}\3712898977138005454s.exe <==== ATTENTION
Task: C:\Windows\Tasks\BreakfastBunny.job => c:\programdata{a92ed771-f64b-5489-a92e-ed771f645dc7}\985828238009730919b.exe <==== ATTENTION
Task: C:\Windows\Tasks\BugBreaker.job => c:\programdata{e6afbdcc-b0a1-db48-e6af-fbdccb0af732}\6093383361760305201b.exe <==== ATTENTION
Task: C:\Windows\Tasks\CaseKeeper.job => c:\programdata{8913d3ad-afc8-60a0-8913-3d3adafc4eb6}\2455391211969052693b.exe <==== ATTENTION
Task: C:\Windows\Tasks\DreamDecode.job => c:\programdata{09efe88c-330f-6cfa-09ef-fe88c330a230}\5140254858507817303b.exe <==== ATTENTION
Task: C:\Windows\Tasks\FontElite.job => c:\programdata{3fac1441-b731-99d6-3fac-c1441b735106}\972258657956586775b.exe <==== ATTENTION
Task: C:\Windows\Tasks\IceApps.job => c:\programdata{d43a3e12-6ad8-c794-d43a-a3e126adf849}\7438011186733298683b.exe <==== ATTENTION
Task: C:\Windows\Tasks\LightningNet.job => c:\programdata{7df4e096-4fa3-a2c8-7df4-4e0964fa8259}\1870006610398162240b.exe <==== ATTENTION
Task: C:\Windows\Tasks\TubeControl.job => c:\programdata{43d6bae8-8f68-ff4b-43d6-6bae88f6eba2}\9176317559037144580b.exe <==== ATTENTION
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\LITTLE~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\WheatWizard.job => c:\programdata{89ffb3a7-2acc-f95f-89ff-fb3a72acce9c}\6586289048286789679b.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-18 10:28 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-17 07:40 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-02-18 13:48 - 2010-02-10 19:10 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-07-10 12:57 - 2015-07-10 12:57 - 08016461 _____ () C:\Program Files (x86)\Lethal Tonight\Lethal Tonight.exe
2014-03-13 16:22 - 2014-03-13 16:22 - 00852480 _____ () C:\ProgramData{2899c890-57cb-72e8-2899-9c89057c2241}\FIFA Soccer 64.exe
2015-07-22 09:49 - 2015-07-22 09:49 - 08016385 _____ () C:\Program Files (x86)\Shaky Entertainment\Shaky Entertainment.exe
2013-11-14 20:48 - 2013-11-14 20:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-06-16 16:41 - 2015-06-16 16:41 - 01776640 _____ () c:\Program Files (x86)\PragmaEdit\PragmaEdit.dll
2015-07-05 17:38 - 2015-07-05 17:38 - 01771520 _____ () c:\Program Files (x86)\SoftwarePlus\SoftwarePlus.dll
2013-11-14 20:49 - 2013-11-14 20:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2000-09-29 01:00 - 2000-09-29 01:00 - 00032768 _____ () C:\Windows\SysWow64\hlinkprx.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Control Panel\Desktop\Wallpaper → C:\Users\Little Wonders\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: cdloader => “C:\Users\Little Wonders\AppData\Roaming\mjusbsp\cdloader2.exe” MAGICJACK
MSCONFIG\startupreg: msnmsgr => “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
MSCONFIG\startupreg: StartNow Search Protect => “C:\Program Files (x86)\StartNow Toolbar\search_protect.exe” /REPORT /PROTECT /RELAY
MSCONFIG\startupreg: StartNowToolbarHelper => “C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe”
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{40184C0D-EEA7-46F3-9EF0-CF50CA552808}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [TCP Query User{C61E01F4-9791-4DA0-8567-EFDC76A3A205}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{C5A8B10A-4E1B-4B27-85DD-0184E1D87721}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{902C5FFF-FB0A-48A0-9E6C-F9749A145160}F:\techwizard.exe] => (Allow) F:\techwizard.exe
FirewallRules: [UDP Query User{DD661469-558D-475D-93BC-82529C9F54A6}F:\techwizard.exe] => (Allow) F:\techwizard.exe
FirewallRules: [TCP Query User{6B3287D7-DAE1-4B6C-B123-EC179A576F53}C:\users\little wonders\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe] => (Allow) C:\users\little wonders\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe
FirewallRules: [UDP Query User{E5F34953-3618-47DF-AE30-0F31DEE2E2BD}C:\users\little wonders\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe] => (Allow) C:\users\little wonders\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe
FirewallRules: [{F9723DE8-4B2D-40CE-A1FE-8EEFE0E01FB0}] => (Allow) C:\Users\Little Wonders\AppData\Roaming\mjusbsp\magicJack.exe
FirewallRules: [{A9C83276-91E6-4F3D-98A4-9DCEAD10CA2D}] => (Allow) C:\Users\Little Wonders\AppData\Roaming\mjusbsp\magicJack.exe
FirewallRules: [{45D32FE7-909B-4468-BAD2-DC9D7128E160}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{60839025-45CC-4367-98B3-7817760B4245}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{22AECB29-1CC3-45BF-8CC8-B9C7D2E0B5D2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{DB74FEF8-370D-404C-9A0F-3B00969274EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{45C32F72-706D-4C01-A302-4C8E30936689}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{AA2034A9-D4E7-4182-AA29-1777E79F0439}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{D3571853-3D60-48E4-B571-741141FA8A37}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{9739B76F-D951-45BC-847A-10D33FA5680A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{A865AC9A-EF6E-434B-A087-B571DC0686DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{97F66A87-865D-4949-BF69-D2D13491150D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{697D52D5-7803-49FD-962F-A9A92C6691EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{30F7CFEF-914B-4FBD-AB1C-82614FA138D2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{6E19171A-0D9F-4D03-8FD6-7C4E007B78A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BB6655A3-0193-4123-AC58-B6AD17FF1782}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{AB74EE13-68E7-489D-8B8C-4E729093C36C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{3B2AA929-483A-49B8-8644-D14549D78DF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{A1CA70BC-6A30-49D6-8CCD-8597AB4904C6}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{DAE51D7C-F0CC-4BDE-A10A-05CA3FF1A302}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{2C4FC4B8-FA1F-492D-8E1D-7DD9CC2D8CD7}] => (Allow) C:\Users\Little Wonders\AppData\Local\Temp\7zS72ED.tmp\SymNRT.exe
FirewallRules: [{727EA379-828C-4865-8D95-6DD3DAD405A1}] => (Allow) C:\Users\Little Wonders\AppData\Local\Temp\7zS72ED.tmp\SymNRT.exe
FirewallRules: [{4EF739E6-C25D-4AE1-B2E3-FC365C2819B3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{EF81E8D9-4BD7-452B-A06E-78C370EE4F73}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{78AFF35C-1DEC-463D-870C-4E933445A8C7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{59C1AE43-D2AE-4536-9D03-3965EB528638}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0B469C0C-A570-4DFC-88D7-903D9E3C2177}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
==================== Event log errors: =========================
Error: (08/10/2015 02:44:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: LittleWonders)
Description: Product: Google Chrome – Error 1316. The specified account already exists.
Error: (08/04/2015 09:36:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EXCEL.EXE, version: 14.0.7153.5000, time stamp: 0x5581e16e
Faulting module name: EXCEL.EXE, version: 14.0.7153.5000, time stamp: 0x5581e16e
Exception code: 0xc0000005
Fault offset: 0x0013746f
Faulting process id: 0xc0c
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3
Error: (08/04/2015 09:15:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: b7c
Start Time: 01d0c55b320b0840
Termination Time: 904
Application Path: C:\Windows\Explorer.EXE
Report Id: d22ce0e1-3aaa-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 11:53:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Faulting module name: sqloledb.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba08
Exception code: 0xc0000005
Fault offset: 0x0007c7fb
Faulting process id: 0x18c0
Faulting application start time: 0xChildCareManager.exe0
Faulting application path: ChildCareManager.exe1
Faulting module path: ChildCareManager.exe2
Report Id: ChildCareManager.exe3
Error: (08/03/2015 11:52:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EXCEL.EXE version 14.0.7153.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 193c
Start Time: 01d0caeb3e676468
Termination Time: 0
Application Path: C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
Report Id: 9b3066b1-39f7-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 10:10:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Faulting module name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x010c8172
Faulting process id: 0x5c8
Faulting application start time: 0xChildCareManager.exe0
Faulting application path: ChildCareManager.exe1
Faulting module path: ChildCareManager.exe2
Report Id: ChildCareManager.exe3
Error: (08/03/2015 10:09:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Faulting module name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x010c8172
Faulting process id: 0x13ac
Faulting application start time: 0xChildCareManager.exe0
Faulting application path: ChildCareManager.exe1
Faulting module path: ChildCareManager.exe2
Report Id: ChildCareManager.exe3
Error: (08/03/2015 10:09:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Faulting module name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x010c8172
Faulting process id: 0x1b5c
Faulting application start time: 0xChildCareManager.exe0
Faulting application path: ChildCareManager.exe1
Faulting module path: ChildCareManager.exe2
Report Id: ChildCareManager.exe3
Error: (08/03/2015 10:09:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Faulting module name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x010c8172
Faulting process id: 0x524
Faulting application start time: 0xChildCareManager.exe0
Faulting application path: ChildCareManager.exe1
Faulting module path: ChildCareManager.exe2
Report Id: ChildCareManager.exe3
Error: (08/03/2015 10:09:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Faulting module name: ChildCareManager.exe, version: 10.0.0.2905, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x010c8172
Faulting process id: 0x76c
Faulting application start time: 0xChildCareManager.exe0
Faulting application path: ChildCareManager.exe1
Faulting module path: ChildCareManager.exe2
Report Id: ChildCareManager.exe3
Error: (08/10/2015 02:26:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2
Error: (08/10/2015 02:24:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IHA_MessageCenter service failed to start due to the following error:
%%2
Error: (08/10/2015 02:24:07 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
Error: (08/10/2015 02:23:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Antivirus service failed to start due to the following error:
%%1053
Error: (08/10/2015 02:23:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Avast Antivirus service to connect.
Error: (08/10/2015 01:25:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2
Error: (08/10/2015 01:25:16 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (08/10/2015 01:23:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IHA_MessageCenter service failed to start due to the following error:
%%2
Error: (08/10/2015 01:23:25 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
Error: (08/10/2015 01:23:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Antivirus service failed to start due to the following error:
%%1053
Error: (08/10/2015 02:44:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: LittleWonders)
Description: Product: Google Chrome – Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/04/2015 09:36:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: EXCEL.EXE14.0.7153.50005581e16eEXCEL.EXE14.0.7153.50005581e16ec00000050013746fc0c01d0ceb7a71cd4f0C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXEC:\PROGRA~2\MICROS~2\Office14\EXCEL.EXEbdf55fa0-3aad-11e5-b935-e0cb4e30ae28
Error: (08/04/2015 09:15:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567b7c01d0c55b320b0840904C:\Windows\Explorer.EXEd22ce0e1-3aaa-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 11:53:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ChildCareManager.exe10.0.0.29052a425e19sqloledb.dll6.1.7601.175144ce7ba08c00000050007c7fb18c001d0cdf61ee38708C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exeC:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dllba994b70-39f7-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 11:52:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: EXCEL.EXE14.0.7153.5000193c01d0caeb3e6764680C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE9b3066b1-39f7-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 10:10:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ChildCareManager.exe10.0.0.29052a425e19ChildCareManager.exe10.0.0.29052a425e19c0000005010c81725c801d0cdf616672238C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exeC:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exe55157548-39e9-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 10:09:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ChildCareManager.exe10.0.0.29052a425e19ChildCareManager.exe10.0.0.29052a425e19c0000005010c817213ac01d0cdf60e01c7d8C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exeC:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exe4d3bb918-39e9-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 10:09:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ChildCareManager.exe10.0.0.29052a425e19ChildCareManager.exe10.0.0.29052a425e19c0000005010c81721b5c01d0cdf609541e48C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exeC:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exe49064cc8-39e9-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 10:09:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ChildCareManager.exe10.0.0.29052a425e19ChildCareManager.exe10.0.0.29052a425e19c0000005010c817252401d0cdf5fa85aeb8C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exeC:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exe3a84ebc8-39e9-11e5-b935-e0cb4e30ae28
Error: (08/03/2015 10:09:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ChildCareManager.exe10.0.0.29052a425e19ChildCareManager.exe10.0.0.29052a425e19c0000005010c817276c01d0cdf5f3f366a8C:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exeC:\Program Files (x86)\Personalized Software\Childcare Manager 10\ChildCareManager.exe343503e8-39e9-11e5-b935-e0cb4e30ae28
Date: 2014-08-01 12:18:34.290
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:18:33.729
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:14:40.075
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:14:39.810
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:14:15.073
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:14:14.824
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:14:06.245
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:14:05.699
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:13:44.314
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-01 12:13:43.721
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\LITTLE~1\AppData\Local\Temp\DellBIOS.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Sempron™ Processor LE-1300
Percentage of memory in use: 61%
Total physical RAM: 1918.49 MB
Available physical RAM: 733.49 MB
Total Virtual: 3836.98 MB
Available Virtual: 2221.59 MB
==================== Drives ================================
Drive c: (COMPAQ) (Fixed) (Total:288.27 GB) (Free:213.31 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.72 GB) (Free:1.46 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=288.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.7 GB) - (Type=07 NTFS)
==================== End of log ============================
That’s the first log and the second log in order up there^
By attaching the FRST.txt file to your post. This also makes easier for essexboy to analyse.
When in the reply window you will see the Attachments and other options, clicking that allows you to attach the file.
Sorry about that guys, I gotta get more sleep, overlooked it. Here it is:
I am surprised the computer actually runs
Due to the size of the fix I am having to attach it
After the first reboot let me know if Avast runs
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Right click the attached fixlist.txt and select save as…
Save to the desktop
Ensure that FRST is also on the desktop
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.
FINALLY
I will need a fresh FRST scan including the additions
Thank you very much for the follow up essex. I will do this tomorrow as I will no longer have access to this computer. I will be sure to post the results.
First part of your request is attached.
Avast should now run