Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

yahoo controls firefox, delays in loading, browsing

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 24th, 2014, 2:34 am

Why should you want to type FRST in search programs, it should be on your Desktop (C:\Users\suzanne\Desktop) where you left it after you'd run your scan, just create the file fixlist.txt on your Desktop as well, as described in my last post, then click on FRST.exe and click on the Fix button.

If there's any problem in doing that, then please let me know.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 25th, 2014, 5:50 pm

Gary, I am lost. start me over. I am not finding the FRST.exe to save the file in. :-( If you celebrate... Merry Christmas, If not Happy Holidays? Yes I am near Seattle but up in the mountains. Suzanne
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 25th, 2014, 7:16 pm

Merry Christmas to you and yours also. :x1:

OK, please try the following ....

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad. (don't include Code: Select all)
Code: Select all
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {46605aef-1efb-11e2-8f4e-001d09926d07} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {b84ff1ec-6d02-11e0-938e-806e6f6e6963} - F:\setup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {ca33c8e7-848a-11e1-806f-001d09926d07} - L:\setup.exe -a
IFEO\k9filter.exe: [Debugger] c:\windows\1.EXE
IFEO\mpcmdrun: [Debugger] c:\windows\1.EXE
IFEO\mpsvc.dll: [Debugger] c:\windows\1.EXE
IFEO\mpuxsrv.exe: [Debugger] c:\windows\1.EXE
IFEO\msascui: [Debugger] c:\windows\1.EXE
IFEO\msascui.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSconfig.exe: [Debugger] c:\windows\1.EXE
IFEO\msmpeng.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSseces: [Debugger] c:\windows\1.EXE
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = http://searchservice.myspace.com/index. ... sults&qry= {searchTerms}&type=Web&orig=IMC-IE
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=fYA7JN-E ... DDt7El8?q= {searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1003 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=n7ktXOje ... N6FflJM?q= {searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=UTF-8 ... f-yff26&p=
FF Extension: Yahoo! Toolbar - C:\Users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\9d0lcyki.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-22]
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpcmdrun" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpuxsrv.exe" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe" /v "Debugger" /f
c:\windows\1.exe
Hosts:
EmptyTemp:

    • Save it to your Desktop (must be in this location), naming it as fixlist.txt

  • Download FRST to your Desktop (must be in this location).
  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Fix button.
    • FRST will now process the fixlist.txt that you have just created.
    • When the fix has finished a log will open on your Desktop, Fixlog.txt
    • Please post it in your next reply.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 26th, 2014, 1:34 pm

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-12-2014
Ran by suzanne at 2014-12-26 09:27:41 Run:2
Running from C:\Users\suzanne\Desktop
Loaded Profiles: suzanne & Properties (Available profiles: suzanne & Properties)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {46605aef-1efb-11e2-8f4e-001d09926d07} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {b84ff1ec-6d02-11e0-938e-806e6f6e6963} - F:\setup.exe -a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\MountPoints2: {ca33c8e7-848a-11e1-806f-001d09926d07} - L:\setup.exe -a
IFEO\k9filter.exe: [Debugger] c:\windows\1.EXE
IFEO\mpcmdrun: [Debugger] c:\windows\1.EXE
IFEO\mpsvc.dll: [Debugger] c:\windows\1.EXE
IFEO\mpuxsrv.exe: [Debugger] c:\windows\1.EXE
IFEO\msascui: [Debugger] c:\windows\1.EXE
IFEO\msascui.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSconfig.exe: [Debugger] c:\windows\1.EXE
IFEO\msmpeng.exe: [Debugger] "c:\windows\1.exe" /z
IFEO\MSseces: [Debugger] c:\windows\1.EXE
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = http://searchservice.myspace.com/index. ... sults&qry= {searchTerms}&type=Web&orig=IMC-IE
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=fYA7JN-E ... DDt7El8?q= {searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1003 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=n7ktXOje ... N6FflJM?q= {searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=UTF-8 ... f-yff26&p=
FF Extension: Yahoo! Toolbar - C:\Users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\9d0lcyki.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-22]
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpcmdrun" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpuxsrv.exe" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe" /v "Debugger" /f
Reg: Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe" /v "Debugger" /f
c:\windows\1.exe
Hosts:
EmptyTemp:
*****************

HKU\S-1-5-21-933171571-4239247224-1375863430-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46605aef-1efb-11e2-8f4e-001d09926d07} => Key not found.
HKCR\CLSID\{46605aef-1efb-11e2-8f4e-001d09926d07} => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b84ff1ec-6d02-11e0-938e-806e6f6e6963} => Key not found.
HKCR\CLSID\{b84ff1ec-6d02-11e0-938e-806e6f6e6963} => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca33c8e7-848a-11e1-806f-001d09926d07} => Key not found.
HKCR\CLSID\{ca33c8e7-848a-11e1-806f-001d09926d07} => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\k9filter.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mpcmdrun => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mpsvc.dll => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mpuxsrv.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msascui => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msascui.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSconfig.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msmpeng.exe => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSseces => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} => Key not found.
HKCR\CLSID\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
HKCR\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
HKCR\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value not found.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Value not found.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key not found.
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} => Value not found.
HKCR\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} => Key not found.
Firefox Keyword.URL deleted successfully.
C:\Users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\9d0lcyki.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} => not found.

========= Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpcmdrun" /v "Debugger" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpuxsrv.exe" /v "Debugger" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe" /v "Debugger" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe" /v "Debugger" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========

"c:\windows\1.exe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 94.2 MB temporary data.


it also downloaded a fix drivers and it said many of my drivers were out of date.....
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 26th, 2014, 6:44 pm

it also downloaded a fix drivers and it said many of my drivers were out of date.....


When did you download "fix drivers", it's not something that I've asked you to run, and it's not something that should have been included with the FRST download.

Have you run any other tools since I asked you to run a scan with FRST, because every entry that was present in your earlier FRST logs, and which I'd scripted for removal, was not present on your computer when the FRST fix was run.

Please run a new scan for me with FRST ....

  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Please check that the Addition.txt option in the bottom right of the interface is checked.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 26th, 2014, 9:36 pm

No I have not run anything else. I am not sure if there is any other tools that run automatically.

I recall you saying something in the beginning that I needed to 'run as administrator' when I downloaded something. I DID NOT 'run as administrator' . is this where I messed up to start with.

TO the best of my recollection, the fix drivers appeared at the same time that the adwcleaner was downloaded. I clicked on it thinking it was where I was supposed to click download.


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-12-2014
Ran by suzanne at 2014-12-26 16:56:21
Running from C:\Users\suzanne\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.7.609 - Adobe Systems, Inc.)
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
ccc-core-static (Version: 2007.0914.2139.36828 - ATI) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM\...\{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}) (Version: 1.0.21 - Dell, Inc.)
Dell Driver Download Manager (HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\f031ef6ac137efc5) (Version: 2.0.0.0 - Dell Inc.)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)
Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version: - Dell, Inc.)
Driver Support (HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\DriverSupport) (Version: 9.1.5.4 - PC Drivers HeadQuarters LP)
Driver Support Active Optimization (HKLM\...\{E8C8B9FA-1C5E-4D3E-8936-AC3A17888B3C}) (Version: 1.0.4.7683 - PC Drivers HeadQuarters LP)
Dropbox (HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Google Chrome (HKLM\...\{61D1D65D-76AF-37E3-A2AC-006AACB51587}) (Version: 65.143.49253 - Google, Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 Basic Device Software (HKLM\...\{020B8F22-46A5-44FE-89F3-5A8E131BFE4B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Help (HKLM\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6700 Product Improvement Study (HKLM\...\{5C2B63F5-0941-4C00-8CF8-91B83FFFF756}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Print Diagnostic Utility (HKLM\...\{5E06C076-E4E7-4239-A886-B3D8AC84C166}) (Version: 1.11.0001 - Hewlett-Packard)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) PRO Network Connections 12.1.11.0 (HKLM\...\PROSetDX) (Version: - Intel)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Linksys Connect (HKLM\...\Linksys Connect) (Version: 1.5.13225.3 - Linksys LLC)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7252 - Memeo Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2007 Subscription (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MotoHelper 2.0.45 Driver 5.0.0 (HKLM\...\MotoHelper) (Version: 2.0.45 - Motorola)
MotoHelper MergeModules (Version: 1.0.0 - Motorola) Hidden
MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0 - Motorola Inc.) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
QualxServ Service Agreement (HKLM\...\{0F756CD9-4A1E-409B-B101-601DDC4C03AA}) (Version: 1.11.0000 - Dell Inc.)
QuickTime (HKLM\...\QuickTime) (Version: - )
RealFlight G5 R/C Simulator (HKLM\...\RealFlightG5Pro) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - )
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.0.0.809 - Memeo Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skins (Version: 2007.0914.2139.36828 - ATI) Hidden
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
University of Washington (HKLM\...\{AA3A1561-8649-48C3-BBA9-575EE39EF969}) (Version: 3.0.0 - Antech Systems, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
VibrateGameDeviceDriver (HKLM\...\{DBB7F606-0C13-4182-AD7F-427A4773580E}) (Version: 4.07.1112G - VibrateGameDeviceDriver)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebEx Support Manager for Internet Explorer (HKLM\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000010-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000011-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000013-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000014-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000015-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000016-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000017-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000018-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00000019-0000-0010-8000-00AA006D2EA4}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\DAO\Dao350.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{7DA06D40-54A0-11CF-A521-0080C77A7786}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{BDC217C5-ED16-11CD-956C-0000C04E4C0A}\InprocServer32 -> C:\Windows\system32\tabctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-933171571-4239247224-1375863430-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 02:23 - 2014-12-26 09:27 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C80202E-92BA-4DFA-84F9-D087C6C0D904} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {2C41D15B-E167-4CFF-95FD-0AED4BA1776F} - System32\Tasks\{F2DE7E06-06CB-4919-97D2-8A0283E6A14C} => pcalua.exe -a "C:\Users\suzanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9S7J8S1\uninstall_flash_player[1].exe" -d C:\Users\suzanne\Desktop
Task: {32B92062-3761-45A2-9E62-91F8B71AB602} - System32\Tasks\{B1819A20-E1C1-4E89-85F9-EA87CADCF36D} => pcalua.exe -a F:\setup.exe -d F:\ -c -a
Task: {3BA3058B-6E11-42C5-B4D2-0FCBDF0AF5F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {6109739F-5903-4BFB-98BF-0CA8A99E3A48} - System32\Tasks\{F53AD887-3D8B-40EE-BBB7-0F56BD974574} => pcalua.exe -a K:\Setup.exe
Task: {6A9018F2-8AC8-40DD-A7C0-880D18D4BF22} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {6DE4B58C-2F9E-46C7-A119-248D180A32FD} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files\Driver Support\DriverSupport.exe [2014-12-15] (PC Drivers Headquarters)
Task: {7077B803-E310-43B3-ADCA-F7C92FE85ADA} - System32\Tasks\Driver Support-RTMScan => C:\Program Files\Driver Support\DriverSupport.exe [2014-12-15] (PC Drivers Headquarters)
Task: {7994F470-E511-4083-BE2D-5116C87B7398} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {7F5AAF6D-7B86-4389-B538-FF87EC0FF34C} - System32\Tasks\Driver Support => C:\Program Files\Driver Support\DriverSupport.exe [2014-12-15] (PC Drivers Headquarters)
Task: {8E648ECB-444A-41B7-B8A0-6AA1EF3B4883} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {99CBEEA0-05A4-4839-BBC2-93F6BD05C8A8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {9D1D5CA9-69AB-44A2-9A13-BD730A8E6676} - System32\Tasks\{AFD7E5C1-3687-432D-93FC-A721EBFD4389} => pcalua.exe -a E:\dcsstart.exe -d E:\
Task: {9F0F5020-968C-4DCC-A4AB-9563E0824096} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {A224026B-CB59-4458-8B2E-15A92A941ECE} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {A5AA573D-10DF-4583-9ACF-6D4BE254D019} - System32\Tasks\Driver Support-RTMRules => C:\Program Files\Driver Support\DriverSupport.exe [2014-12-15] (PC Drivers Headquarters)
Task: {BB2FBC8A-87B0-48DB-87A7-C9AD50F35C12} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {DCA08292-3C24-4CCC-9092-616AD9FB48B8} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {FC00101F-EF3B-4638-8EC3-DDF5F4DBDF48} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-08] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-01-02 19:06 - 2009-12-31 02:16 - 00049152 _____ () C:\Windows\System32\DLEAPMON.DLL
2011-01-02 19:06 - 2009-01-13 09:15 - 05709824 _____ () C:\Windows\System32\DLEAOEM.DLL
2011-12-26 16:20 - 2009-11-04 09:14 - 00157696 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dleadrpp.dll
2014-10-13 20:08 - 2014-10-13 20:07 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-10-13 20:08 - 2014-10-13 20:07 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-12-15 10:32 - 2014-12-15 10:32 - 00321824 _____ () C:\Program Files\Driver Support\Agent.Common.XmlSerializers.dll
2014-12-15 10:32 - 2014-12-15 10:32 - 00461088 _____ () C:\Program Files\Driver Support\Agent.Communication.XmlSerializers.dll
2014-12-15 10:32 - 2014-12-15 10:32 - 00067872 _____ () C:\Program Files\Driver Support\RuleEngine.XmlSerializers.dll
2013-12-10 03:37 - 2014-03-10 02:45 - 01593368 ____N () C:\Program Files\AVG SafeGuard toolbar\TBAPI.dll
2013-12-09 03:36 - 2014-11-06 19:59 - 02640408 _____ () C:\Program Files\AVG SafeGuard toolbar\vprot.exe
2014-10-21 16:22 - 2014-10-21 16:22 - 00750080 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-26 09:31 - 2014-12-26 09:31 - 00043008 _____ () c:\users\suzanne\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpag5uqr.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00047616 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00863744 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00200704 _____ () C:\Users\suzanne\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: dlea_device => 2
MSCONFIG\Services: GoogleDesktopManager-051210-111108 => 3
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LinksysUpdater => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: MotoHelper => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nmservice => 2
MSCONFIG\Services: SeagateDashboardService => 2
MSCONFIG\Services: sprtsvc_dellsupportcenter => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^suzanne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
MSCONFIG\startupreg: dleamon.exe => "C:\Program Files\Dell V310-V510 Series\dleamon.exe"
MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
MSCONFIG\startupreg: ECenter => C:\Dell\E-Center\EULALauncher.exe
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: EzPrint => "C:\Program Files\Dell V310-V510 Series\ezprint.exe"
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: googletalk => C:\Users\suzanne\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HP Officejet 6700 (NET) => "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN31D9QJ8D05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: LELA => "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized
MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: nmctxth => "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
MSCONFIG\startupreg: RTBatteryMeter => C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: SearchEngineProtection => C:\Program Files\Gamesbar\SearchEngineProtection.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Trend Micro Titanium => "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
MSCONFIG\startupreg: Yousendit Sync Agent => "C:\Program Files\YouSendIt Desktop App\YSIAgent.exe"
MSCONFIG\startupreg: Zune Launcher => "c:\Program Files\Zune\ZuneLauncher.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-933171571-4239247224-1375863430-500 - Administrator - Disabled)
Guest (S-1-5-21-933171571-4239247224-1375863430-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-933171571-4239247224-1375863430-1002 - Limited - Enabled)
Properties (S-1-5-21-933171571-4239247224-1375863430-1003 - Administrator - Enabled) => C:\Users\Properties
suzanne (S-1-5-21-933171571-4239247224-1375863430-1000 - Administrator - Enabled) => C:\Users\suzanne

==================== Faulty Device Manager Devices =============

Name: Pure Networks Wireless Driver
Description: Pure Networks Wireless Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: purendis
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/26/2014 10:00:16 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/25/2014 01:42:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 34.0.5.5443, time stamp: 0x5475dd5d
Faulting module name: mozalloc.dll, version: 34.0.5.5443, time stamp: 0x5475d664
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x9b4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (12/25/2014 01:42:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.3.73.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 928

Start Time: 01d01f136bf308b3

Termination Time: 154

Application Path: C:\Program Files\Skype\Phone\Skype.exe

Report Id:

Error: (12/24/2014 10:34:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/23/2014 05:18:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST.exe version 21.12.2014.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1214

Start Time: 01d01f17751e0a4e

Termination Time: 0

Application Path: C:\Users\suzanne\Desktop\FRST-OlderVersion\FRST-OlderVersion\FRST.exe

Report Id: b8496272-8b0a-11e4-8113-001d09926d07

Error: (12/21/2014 10:03:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/20/2014 11:14:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/17/2014 03:01:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/16/2014 08:35:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/15/2014 02:33:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.3.73.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 48c

Start Time: 01d0161f48def043

Termination Time: 609

Application Path: C:\Program Files\Skype\Phone\Skype.exe

Report Id:


System errors:
=============
Error: (12/26/2014 09:29:55 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753636.

Error: (12/26/2014 09:29:53 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/26/2014 09:29:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Pure Networks Wireless Driver service failed to start due to the following error:
%%2

Error: (12/25/2014 01:40:26 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.149.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/24/2014 10:03:43 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/23/2014 05:21:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/23/2014 03:50:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/23/2014 03:50:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Pure Networks Wireless Driver service failed to start due to the following error:
%%2

Error: (12/23/2014 03:37:43 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer CHEETO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DFE6386E-817F-499D-8CBD-28EBD9FF463.
The master browser is stopping or an election is being forced.

Error: (12/17/2014 02:26:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126


Microsoft Office Sessions:
=========================
Error: (06/07/2012 01:49:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 261 seconds with 240 seconds of active time. This session ended with a crash.

Error: (05/15/2012 03:26:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 43 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/02/2012 10:07:28 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/16/2009 02:09:45 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 24718 seconds with 600 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2011-01-02 13:34:24.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:24.623
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:24.436
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:24.202
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-01-02 13:34:23.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.685
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.561
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:40:49.451
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\AMSP\module\20001\1.5.1381\Helper\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2010-11-23 15:23:45.998
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Public\Desktop\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\3.50.1166\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Percentage of memory in use: 66%
Total physical RAM: 3070.18 MB
Available physical RAM: 1035.82 MB
Total Pagefile: 6138.64 MB
Available Pagefile: 3047.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.59 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.71 GB) (Free:396.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 38000000)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=455.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 27th, 2014, 2:08 am

You've only posted the Addition.txt log, I asked you to post both FRST.txt and Addition.txt

I need to see your new FRST.txt log, so please post it. You should find it somewhere on your desktop.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 27th, 2014, 5:08 pm

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-12-2014
Ran by suzanne (administrator) on MCGILLCOGILPC on 26-12-2014 16:55:46
Running from C:\Users\suzanne\Desktop
Loaded Profiles: suzanne & Properties (Available profiles: suzanne & Properties)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(PC Drivers HeadQuarters LP) C:\Program Files\Veloxum\iPTE\DriverSupportAOsvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(PC Drivers HeadQuarters LP) C:\Program Files\Veloxum\iPTE\DriverSupportAO.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(PC Drivers Headquarters) C:\Program Files\Driver Support\DriverSupport.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\suzanne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2640408 2014-11-06] ()
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\suzanne\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb /CMPID=1113a
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-05-07] (Google Inc.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [18643560 2013-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\...\Winlogon: [Shell]
HKU\S-1-5-21-933171571-4239247224-1375863430-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-05-07] (Google Inc.)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-09-09] (Google)
Startup: C:\Users\suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\suzanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-933171571-4239247224-1375863430-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7BDE1319 ... g=0&sap=hp
HKU\S-1-5-21-933171571-4239247224-1375863430-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=0080507
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.pogo.iplay.com/searchresul ... =chrome&q={searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={DE131920-30A6-45CD-8D5E-504D8AF4E88F}&mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-09 03:36:50&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> {AB07185D-66FE-4177-804B-8603D172DA62} URL = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-933171571-4239247224-1375863430-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\9d0lcyki.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-21]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-10-13]
FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> http://mysearch.avg.com/search?cid={DE131920-30A6-45CD-8D5E-504D8AF4E88F}&mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-12-09 03:36:50&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv=2&cid={DE131920-30A6-45CD-8D5E-504D8AF4E88F}&mid=22fb0c29680247d3bfd9d1544f7684f4-b4aeb2ffa57cb76ec3863b7deedcf62eddb442fb&lang=en&ds=AVG&pr=fr&d=2013-12-09 03:36:50&v=18.1.0.444&pid=safeguard&sg=0
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Oberon com adapter) - C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Move Streaming Media Player) - C:\Users\suzanne\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-12]
CHR Extension: (Google Wallet) - C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S4 dlea_device; C:\Windows\system32\dleacoms.exe [598696 2010-05-21] ( )
R2 DSAO; C:\Program Files\Veloxum\iPTE\DriverSupportAOsvc.exe [1684944 2014-11-20] (PC Drivers HeadQuarters LP)
S4 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-09] (Google)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2010-04-22] (Memeo)
S4 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
S4 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2010-04-30] (Memeo)
S4 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-13] (SupportSoft, Inc.)
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-10-13] (AVG Secure Search)
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-04] (Atheros Communications, Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-10-13] (AVG Technologies)
R3 DynCal; C:\Windows\System32\drivers\Dyncal.sys [12928 2007-11-07] (Padix Co., Ltd) [File not signed]
S3 motandroidusb; C:\Windows\System32\Drivers\motoandroid.sys [25856 2009-07-10] (Motorola)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [21784 2011-04-13] (Microsoft Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [24888 2008-04-08] (Pure Networks, Inc.)
S2 purendis; system32\DRIVERS\purendis.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 09:27 - 2014-12-26 09:27 - 00032832 _____ () C:\Windows\system32\rnd_chunk.bin
2014-12-26 09:26 - 2014-12-26 09:32 - 00000000 ____D () C:\ProgramData\UAB
2014-12-26 09:26 - 2014-12-26 09:26 - 00000000 ____D () C:\Users\suzanne\Downloads\Driver Support
2014-12-26 09:26 - 2014-12-26 09:26 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Support
2014-12-26 09:26 - 2014-12-26 09:26 - 00000000 ____D () C:\Users\suzanne\AppData\Local\PC_Drivers_Headquarters
2014-12-26 09:26 - 2014-12-26 09:26 - 00000000 ____D () C:\ProgramData\Driver Support
2014-12-26 09:26 - 2014-12-26 09:26 - 00000000 ____D () C:\Program Files\Veloxum
2014-12-26 09:25 - 2014-12-26 09:26 - 00000000 ____D () C:\Program Files\Driver Support
2014-12-26 09:24 - 2014-12-26 09:24 - 01114112 _____ (Farbar) C:\Users\suzanne\Desktop\FRST.exe
2014-12-23 15:43 - 2014-12-23 17:16 - 00000000 ____D () C:\Users\suzanne\Desktop\FRST-OlderVersion
2014-12-20 18:44 - 2014-12-20 18:44 - 00018339 _____ () C:\Users\suzanne\Desktop\Search.txt
2014-12-20 18:33 - 2014-12-26 16:55 - 00019853 _____ () C:\Users\suzanne\Desktop\FRST.txt
2014-12-20 18:33 - 2014-12-26 16:55 - 00000000 ____D () C:\FRST
2014-12-20 18:29 - 2014-12-20 18:29 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MCGILLCOGILPC-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2014-12-20 18:27 - 2014-12-20 18:27 - 00000000 ____D () C:\RegBackup
2014-12-20 18:26 - 2014-12-20 18:26 - 00002183 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-12-20 18:26 - 2014-12-20 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-20 18:26 - 2014-12-20 18:26 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-12-16 20:19 - 2014-12-16 20:19 - 00014785 _____ () C:\Users\suzanne\Desktop\dds.txt
2014-12-16 20:19 - 2014-12-16 20:19 - 00010979 _____ () C:\Users\suzanne\Desktop\attach.txt
2014-12-16 20:16 - 2014-12-16 20:16 - 00688992 ____R (Swearware) C:\Users\suzanne\Downloads\dds.scr
2014-12-12 07:15 - 2014-12-26 09:29 - 00048293 _____ () C:\Windows\setupact.log
2014-12-12 07:15 - 2014-12-12 07:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-09 10:20 - 2014-12-09 10:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-26 08:56 - 2014-11-26 08:56 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\AVG2015
2014-11-26 08:54 - 2014-11-26 08:54 - 00000937 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-26 08:53 - 2014-11-26 08:56 - 00000000 ____D () C:\ProgramData\AVG2015
2014-11-26 08:08 - 2014-12-01 08:00 - 00000000 ____D () C:\Users\suzanne\AppData\Local\Avg2015

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 16:41 - 2012-04-08 12:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 16:30 - 2010-01-29 09:53 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-26 14:30 - 2010-01-29 09:53 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 10:26 - 2011-01-02 15:11 - 01995862 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 09:37 - 2011-01-02 14:44 - 00009728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 09:37 - 2011-01-02 14:44 - 00009728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 09:32 - 2013-10-15 17:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-26 09:32 - 2010-12-18 15:06 - 00000000 ___RD () C:\Users\suzanne\Dropbox
2014-12-26 09:32 - 2010-12-18 14:49 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\Dropbox
2014-12-26 09:29 - 2011-01-02 15:09 - 02289678 _____ () C:\Windows\PFRO.log
2014-12-26 09:29 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 08:12 - 2014-11-16 12:05 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\Skype
2014-12-23 15:50 - 2009-07-13 20:53 - 00032596 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-19 18:43 - 2012-03-31 15:17 - 00000000 ____D () C:\Users\suzanne\Desktop\JASON
2014-12-19 15:44 - 2011-01-02 15:43 - 00801978 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 07:17 - 2012-05-03 17:02 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-12 07:34 - 2013-10-15 16:19 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 07:24 - 2010-12-18 14:50 - 00000000 ____D () C:\Users\suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-11 18:17 - 2010-06-09 08:56 - 00000000 ____D () C:\Program Files\Windows Live Safety Center
2014-12-11 14:22 - 2013-10-15 16:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-08 07:18 - 2012-04-08 12:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-08 07:18 - 2011-11-09 08:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-08 07:16 - 2013-10-15 17:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-26 08:54 - 2014-04-09 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-26 08:53 - 2013-10-15 17:12 - 00000000 ____D () C:\Program Files\AVG

Some content of TEMP:
====================
C:\Users\suzanne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpag5uqr.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 14:19

==================== End Of Log ============================
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 27th, 2014, 7:56 pm

The program that appears to be the one telling you your drivers are out of date, is "Driver Support Active Optimization", if you did not install this program yourself, then I suggest that you uninstall it.

I can't find any definitive evidence that it is malicious, but if it has been installed as foistware, then it's clearly something you don't want, and should be removed.

Other than that, there's no obvious signs of infection on your latest FRST logs.

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 28th, 2014, 9:57 pm

how do I figure out which anti virus etc I have running on this computer? I know there is AVG but am thinking there are others
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 29th, 2014, 2:26 am

AVG is the only one you'll have to disable whilst you're running the e-set scan. You do have Malwarebytes installed, but that won't interfere with the e-set scan.

To disable AVG ...

In the bottom, right-hand corner of your Desktop is the System Tray and, within it, the AVG Antivirus icon.
Right click the AVG Antivirus icon and select Quit AVG Control Center from the menu.

Don't forget to re-enable AVG once the e-set scan is finished ...

On your Desktop, click the Start button and select All Programs -> AVG Free Edition -> AVG Free Control Center from the menus.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 29th, 2014, 5:49 pm

My AVG just expired yesterday. I DID NOT find the
'quit avg control center' but I did click on 'temporarily disable avg protection' but I DID NOT click the option to disable firewall. do I need to?
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 29th, 2014, 7:33 pm

C:\ProgramData\InstallMate\{665B3AAF-DB2B-3811-DAFA-9309BDB81859}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application
C:\ProgramData\InstallMate\{91FAC0FD-8D1D-1844-FAAF-C53F4A19E20B}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application
C:\Users\All Users\InstallMate\{665B3AAF-DB2B-3811-DAFA-9309BDB81859}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application
C:\Users\All Users\InstallMate\{91FAC0FD-8D1D-1844-FAAF-C53F4A19E20B}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm

Re: yahoo controls firefox, delays in loading, browsing

Unread postby Gary R » December 30th, 2014, 1:52 am

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad (don't include Code: Select all).
Code: Select all
C:\ProgramData\InstallMate\{665B3AAF-DB2B-3811-DAFA-9309BDB81859}\_Setupx.dll 
C:\ProgramData\InstallMate\{91FAC0FD-8D1D-1844-FAAF-C53F4A19E20B}\_Setupx.dll
C:\Users\All Users\InstallMate\{665B3AAF-DB2B-3811-DAFA-9309BDB81859}\_Setupx.dll
C:\Users\All Users\InstallMate\{91FAC0FD-8D1D-1844-FAAF-C53F4A19E20B}\_Setupx.dll 
EmptyTemp:

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log

How is your computer behaving now ?

.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: yahoo controls firefox, delays in loading, browsing

Unread postby doby108 » December 30th, 2014, 2:37 pm

there is a glitch somewhere. When I click on the FRST.exe and hit the fix, there is no fixlist saved there. so I am doing something incorrectly. When I search programs for FRST I pull up at least 10 different ones.
doby108
Regular Member
 
Posts: 71
Joined: May 20th, 2013, 11:11 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 108 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware