1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

long lags and hangs

Discussion in 'Virus & Other Malware Removal' started by darknight25, Jan 14, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    Hello,

    Over the course of the past few months my Windows Vista has gotten slower and slower, to the point where when I click a desktop icon, it might take almost five minutes to load the application. A significant lag or hang also occurs when I click pretty much anything on an already open application. So, for example, I click "Control Panel", wait 2-3 minutes, and then click something within the control panel, and wait another 2-4, minutes. Is there a way to drastically speed up my PC? Any suggested programs, advice, etc. would be very much appreciated.
     
  2. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Let's take a look at what is happening on the system.

    Please download what you need to run on your system. (If you don't know if it is 32 or 64 bit, then download both file; only one will run on the system.)


    Please download Farbar Recovery Scan Tool 32bit and save it to your Desktop.

    Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.


    • Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • If an update is available, the program will inform you and download the update. Allow it do this please.
    • Press the Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
     
  3. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    Alright, thank you. Here are the scan results:


    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015 01
    Ran by Stephen (administrator) on STEPHEN-PC on 15-01-2015 19:37:14
    Running from C:\Users\Stephen\Downloads
    Loaded Profiles: Stephen (Available profiles: Stephen & Administrator)
    Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
    Internet Explorer Version 9 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Alcatel-Lucent) C:\Program Files\ATT\8.3.1.18\ma\bin\MAHostService.exe
    (Joyent, Inc) C:\Program Files\ATT\8.3.1.18\ma\bin\node.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    (McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVCM.EXE
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcServiceHost.exe
    (Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (Alcatel-Lucent) C:\Program Files\ATT-SST\pcTrayApp.exe
    (Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
    (Alcatel-Lucent) C:\Program Files\ATT\8.3.1.18\ma\bin\pcTrayApp.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (Microsoft Corporation) C:\Windows\ehome\ehtray.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe
    (Microsoft Corporation) C:\Windows\System32\wuauclt.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [514832 2014-09-04] (McAfee, Inc.)
    HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
    HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [ATT-SST_McciTrayApp] => C:\Program Files\ATT-SST\pcTrayApp.exe [1984000 2013-05-07] (Alcatel-Lucent)
    HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
    HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [497792 2014-08-05] (McAfee, Inc.)
    HKLM\...\Run: [ATT_McciTrayApp] => C:\Program Files\ATT\8.3.1.18\ma\bin\pcTrayApp.exe [1986048 2013-12-02] (Alcatel-Lucent)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Run: [Google Update] => C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc.)
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-13] (SUPERAntiSpyware)
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\MountPoints2: E - E:\setup.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cndt
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    SearchScopes: HKLM -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
    SearchScopes: HKLM -> {1A6F7013-B594-4E76-B64A-9926DF8F0A52} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
    SearchScopes: HKU\.DEFAULT -> DefaultScope {1A6F7013-B594-4E76-B64A-9926DF8F0A52} URL =
    SearchScopes: HKU\.DEFAULT -> {1A6F7013-B594-4E76-B64A-9926DF8F0A52} URL =
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> DefaultScope {938E0CC0-00AD-45DD-BC6E-9E05C470BFEE} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US400D20131217&p={SearchTerms}
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {1A6F7013-B594-4E76-B64A-9926DF8F0A52} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24} URL = http://search.yahoo.com/search?fr=chr-atty&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {6DBD9950-6248-4720-9E5B-11E20447196D} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {938E0CC0-00AD-45DD-BC6E-9E05C470BFEE} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US400D20131217&p={SearchTerms}
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {C12723A8-735D-4B0E-B040-8C645D6F6BF4} URL = http://www.flickr.com/search/?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {E4C80174-5830-4D7D-B130-8830E06CF153} URL = http://delicious.com/search?p={searchTerms}
    BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
    Toolbar: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
    ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
    Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default
    FF DefaultSearchEngine: Secure Search
    FF SearchEngineOrder.1: Secure Search
    FF SelectedSearchEngine: Secure Search
    FF Homepage: https://att.yahoo.com/
    FF Keyword.URL: https://search.yahoo.com/search?fr=mcafee&type=B111US400D20131217&p=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\ATT\8.3.1.18\ma\bin\npMotive.dll (Alcatel-Lucent)
    FF Plugin: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
    FF Plugin HKU\S-1-5-21-1318713196-1334084056-162886860-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1318713196-1334084056-162886860-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF user.js: detected! => C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\user.js
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Stephen\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
    FF Extension: Windows Media Player Extension for Firefox - C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\Extensions\[email protected] [2013-07-05]
    FF Extension: Yahoo! Toolbar - C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-20]
    FF Extension: Motive Extension - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2014-12-09]
    FF Extension: Motive Extension - C:\Program Files\Mozilla Firefox\browser\extensions\[email protected] [2014-12-09]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-03]
    FF HKLM\...\Firefox\Extensions: [{3633D24B-CCF3-478A-9534-3DB5885D27DD}] - C:\Users\Stephen\AppData\Local\{3633D24B-CCF3-478A-9534-3DB5885D27DD}
    FF Extension: XULRunner - C:\Users\Stephen\AppData\Local\{3633D24B-CCF3-478A-9534-3DB5885D27DD} [2010-01-16]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-04-17]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2010-08-01]
    FF HKU\.DEFAULT\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
    FF HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

    Chrome:
    =======
    CHR Profile: C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Bcool) - C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg [2014-03-10]
    CHR Extension: (McAfee Security Scan+) - C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-10]
    CHR Extension: (Motive Extension) - C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2014-03-10]
    CHR Extension: (SiteAdvisor) - C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-03-10]
    CHR Extension: (Google Wallet) - C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-10]
    CHR HKLM\...\Chrome\Extension: [ajhcekcffkpnaednoeoegnmnjdlnjjmg] - C:\ProgramData\Bcool\ajhcekcffkpnaednoeoegnmnjdlnjjmg.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
    CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2013-08-09]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2011-02-08]
    CHR StartMenuInternet: Google Chrome - C:\Users\Stephen\AppData\Local\Google\Chrome\Application\chrome.exe

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-13] (SUPERAntiSpyware.com)
    S2 0143031421371569mcinstcleanup; C:\Windows\TEMP\014303~1.EXE [851136 2014-08-08] (McAfee, Inc.)
    R2 AT&T Troubleshoot & Resolve; C:\Program Files\ATT\8.3.1.18\ma\bin\MAHostService.exe [321024 2013-12-02] (Alcatel-Lucent) [File not signed]
    S2 ATT MAHostService; C:\Program Files\ATT\8.3.1.7\ma\bin\MAHostService.exe [321024 2013-07-03] (Alcatel-Lucent) [File not signed]
    R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
    S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
    R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [286672 2014-07-30] (McAfee, Inc.)
    S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S4 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [File not signed]
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [131136 2014-12-03] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [529216 2014-09-04] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [286672 2014-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [286672 2014-07-30] (McAfee, Inc.)
    S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471560 2014-08-01] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [286672 2014-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [286672 2014-07-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [655936 2014-07-24] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-07-18] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-07-18] (McAfee, Inc.)
    R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [1590560 2012-05-17] (Microsoft Corp.)
    S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
    S2 Office Depot PC Support Agent; C:\Program Files\Office Depot PC Support Agent\esService.exe [933784 2012-02-24] (Support.com, Inc.)
    R2 pcCMService; C:\Program Files\Common Files\Motive\pcCMService.exe [369152 2013-03-02] (Alcatel-Lucent) [File not signed]
    R2 pcServiceHost; C:\Program Files\Common Files\Motive\pcServiceHost.exe [342528 2013-05-07] (Alcatel-Lucent) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
    S2 XAudioService; %SystemRoot%\system32\DRIVERS\xaudio.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 2WIREPCP; C:\Windows\System32\DRIVERS\2WirePCP.sys [68672 2004-05-25] (2Wire, Inc.)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62832 2014-07-18] (McAfee, Inc.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-15] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [135968 2014-07-18] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [238368 2014-07-18] (McAfee, Inc.)
    S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [67816 2014-07-18] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371288 2014-07-18] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575984 2014-07-18] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [349192 2014-07-24] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [81296 2014-07-24] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217224 2014-07-18] (McAfee, Inc.)
    R3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    R3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2010-09-28] (Apple, Inc.) [File not signed]
    R3 WUSB54GCv3; C:\Windows\System32\DRIVERS\WUSB54GCv3.sys [645120 2008-12-04] (Ralink Technology Corp.)
    S4 cvzczyry; No ImagePath
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S0 Lbd; system32\DRIVERS\Lbd.sys [X]
    S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
    S4 nhruz; No ImagePath
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
    S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
    S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
    U2 WZCSVC; No ImagePath
    S2 XAudio; system32\DRIVERS\xaudio.sys [X]

    ========================== Drivers MD5 =======================

    C:\Windows\System32\DRIVERS\2WirePCP.sys 6551C1CF190DF3E12C435A085987FBA0
    C:\Windows\System32\drivers\acpi.sys 82B296AE1892FE3DBEE00C9CF92F8AC7
    C:\Windows\system32\drivers\adp94xx.sys 04F0FCAC69C7C71A3AC4EB97FAFC8303
    C:\Windows\system32\drivers\adpahci.sys 60505E0041F7751BDBB80F88BF45C2CE
    C:\Windows\system32\drivers\adpu160m.sys 8A42779B02AEC986EAB64ECFC98F8BD7
    C:\Windows\system32\drivers\adpu320.sys 241C9E37F8CE45EF51C3DE27515CA4E5
    C:\Windows\system32\drivers\afd.sys F5272A105F59A7B3B345D9D6D87DA7AD
    C:\Windows\system32\drivers\agp440.sys 13F9E33747E6B41A3FF305C37DB0D360
    C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
    C:\Windows\system32\drivers\aliide.sys 9EAEF5FC9B8E351AFA7E78A6FAE91F91
    C:\Windows\system32\drivers\amdagp.sys C47344BC706E5F0B9DCE369516661578
    C:\Windows\system32\drivers\amdide.sys 9B78A39A4C173FDBC1321E0DD659B34C
    C:\Windows\system32\drivers\amdk7.sys 18F29B49AD23ECEE3D2A826C725C8D48
    C:\Windows\System32\DRIVERS\amdk8.sys 93AE7F7DD54AB986A6F1A1B37BE7442D
    C:\Windows\system32\drivers\arc.sys 5D2888182FB46632511ACEE92FDAD522
    C:\Windows\system32\drivers\arcsas.sys 5E2A321BD7C8B3624E41FDEC3E244945
    C:\Windows\System32\DRIVERS\asyncmac.sys 53B202ABEE6455406254444303E87BE1
    C:\Windows\System32\drivers\atapi.sys 1F05B78AB91C9075565A9D8A4B880BC4
    C:\Windows\system32\Drivers\Beep.sys 67E506B75BD5326A3EC7B70BD014DFB6
    C:\Windows\system32\drivers\blbdrive.sys D4DF28447741FD3D953526E33A617397
    C:\Windows\System32\DRIVERS\bowser.sys 35F376253F687BDE63976CCB3F2108CA
    C:\Windows\system32\drivers\brfiltlo.sys ==> MD5 is legit
    C:\Windows\system32\drivers\brfiltup.sys ==> MD5 is legit
    C:\Windows\system32\drivers\brserid.sys ==> MD5 is legit
    C:\Windows\system32\drivers\brserwdm.sys ==> MD5 is legit
    C:\Windows\system32\drivers\brusbmdm.sys ==> MD5 is legit
    C:\Windows\system32\drivers\brusbser.sys ==> MD5 is legit
    C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\cdfs.sys 7ADD03E75BEB9E6DD102C3081D29840A
    C:\Windows\System32\DRIVERS\cdrom.sys 6B4BFFB9BECD728097024276430DB314
    C:\Windows\System32\drivers\cfwids.sys 33A8390580EFA7417C1ED3A66BEC6E5A
    C:\Windows\system32\drivers\circlass.sys E5D4133F37219DBCFE102BC61072589D
    C:\Windows\System32\CLFS.sys D7659D3B5B92C31E84E53C1431F35132
    C:\Windows\system32\drivers\cmdide.sys 0CA25E686A4928484E9FDABD168AB629
    C:\Windows\system32\drivers\compbatt.sys 6AFEF0B60FA25DE07C0968983EE4F60A
    C:\Windows\System32\drivers\crcdisk.sys 741E9DFF4F42D2D8477D0FC1DC0DF871
    C:\Windows\system32\drivers\crusoe.sys 1F07BECDCA750766A96CDA811BA86410
    C:\Windows\System32\Drivers\dfsc.sys 622C41A07CA7E6DD91770F50D532CB6C
    C:\Windows\System32\drivers\disk.sys 5D4AEFC3386920236A548271F8F1AF6A
    C:\Windows\System32\DRIVERS\Dot4.sys 4F59C172C094E1A1D46463A8DC061CBD
    C:\Windows\System32\DRIVERS\Dot4Prt.sys 80BF3BA09F6F2523C8F6B7CC6DBF7BD5
    C:\Windows\System32\DRIVERS\dot4usb.sys C55004CA6B419B6695970DFE849B122F
    C:\Windows\System32\drivers\drmkaud.sys 97FEF831AB90BEE128C9AF390E243F80
    C:\Windows\System32\drivers\dxgkrnl.sys 5C2C209CDEFBC51D83D66E8A53B2BE89
    C:\Windows\System32\DRIVERS\E1G60I32.sys 5425F74AC0C1DBD96A1E04F17D63F94C
    C:\Windows\System32\drivers\ecache.sys 7F64EA048DCFAC7ACF8B4D7B4E6FE371
    C:\Windows\system32\drivers\elxstor.sys 23B62471681A124889978F6295B3F4C6
    C:\Windows\system32\drivers\errdev.sys 3DB974F3935483555D7148663F726C61
    C:\Windows\system32\Drivers\exfat.sys 22B408651F9123527BCEE54B4F6C5CAE
    C:\Windows\system32\Drivers\fastfat.sys 4E404505B3F62ECFBDBCBBCF0A72DBC5
    C:\Windows\System32\DRIVERS\fdc.sys AFE1E8B9782A0DD7FB46BBD88E43F89A
    C:\Windows\System32\drivers\fileinfo.sys A8C0139A884861E3AAE9CFE73B208A9F
    C:\Windows\System32\drivers\filetrace.sys 0AE429A696AECBC5970E3CF2C62635AE
    C:\Windows\System32\DRIVERS\flpydisk.sys 85B7CF99D532820495D68D747FDA9EBD
    C:\Windows\System32\drivers\fltmgr.sys 01334F9EA68E6877C4EF05D3EA8ABB05
    C:\Windows\System32\DRIVERS\fssfltr.sys B0082808A6856A252F7CDD939892CE50
    C:\Windows\system32\Drivers\Fs_Rec.sys B972A66758577E0BFD1DE0F91AAA27B5
    C:\Windows\system32\drivers\gagp30kx.sys 34582A6E6573D54A07ECE5FE24A126B5
    C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
    C:\Windows\System32\DRIVERS\HDAudBus.sys 062452B7FFD68C8C042A6261FE8DFF4A
    C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
    C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\hidusb.sys CCA4B519B17E23A00B826C55716809CC
    C:\Windows\System32\drivers\HipShieldK.sys 156765F692192EA9039A6C4A809312FD
    C:\Windows\system32\drivers\hpcisss.sys 16EE7B23A009E00D835CDB79574A91A6
    C:\Windows\System32\drivers\HTTP.sys F870AA3E254628EBEAFE754108D664DE
    C:\Windows\system32\drivers\i2omp.sys C6B032D69650985468160FC9937CF5B4
    C:\Windows\System32\DRIVERS\i8042prt.sys 22D56C8184586B7A1F6FA60BE5F5A2BD
    C:\Windows\system32\drivers\iastorv.sys 54155EA1B0DF185878E0FC9EC3AC3A14
    C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\RTKVHDA.sys 5D26CCB06E1F3B5C26E863DF3F4F2611
    C:\Windows\system32\drivers\intelide.sys 83AA759F3189E6370C30DE5DC5590718
    C:\Windows\System32\DRIVERS\intelppm.sys 224191001E78C89DFA78924C3EA595FF
    C:\Windows\System32\DRIVERS\ipfltdrv.sys 62C265C38769B864CB25B4BCF62DF6C3
    C:\Windows\system32\drivers\ipmidrv.sys B25AAF203552B7B3491139D582B39AD1
    C:\Windows\System32\DRIVERS\ipnat.sys 8793643A67B42CEC66490B2A0CF92D68
    C:\Windows\System32\drivers\irenum.sys 109C0DFB82C3632FBD11949B73AEEAC9
    C:\Windows\system32\drivers\isapnp.sys 6C70698A3E5C4376C6AB5C7C17FB0614
    C:\Windows\System32\DRIVERS\msiscsi.sys 232FA340531D940AAC623B121A595034
    C:\Windows\system32\drivers\iteatapi.sys ==> MD5 is legit
    C:\Windows\system32\drivers\iteraid.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\kbdclass.sys 37605E0A8CF00CBBA538E753E4344C6E
    C:\Windows\System32\DRIVERS\kbdhid.sys EDE59EC70E25C24581ADD1FBEC7325F7
    C:\Windows\System32\Drivers\ksecdd.sys 4A1445EFA932A3BAF5BDB02D7131EE20
    C:\Windows\System32\DRIVERS\lltdio.sys D1C5883087A0C3F1344D9D55A44901F6
    C:\Windows\system32\drivers\lsi_fc.sys C7E15E82879BF3235B559563D4185365
    C:\Windows\system32\drivers\lsi_sas.sys EE01EBAE8C9BF0FA072E0FF68718920A
    C:\Windows\system32\drivers\lsi_scsi.sys 912A04696E9CA30146A62AFA1463DD5C
    C:\Windows\system32\drivers\luafv.sys 8F5C7426567798E62A3B3614965D62CC
    C:\Windows\system32\drivers\mbam.sys A3F4391DFDF2F9E9FE4EAD193265A5AD
    C:\Windows\system32\drivers\MBAMSwissArmy.sys 8E2E9CCD873ABF180F48BCAEEEBE347D
    C:\Windows\system32\drivers\mwac.sys 6D2DB74A8CF2DDFE372FFF9C73E8F0EF
    C:\Windows\system32\drivers\megasas.sys 0001CE609D66632FA17B84705F658879
    C:\Windows\system32\drivers\megasr.sys C252F32CD9A49DBFC25ECF26EBD51A99
    C:\Windows\System32\drivers\mfeapfk.sys 25E940DD7E9DFAA27FFEB4B588415F9F
    C:\Windows\System32\drivers\mfeavfk.sys 953FDF28163045884770F477A74B20AE
    C:\Windows\System32\drivers\mfebopk.sys E3A66E7DDDDCC7513BEEDD9A5B04C855
    C:\Windows\System32\drivers\mfefirek.sys 9708BB52FBF314149D6B284DEB24C318
    C:\Windows\System32\drivers\mfehidk.sys 600630D8A1703CFC9ED00E20C0CA6212
    C:\Windows\System32\DRIVERS\mfencbdc.sys D3B8DF7077DA7CE27D844F0846DEF159
    C:\Windows\System32\DRIVERS\mfencrk.sys 54A345916D013BF3F1D8FBB7C5A01795
    C:\Windows\System32\drivers\mfewfpk.sys B7AA9A5AA1E0C160C1160C5238E483C8
    C:\Windows\System32\drivers\modem.sys E13B5EA0F51BA5B1512EC671393D09BA
    C:\Windows\System32\DRIVERS\monitor.sys 0A9BB33B56E294F686ABB7C1E4E2D8A8
    C:\Windows\System32\DRIVERS\mouclass.sys 5BF6A1326A335C5298477754A506D263
    C:\Windows\System32\DRIVERS\mouhid.sys 93B8D4869E12CFBE663915502900876F
    C:\Windows\System32\drivers\mountmgr.sys BDAFC88AA6B92F7842416EA6A48E1600
    C:\Windows\system32\drivers\mpio.sys 511D011289755DD9F9A7579FB0B064E6
    C:\Windows\System32\drivers\mpsdrv.sys 22241FEBA9B2DEFA669C8CB0A8DD7D2E
    C:\Windows\system32\drivers\mraid35x.sys ==> MD5 is legit
    C:\Program Files\Common Files\Motive\MREMP50.sys 9BD4DCB5412921864A7AACDEDFBD1923
    C:\Program Files\Common Files\Motive\MRESP50.sys 07C02C892E8E1A72D6BF35004F0E9C5E
    C:\Windows\system32\drivers\mrxdav.sys B0584CA7DEF55929FDB5169BD28B2484
    C:\Windows\System32\DRIVERS\mrxsmb.sys 1E94971C4B446AB2290DEB71D01CF0C2
    C:\Windows\System32\DRIVERS\mrxsmb10.sys 4FCCB34D793B116423209C0F8B7A3B03
    C:\Windows\System32\DRIVERS\mrxsmb20.sys C3CB1B40AD4A0124D617A1199B0B9D7C
    C:\Windows\system32\drivers\msahci.sys 28023E86F17001F7CD9B15A5BC9AE07D
    C:\Windows\system32\drivers\msdsm.sys 4468B0F385A86ECDDAF8D3CA662EC0E7
    C:\Windows\system32\Drivers\Msfs.sys A9927F4A46B816C92F461ACB90CF8515
    C:\Windows\System32\drivers\msisadrv.sys 0F400E306F385C56317357D6DEA56F62
    C:\Windows\System32\drivers\MSKSSRV.sys D8C63D34D9C9E56C059E24EC7185CC07
    C:\Windows\System32\drivers\MSPCLOCK.sys 1D373C90D62DDB641D50E55B9E78D65E
    C:\Windows\System32\drivers\MSPQM.sys B572DA05BF4E098D4BBA3A4734FB505B
    C:\Windows\system32\Drivers\MsRPC.sys B49456D70555DE905C311BCDA6EC6ADB
    C:\Windows\System32\DRIVERS\mssmbios.sys E384487CB84BE41D09711C30CA79646C
    C:\Windows\System32\drivers\MSTEE.sys 7199C1EEC1E4993CAF96B8C0A26BD58A
    C:\Windows\System32\Drivers\mup.sys 6A57B5733D4CB702C8EA4542E836B96C
    C:\Windows\System32\DRIVERS\nwifi.sys 85C44FDFF9CF7E72A40DCB7EC06A4416
    C:\Windows\System32\drivers\ndis.sys 1357274D1883F68300AEADD15D7BBB42
    C:\Windows\System32\DRIVERS\ndistapi.sys 0E186E90404980569FB449BA7519AE61
    C:\Windows\System32\DRIVERS\ndisuio.sys D6973AA34C4D5D76C0430B181C3CD389
    C:\Windows\System32\DRIVERS\ndiswan.sys 818F648618AE34F729FDB47EC68345C3
    C:\Windows\system32\Drivers\NDProxy.sys 71DAB552B41936358F3B541AE5997FB3
    C:\Windows\System32\DRIVERS\netbios.sys BCD093A5A6777CF626434568DC7DBA78
    C:\Windows\System32\DRIVERS\netbt.sys ECD64230A59CBD93C85F1CD1CAB9F3F6
    C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
    C:\Windows\system32\Drivers\Npfs.sys D36F239D7CCE1931598E8FB90A0DBC26
    C:\Windows\System32\drivers\nsiproxy.sys 609773E344A97410CE4EBF74A8914FCF
    C:\Windows\system32\Drivers\Ntfs.sys 2C1121F2B87E9A6B12485DF53CD848C7
    C:\Windows\system32\drivers\ntrigdigi.sys ==> MD5 is legit
    C:\Windows\system32\Drivers\Null.sys C5DBBCDA07D780BDA9B685DF333BB41E
    C:\Windows\System32\DRIVERS\nvmfdx32.sys D958A2B5F6AD5C3B8CCDC4D7DA62466C
    C:\Windows\System32\DRIVERS\nvlddmkm.sys FBBA09782F2FAC5A57619DF378BA9372
    C:\Windows\System32\drivers\nvraid.sys 2EDF9E7751554B42CBB60116DE727101
    C:\Windows\system32\drivers\nvrd32.sys 0D15327134E5871C922760ACD7449E84
    C:\Windows\system32\drivers\nvsmu.sys C44EE36DD84FA95EB81D79C374756003
    C:\Windows\system32\drivers\nvstor.sys ABED0C09758D1D97DB0042DBB2688177
    C:\Windows\System32\drivers\nvstor32.sys FA7B8ECA6E845B244B7E30A9DCD82C6C
    C:\Windows\system32\drivers\nv_agp.sys 18BBDF913916B71BD54575BDB6EEAC0B
    C:\Windows\System32\DRIVERS\ohci1394.sys 6F310E890D46E246E0E261A63D9B36B4
    C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
    C:\Windows\System32\drivers\partmgr.sys B9C2B89F08670E159F7181891E449CD9
    C:\Windows\system32\drivers\parvdm.sys ==> MD5 is legit
    C:\Windows\System32\drivers\pci.sys 941DC1D19E7E8620F40BBC206981EFDB
    C:\Windows\System32\drivers\pciide.sys 1636D43F10416AEB483BC6001097B26C
    C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
    C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\raspptp.sys ECFFFAEC0C1ECD8DBC77F39070EA1DB1
    C:\Windows\system32\drivers\processr.sys 2027293619DD0F047C584CF2E7DF4FFD
    C:\Windows\System32\DRIVERS\pacer.sys 99514FAA8DF93D34B5589187DB3AA0BA
    C:\Windows\system32\drivers\ql2300.sys 0A6DB55AFB7820C99AA1F3A1D270F4F6
    C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\qwavedrv.sys 9F5E0E1926014D17486901C88ECA2DB7
    C:\Windows\System32\DRIVERS\rasacd.sys 147D7F9C556D259924351FEB0DE606C3
    C:\Windows\System32\DRIVERS\rasl2tp.sys A214ADBAF4CB47DD2728859EF31F26B0
    C:\Windows\System32\DRIVERS\raspppoe.sys 509A98DD18AF4375E1FC40BC175F1DEF
    C:\Windows\System32\DRIVERS\rassstp.sys 2005F4A1E05FA09389AC85840F0A9E4D
    C:\Windows\System32\DRIVERS\rdbss.sys B14C9D5B9ADD2F84F70570BBBFAA7935
    C:\Windows\System32\DRIVERS\RDPCDD.sys 89E59BE9A564262A3FB6C4F4F1CD9899
    C:\Windows\system32\drivers\rdpdr.sys FBC0BACD9C3D7F6956853F64A66E252D
    C:\Windows\System32\drivers\rdpencdd.sys 9D91FE5286F748862ECFFA05F8A0710C
    C:\Windows\system32\Drivers\RDPWD.sys C127EBD5AFAB31524662C48DFCEB773A
    C:\Windows\System32\DRIVERS\rspndr.sys 9C508F4074A39E8B4B31D27198146FAD
    C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 39763504067962108505BFF25F024345
    C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85
    C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
    C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
    C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sermouse.sys 8AF3D28A879BF75DB53A0EE7A4289624
    C:\Windows\system32\drivers\sffdisk.sys 3EFA810BDCA87F6ECC24F9832243FE86
    C:\Windows\system32\drivers\sffp_mmc.sys E95D451F7EA3E583AEC75F3B3EE42DC5
    C:\Windows\system32\drivers\sffp_sd.sys 3D0EA348784B7AC9EA9BD9F317980979
    C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sisagp.sys 1D76624A09A054F682D746B924E2DBC3
    C:\Windows\system32\drivers\sisraid2.sys 43CB7AA756C7DB280D01DA9B676CFDE2
    C:\Windows\system32\drivers\sisraid4.sys A99C6C8B0BAA970D8AA59DDC50B57F94
    C:\Windows\System32\DRIVERS\smb.sys 7B75299A4D201D6A6533603D6914AB04
    C:\Windows\system32\Drivers\spldr.sys 7AEBDEEF071FE28B0EEF2CDD69102BFF
    C:\Windows\System32\DRIVERS\srv.sys 41987F9FC0E61ADF54F581E15029AD91
    C:\Windows\System32\DRIVERS\srv2.sys FF33AFF99564B1AA534F58868CBE41EF
    C:\Windows\System32\DRIVERS\srvnet.sys 7605C0E1D01A08F3ECD743F38B834A44
    C:\Windows\System32\DRIVERS\ssmirrdr.sys F843301BDADB2728822C83413EF5F132
    C:\Windows\System32\DRIVERS\serscan.sys EF70B3D22B4BFFDA6EA851ECB063EFAA
    C:\Windows\System32\DRIVERS\swenum.sys 7BA58ECF0C0A9A69D44B3DCA62BECF56
    C:\Windows\system32\drivers\symc8xx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sym_hi.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sym_u3.sys ==> MD5 is legit
    C:\Windows\System32\drivers\tcpip.sys C7B0746FCD576D7EEBA6A2530B0B2966
    C:\Windows\System32\DRIVERS\tcpip.sys C7B0746FCD576D7EEBA6A2530B0B2966
    C:\Windows\System32\drivers\tcpipreg.sys 608C345A255D82A6289C2D468EB41FD7
    C:\Windows\System32\drivers\tdpipe.sys 5DCF5E267BE67A1AE926F2DF77FBCC56
    C:\Windows\System32\drivers\tdtcp.sys 389C63E32B3CEFED425B61ED92D3F021
    C:\Windows\System32\DRIVERS\tdx.sys 76B06EB8A01FC8624D699E7045303E54
    C:\Windows\System32\DRIVERS\termdd.sys 3CAD38910468EAB9A6479E2F01DB43C7
    C:\Windows\System32\DRIVERS\tssecsrv.sys F4EAA7ECBCB25DE901C9B7F2CDCDA0B3
    C:\Windows\System32\DRIVERS\tunmp.sys CAECC0120AC49E3D2F758B9169872D38
    C:\Windows\System32\DRIVERS\tunnel.sys 300DB877AC094FEAB0BE7688C3454A9C
    C:\Windows\system32\drivers\uagp35.sys 7D33C4DB2CE363C8518D2DFCF533941F
    C:\Windows\System32\DRIVERS\udfs.sys D9728AF68C4C7693CB100B8441CBDEC6
    C:\Windows\system32\drivers\uliagpkx.sys B0ACFDC9E4AF279E9116C03E014B2B27
    C:\Windows\system32\drivers\uliahci.sys 9224BB254F591DE4CA8D572A5F0D635C
    C:\Windows\system32\drivers\ulsata.sys ==> MD5 is legit
    C:\Windows\system32\drivers\ulsata2.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\umbus.sys 32CFF9F809AE9AED85464492BF3E32D2
    C:\Windows\System32\Drivers\usbaapl.sys 5C2BDC152BBAB34F36473DEAF7713F22
    C:\Windows\System32\DRIVERS\usbccgp.sys AAB0B5F72D2D726FBFDC895A2902DE1D
    C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\usbehci.sys 153E8515CB86F8BB5D1A8B478EBF4BB2
    C:\Windows\System32\DRIVERS\usbhub.sys 2AE6BCEBD85D31317E433733DAF25888
    C:\Windows\System32\DRIVERS\usbohci.sys D457EBD0C3A8B3A3A144355B5EE91CBC
    C:\Windows\System32\DRIVERS\usbprint.sys E75C4B5269091D15A2E7DC0B6D35F2F5
    C:\Windows\System32\DRIVERS\usbscan.sys A508C9BD8724980512136B039BBA65E9
    C:\Windows\System32\DRIVERS\USBSTOR.SYS BE3DA31C191BC222D9AD503C5224F2AD
    C:\Windows\System32\DRIVERS\usbuhci.sys 814D653EFC4D48BE3B04A307ECEFF56F
    C:\Windows\System32\DRIVERS\vgapnp.sys 87B06E1F30B749A114F74622D013F8D4
    C:\Windows\System32\drivers\vga.sys 2E93AC0A1D8C79D019DB6C51F036636C
    C:\Windows\system32\drivers\viaagp.sys 5D7159DEF58A800D5781BA3A879627BC
    C:\Windows\system32\drivers\viac7.sys C4F3A691B5BAD343E6249BD8C2D45DEE
    C:\Windows\system32\drivers\viaide.sys AADF5587A4063F52C2C3FED7887426FC
    C:\Windows\System32\drivers\volmgr.sys 69503668AC66C77C6CD7AF86FBDF8C43
    C:\Windows\System32\drivers\volmgrx.sys 23E41B834759917BFD6B9A0D625D0C28
    C:\Windows\System32\drivers\volsnap.sys 786DB5771F05EF300390399F626BF30A
    C:\Windows\system32\drivers\vsmraid.sys 587253E09325E6BF226B299774B728A9
    C:\Windows\System32\DRIVERS\VSTBS23.SYS ==> MD5 is legit
    C:\Windows\System32\DRIVERS\VSTDPV3.SYS ==> MD5 is legit
    C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
    C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
    C:\Windows\system32\drivers\wd.sys 78FE9542363F297B18C027B2D7E7C07F
    C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
    C:\Windows\System32\DRIVERS\VSTCNXT3.SYS ==> MD5 is legit
    C:\Windows\system32\drivers\wmiacpi.sys 2E7255D172DF0B8283CDFB7B433B864E
    C:\Windows\system32\drivers\ws2ifsl.sys E3A3CB253C0EC2494D4A61F5E43A389C
    C:\Windows\System32\DRIVERS\WSDPrint.sys 4422AC5ED8D4C2F0DB63E71D4C069DD7
    C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
    C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
    C:\Windows\System32\DRIVERS\WUSB54GCv3.sys 2E812881EC96E80EAE304877ED90206B

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-15 19:37 - 2015-01-15 19:38 - 00043971 _____ () C:\Users\Stephen\Downloads\FRST.txt
    2015-01-15 19:36 - 2015-01-15 19:37 - 00000000 ____D () C:\FRST
    2015-01-15 19:36 - 2015-01-15 19:36 - 01116672 _____ (Farbar) C:\Users\Stephen\Downloads\FRST.exe
    2015-01-14 21:04 - 2015-01-14 21:04 - 00000078 _____ () C:\lxdq.log
    2015-01-14 20:51 - 2015-01-14 20:51 - 279801918 _____ () C:\Windows\MEMORY.DMP
    2015-01-14 20:51 - 2015-01-14 20:51 - 00144832 _____ () C:\Windows\Minidump\Mini011415-01.dmp
    2015-01-14 16:24 - 2015-01-15 19:25 - 00039144 _____ () C:\Windows\WindowsUpdate.log
    2015-01-14 16:17 - 2015-01-14 21:15 - 00020760 _____ () C:\Windows\PFRO.log
    2015-01-14 16:14 - 2015-01-14 16:14 - 00000770 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-01-14 16:13 - 2015-01-14 16:13 - 05317104 _____ (Piriform Ltd) C:\Users\Stephen\Downloads\ccsetup501(2).exe
    2015-01-14 15:40 - 2015-01-14 15:42 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Stephen\Downloads\mbam-setup-2.0.4.1028(1).exe
    2015-01-14 15:40 - 2015-01-14 15:40 - 05317104 _____ (Piriform Ltd) C:\Users\Stephen\Downloads\ccsetup501(1).exe
    2015-01-14 15:38 - 2015-01-14 15:38 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
    2015-01-14 15:38 - 2015-01-14 15:38 - 00000000 ____D () C:\Users\Administrator
    2015-01-14 15:38 - 2013-07-05 10:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-01-14 15:38 - 2013-07-05 10:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-01-14 15:38 - 2010-02-08 21:45 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
    2015-01-14 15:38 - 2008-05-05 02:42 - 00001038 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk
    2015-01-14 15:32 - 2015-01-15 19:21 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-14 15:32 - 2015-01-14 15:32 - 05317104 _____ (Piriform Ltd) C:\Users\Stephen\Downloads\ccsetup501.exe
    2015-01-14 15:31 - 2015-01-14 15:31 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-14 15:31 - 2015-01-14 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-14 15:31 - 2015-01-14 15:31 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-01-14 15:31 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-14 15:31 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-14 15:31 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-01-14 15:29 - 2015-01-14 15:29 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Stephen\Downloads\mbam-setup-2.0.4.1028.exe
    2015-01-14 15:23 - 2015-01-14 15:23 - 05702992 _____ (Uniblue Systems Ltd ) C:\Users\Stephen\Downloads\driverscanner(1).exe
    2015-01-14 15:20 - 2015-01-14 15:20 - 04781920 _____ (Uniblue Systems Limited ) C:\Users\Stephen\Downloads\registrybooster.exe
    2015-01-14 09:48 - 2015-01-14 09:48 - 01182190 _____ () C:\Users\Stephen\Downloads\7z938.exe
    2015-01-14 09:43 - 2015-01-14 09:43 - 10000880 _____ ( ) C:\Users\Stephen\Downloads\yodot-zip-repair.exe
    2015-01-14 09:05 - 2015-01-14 09:05 - 00000000 ____D () C:\Users\Stephen\Desktop\tex civ p outline
    2015-01-14 07:18 - 2015-01-15 10:46 - 00000000 ____D () C:\Users\Stephen\Desktop\farnsworth materials
    2015-01-13 22:23 - 2014-12-18 18:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-13 21:59 - 2014-12-05 21:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-13 21:59 - 2014-12-05 21:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-13 21:59 - 2014-12-05 21:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2015-01-13 21:59 - 2014-12-05 21:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-15 19:26 - 2014-03-27 18:46 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318713196-1334084056-162886860-1000UA1cf4a1f24455980.job
    2015-01-15 19:21 - 2012-04-03 07:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-01-15 19:20 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\system32\LogFiles
    2015-01-15 15:08 - 2006-11-02 06:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-15 15:08 - 2006-11-02 06:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-15 12:45 - 2006-11-02 04:33 - 00763586 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-15 12:43 - 2013-07-27 17:23 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-01-15 12:38 - 2013-08-09 12:03 - 00000000 ____D () C:\Program Files\ATT
    2015-01-15 12:38 - 2008-08-22 17:11 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
    2015-01-15 12:38 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-15 11:16 - 2012-12-28 19:16 - 00000000 ____D () C:\Users\Stephen\Desktop\comics stuff
    2015-01-15 09:54 - 2009-07-01 18:06 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318713196-1334084056-162886860-1000Core.job
    2015-01-14 21:18 - 2006-11-02 07:01 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-01-14 21:17 - 2006-11-02 06:47 - 00330192 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-01-14 21:15 - 2008-05-05 02:30 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
    2015-01-14 21:11 - 2010-05-05 21:18 - 00000000 ____D () C:\Users\Stephen\AppData\Roaming\Uniblue
    2015-01-14 21:11 - 2010-05-05 21:18 - 00000000 ____D () C:\Program Files\Uniblue
    2015-01-14 21:09 - 2008-08-22 14:25 - 00084664 _____ () C:\Users\Stephen\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-14 21:08 - 2008-05-05 02:21 - 00000000 ____D () C:\Windows\system32\RTCOM
    2015-01-14 21:07 - 2008-05-05 02:30 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
    2015-01-14 21:06 - 2008-08-24 12:11 - 00004341 _____ () C:\ProgramData\hpzinstall.log
    2015-01-14 21:06 - 2008-05-05 02:36 - 00000000 ____D () C:\Program Files\CyberLink
    2015-01-14 20:51 - 2009-05-03 12:31 - 00000000 ____D () C:\Windows\Minidump
    2015-01-14 19:24 - 2008-08-23 15:40 - 00000052 _____ () C:\Windows\system32\DOErrors.log
    2015-01-14 16:24 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\tracing
    2015-01-14 16:15 - 2012-04-10 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bcool
    2015-01-14 16:15 - 2008-12-26 15:26 - 00000000 ____D () C:\Users\Stephen\Desktop\JUNK
    2015-01-14 16:14 - 2012-06-12 05:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-01-14 16:14 - 2009-05-12 11:52 - 00000000 ____D () C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-01-14 16:14 - 2009-05-12 11:52 - 00000000 ____D () C:\Program Files\CCleaner
    2015-01-14 16:04 - 2012-04-10 18:22 - 00000000 ____D () C:\ProgramData\InstallMate
    2015-01-14 15:31 - 2010-06-15 16:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-14 10:31 - 2008-08-22 14:28 - 00000910 _____ () C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-01-14 09:46 - 2010-01-16 18:44 - 00000000 ____D () C:\ProgramData\TEMP
    2015-01-14 08:52 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-01-13 22:23 - 2013-07-14 13:50 - 00000000 ____D () C:\Windows\system32\MRT
    2015-01-13 22:15 - 2006-11-02 04:24 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2015-01-13 21:19 - 2012-04-03 07:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-01-13 21:19 - 2011-06-04 06:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    ==================== BCD ================================

    Windows Boot Manager
    --------------------
    identifier {bootmgr}
    device partition=C:
    description Windows Boot Manager
    locale en-US
    inherit {globalsettings}
    default {current}
    resumeobject {115b619e-1a84-11dd-9cb3-001fc67759e6}
    displayorder {current}
    toolsdisplayorder {memdiag}
    timeout 30
    resume No

    Windows Boot Loader
    -------------------
    identifier {current}
    device partition=C:
    path \Windows\system32\winload.exe
    description Microsoft Windows Vista
    locale en-US
    inherit {bootloadersettings}
    recoverysequence {572bcd55-ffa7-11d9-aae2-0007e994107d}
    recoveryenabled Yes
    osdevice partition=C:
    systemroot \Windows
    resumeobject {115b619e-1a84-11dd-9cb3-001fc67759e6}
    nx OptIn

    Windows Boot Loader
    -------------------
    identifier {572bcd55-ffa7-11d9-aae2-0007e994107d}
    device ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
    path \windows\system32\boot\winload.exe
    description HP Recovery Manager
    osdevice ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
    systemroot \windows
    nx OptIn
    detecthal Yes
    winpe Yes

    Resume from Hibernate
    ---------------------
    identifier {115b619e-1a84-11dd-9cb3-001fc67759e6}
    device partition=C:
    path \Windows\system32\winresume.exe
    description Windows Resume Application
    locale en-US
    inherit {resumeloadersettings}
    filedevice partition=C:
    filepath \hiberfil.sys
    pae Yes
    debugoptionenabled No

    Windows Memory Tester
    ---------------------
    identifier {memdiag}
    device partition=C:
    path \boot\memtest.exe
    description Windows Memory Diagnostic
    locale en-US
    inherit {globalsettings}
    badmemoryaccess Yes

    Windows Legacy OS Loader
    ------------------------
    identifier {ntldr}
    device partition=C:
    path \ntldr
    description Earlier Version of Windows

    EMS Settings
    ------------
    identifier {emssettings}
    bootems Yes

    Debugger Settings
    -----------------
    identifier {dbgsettings}
    debugtype Serial
    debugport 1
    baudrate 115200

    RAM Defects
    -----------
    identifier {badmemory}

    Global Settings
    ---------------
    identifier {globalsettings}
    inherit {dbgsettings}
    {emssettings}
    {badmemory}

    Boot Loader Settings
    --------------------
    identifier {bootloadersettings}
    inherit {globalsettings}

    Resume Loader Settings
    ----------------------
    identifier {resumeloadersettings}
    inherit {globalsettings}

    Device options
    --------------
    identifier {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
    description Ramdisk Device Options
    ramdisksdidevice partition=D:
    ramdisksdipath \boot\boot.sdi

    Setup Ramdisk Options
    ---------------------
    identifier {ramdiskoptions}
    description RAM Disk Settings
    ramdisksdidevice partition=D:
    ramdisksdipath \boot\boot.sdi



    LastRegBack: 2015-01-15 12:44

    ==================== End Of Log ============================



    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2015 01
    Ran by Stephen at 2015-01-15 19:39:04
    Running from C:\Users\Stephen\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
    4500_G510nz_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510nz (Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
    aaa (HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\aaa) (Version: - bbb)
    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
    Acrobat.com (Version: 2.1.0 - Adobe Systems Incorporated) Hidden
    ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
    Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
    Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
    Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    AT&T Troubleshoot & Resolve Tool (HKLM\...\ATT-SST) (Version: - )
    AT&T Yahoo! Browser Configuration (HKLM\...\AT&T Yahoo! Browser Configuration) (Version: - )
    ATT Management Agent (HKLM\...\ATT-AT&T Troubleshoot & Resolve) (Version: 8.3.1.18 - AT&T)
    ATT Management Agent (HKLM\...\ATT-ATT Management Agent) (Version: 8.3.1.7 - ATT)
    att.net Internet Mail (HKLM\...\Yahoo! Mail) (Version: - )
    ATT-RC Self Support Tool (HKLM\...\ATT-RC) (Version: - )
    Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    CyberLink DVD Suite Deluxe (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1329 - CyberLink Corp.)
    CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2726 - CyberLink Corp.)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
    DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    DJ_SF_03_D1500_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    DJ_SF_03_D1500_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    DocMgr (Version: 130.0.000.000 - Hewlett-Packard) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
    Google Chrome (HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
    GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.1.4748.24 - PC-Doctor, Inc.)
    HL-2270DW (HKLM\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
    HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
    HP Customer Experience Enhancements (HKLM\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Demo (HKLM\...\{44F3AD4C-D8A0-40DD-94A1-7443BE9953C7}_is1) (Version: HP Demo - Hewlett-Packard)
    HP Deskjet D1500 Printer Driver Software 10.0 Rel .3 (HKLM\...\{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}) (Version: 10.0 - HP)
    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
    HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Total Care Advisor (HKLM\...\{F31E534B-4199-4552-8154-5C130710D68E}) (Version: 2.4.6651.2902 - Hewlett-Packard)
    HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HPTCSSetup (HKLM\...\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}) (Version: 1.0.964.2626 - Hewlett-Packard Company)
    iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
    Internet Explorer Toolbar 4.9 by SweetPacks (HKLM\...\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}) (Version: 4.9.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
    iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
    iSEEK AnswerWorks English Runtime (HKLM\...\{9E5A03E3-6246-4920-9630-0527D5DA9B07}) (Version: 009.000.0002 - Vantage Linguistics)
    iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
    Java(TM) SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LightScribe System Software 1.12.37.1 (HKLM\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: 1.12.37.1 - LightScribe)
    LightScribeTemplateLabeler (HKLM\...\{305D4B08-5807-4475-B1C8-D54685534864}) (Version: 1.10.23.1 - LightScribe)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    McAfee AntiVirus Plus (HKLM\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.156 - McAfee, Inc.)
    Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Online Services Sign-in Assistant (HKLM\...\{C89AD07D-CAA0-4BF2-A2E8-A851B71FD698}) (Version: 7.250.4303.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
    Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
    MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Office Depot Office_Depot_PC_Checkup (HKLM\...\officedepot_phc) (Version: 29.0.56.1 - support.com, Inc.)
    Office Depot PC Support Agent (HKLM\...\Office Depot PC Support Agent) (Version: 16.0.62.5 - Support.com, Inc.)
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
    PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.1 - Tracker Software Products Ltd)
    PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
    Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
    QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
    Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    SBC Yahoo! DSL Home Networking Installer (HKLM\...\2Wire SetupWiz) (Version: - )
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
    SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Snapfish Picture Mover (HKLM\...\{029B5901-1F27-4347-9923-E8ACC8F54E15}) (Version: 1.9.0.16 - HP Snapfish)
    SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
    TurboTax 2009 (HKLM\...\TurboTax 2009) (Version: - Intuit, Inc)
    TurboTax 2010 (HKLM\...\TurboTax 2010) (Version: - Intuit, Inc)
    UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
    Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
    Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
    Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{15732B9A-DAF9-4509-8DA1-1D968A80A5B0}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.93\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Stephen\AppData\Local\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{d0a0ed0a-55ac-4469-a197-1d08ce99cfb9}\localserver32 -> No File Path
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

    ==================== Restore Points =========================

    11-09-2014 02:00:27 Windows Update
    20-09-2014 11:29:38 Scheduled Checkpoint
    21-09-2014 08:28:17 Scheduled Checkpoint
    24-09-2014 06:18:31 Windows Update
    25-09-2014 07:57:04 Scheduled Checkpoint
    27-09-2014 13:07:03 Scheduled Checkpoint
    30-09-2014 12:59:54 Scheduled Checkpoint
    01-10-2014 05:55:20 Scheduled Checkpoint
    03-10-2014 18:17:36 Scheduled Checkpoint
    08-10-2014 06:52:02 Scheduled Checkpoint
    09-10-2014 16:58:44 Scheduled Checkpoint
    14-10-2014 05:35:11 Scheduled Checkpoint
    15-10-2014 04:40:02 Windows Update
    20-10-2014 08:12:19 Scheduled Checkpoint
    07-11-2014 07:46:49 Scheduled Checkpoint
    12-11-2014 05:32:56 Windows Update
    17-11-2014 06:26:35 Scheduled Checkpoint
    19-11-2014 05:40:35 Windows Update
    20-11-2014 19:35:27 Scheduled Checkpoint
    23-11-2014 16:21:09 Scheduled Checkpoint
    01-12-2014 19:25:50 Scheduled Checkpoint
    02-12-2014 19:20:59 Scheduled Checkpoint
    07-12-2014 14:34:57 Scheduled Checkpoint
    10-12-2014 05:56:20 Scheduled Checkpoint
    10-12-2014 06:26:27 Windows Update
    13-01-2015 21:58:47 Windows Update
    14-01-2015 15:15:03 Scheduled Checkpoint
    14-01-2015 15:21:10 Uniblue RegistryBooster installation
    14-01-2015 15:23:56 Uniblue RegistryBooster installation

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 04:23 - 2006-09-18 15:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ::1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {2B9014EB-E44E-4E8C-B1A8-B5F1995129BB} - System32\Tasks\SpeedUpMyPC Subscription => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
    Task: {42A5EB18-4963-4E8E-B4E3-4811E6804121} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1318713196-1334084056-162886860-1000UA1cf4a1f24455980 => C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
    Task: {47E5B6A4-AC90-46C1-96FE-EEADF15BC666} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
    Task: {58E8B020-E39F-40DD-BBF5-3683BF4BA412} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1318713196-1334084056-162886860-1000Core => C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
    Task: {5A438485-D107-4925-8C7C-67EEDE80BB99} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    Task: {5F374905-C2BD-4F82-AA05-F98C099538D7} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
    Task: {7E7586EC-4866-47E6-BD55-CE2EFF462530} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
    Task: {7F9F425D-FD80-4DBD-9905-691DE0FD622C} - System32\Tasks\HPCeeScheduleForStephen => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2007-12-17] (Hewlett-Packard)
    Task: {8A1065F0-0293-4ABA-B422-5E50420F2110} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
    Task: {8A893085-DF20-48F9-9DB5-F5E716E152C3} - System32\Tasks\{25CB7D26-B1A2-4EBA-A5BE-F6D17ADEB1EF} => pcalua.exe -a "C:\Program Files\Uniblue\System Tweaker\unins000.exe"
    Task: {8FAD8222-EAAF-4610-ADA2-50C9D776BAB7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {94075FE6-0E34-4453-A2E1-402CB0275593} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
    Task: {9D62CD29-8D86-4A00-B6C3-0A3C553243E5} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
    Task: {A7E106F4-A49C-4C28-A371-CEA378C1BB23} - System32\Tasks\{A67581DA-03C5-48FE-B7E4-EC4D93ADDC1C} => pcalua.exe -a "C:\Users\Stephen\AppData\Local\CyberDefender Internet Security\cdinstx.exe" -c /u
    Task: {C8BFA3CA-9D5B-4FCF-962C-9E815CEC1C71} - System32\Tasks\{A33BF2D2-88D9-4FF7-B950-E0573FC6E017} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {CE00ECF1-0FFC-4DAA-BE88-1F752C0D07B9} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318713196-1334084056-162886860-1000Core.job => C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1318713196-1334084056-162886860-1000UA1cf4a1f24455980.job => C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForStephen.job => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-07-18 13:08 - 2013-07-18 13:08 - 00241152 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
    2013-07-18 13:07 - 2013-07-18 13:07 - 00268288 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
    2013-07-18 13:07 - 2013-07-18 13:07 - 00233984 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
    2012-07-12 17:37 - 2012-07-12 17:37 - 01380864 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\libxmljs\build\Release\libxmljs.node
    2012-06-26 14:40 - 2012-06-26 14:40 - 00068096 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
    2013-08-21 16:33 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
    2014-12-09 13:51 - 2014-12-09 13:51 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:A0409AF5
    AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
    AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Office Depot PC Support Agent => ""="Office Depot PC Support Agent"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Office Depot PC Support Agent => ""="Office Depot PC Support Agent"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    MSCONFIG\startupreg: hpsysdrv => c:\hp\support\hpsysdrv.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: lxdqamon => "C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe"
    MSCONFIG\startupreg: lxdqmon.exe => "C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe"
    MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-1318713196-1334084056-162886860-500 - Administrator - Disabled) => C:\Users\Administrator
    Guest (S-1-5-21-1318713196-1334084056-162886860-501 - Limited - Enabled)
    Stephen (S-1-5-21-1318713196-1334084056-162886860-1000 - Administrator - Enabled) => C:\Users\Stephen

    ==================== Faulty Device Manager Devices =============

    Name: Officejet 4500 G510n-z
    Description: Officejet 4500 G510n-z
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: Hewlett-Packard
    Service: StillCam
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet 4500 G510n-z
    Description: Officejet 4500 G510n-z
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/15/2015 07:20:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14157231

    Error: (01/15/2015 07:20:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 14157231

    Error: (01/15/2015 07:20:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/15/2015 07:20:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14155842

    Error: (01/15/2015 07:20:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 14155842

    Error: (01/15/2015 07:20:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/15/2015 07:20:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14154844

    Error: (01/15/2015 07:20:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 14154844

    Error: (01/15/2015 07:20:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/15/2015 07:20:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14153830


    System errors:
    =============
    Error: (01/15/2015 07:21:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: 30000MBAMScheduler

    Error: (01/15/2015 00:42:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Intuit Update Service%%1053

    Error: (01/15/2015 00:42:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: 30000Intuit Update Service

    Error: (01/15/2015 00:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: HP Health Check Service%%1053

    Error: (01/15/2015 00:41:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: 30000HP Health Check Service

    Error: (01/15/2015 00:40:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (01/15/2015 00:40:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Office Depot PC Support Agent%%1053

    Error: (01/15/2015 00:40:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: 30000Office Depot PC Support Agent

    Error: (01/15/2015 00:39:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Office Depot PC Support Agent1600001Restart the service

    Error: (01/15/2015 00:39:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Lbd
    TfFsMon
    TfSysMon


    Microsoft Office Sessions:
    =========================
    Error: (01/14/2015 04:39:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 252 seconds with 180 seconds of active time. This session ended with a crash.

    Error: (11/11/2014 07:59:45 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9238 seconds with 5220 seconds of active time. This session ended with a crash.

    Error: (02/24/2014 10:41:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 97515 seconds with 26700 seconds of active time. This session ended with a crash.

    Error: (01/15/2014 07:27:45 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 46589 seconds with 5820 seconds of active time. This session ended with a crash.

    Error: (01/10/2014 01:30:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 183 seconds with 120 seconds of active time. This session ended with a crash.

    Error: (11/06/2013 02:59:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4609 seconds with 1320 seconds of active time. This session ended with a crash.

    Error: (08/11/2012 03:57:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.

    Error: (08/11/2012 03:57:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1040 seconds with 720 seconds of active time. This session ended with a crash.


    CodeIntegrity Errors:
    ===================================
    Date: 2015-01-15 19:38:46.612
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:38:45.908
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:38:45.177
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:38:44.443
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:38:43.484
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:38:42.724
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:38:42.002
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:38:41.302
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:37:55.070
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-15 19:37:54.325
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5400+
    Percentage of memory in use: 58%
    Total physical RAM: 2941.77 MB
    Available physical RAM: 1227.43 MB
    Total Pagefile: 5922.07 MB
    Available Pagefile: 3869.34 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1881.84 MB

    ==================== Drives ================================

    Drive c: (COMPAQ) (Fixed) (Total:455.59 GB) (Free:340.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.17 GB) (Free:1.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 1549F232)
    Partition 1: (Active) - (Size=455.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=10.2 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  4. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Thank you for the logs; very informative.


    Download the attached fixlist.txt file and save it to the Desktop.

    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST by right clicking on the FRST.exe file, selecting "Run as Administrator..". The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.

    The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.

    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

  5. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    Alright, here is that log:

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2015 01
    Ran by Stephen at 2015-01-16 07:39:15 Run:1
    Running from C:\Users\Stephen\Desktop\computer fixes
    Loaded Profiles: Stephen (Available profiles: Stephen & Administrator)
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\...\MountPoints2: E - E:\setup.exe
    SearchScopes: HKLM -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
    SearchScopes: HKU\.DEFAULT -> DefaultScope {1A6F7013-B594-4E76-B64A-9926DF8F0A52} URL =
    SearchScopes: HKU\.DEFAULT -> {1A6F7013-B594-4E76-B64A-9926DF8F0A52} URL =
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {1A6F7013-B594-4E76-B64A-9926DF8F0A52} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {C12723A8-735D-4B0E-B040-8C645D6F6BF4} URL = http://www.flickr.com/search/?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> {E4C80174-5830-4D7D-B130-8830E06CF153} URL = http://delicious.com/search?p={searchTerms}
    Toolbar: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
    Toolbar: HKU\S-1-5-21-1318713196-1334084056-162886860-1000 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
    FF DefaultSearchEngine: Secure Search
    FF SearchEngineOrder.1: Secure Search
    FF SelectedSearchEngine: Secure Search
    FF Plugin: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
    FF user.js: detected! => C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\ user.js
    C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\ user.js
    FF HKLM\...\Firefox\Extensions: [{3633D24B-CCF3-478A-9534-3DB5885D27DD}] - C:\Users\Stephen\AppData\Local\{3633D24B-CCF3-478A-9534-3DB5885D27DD}
    FF Extension: XULRunner - C:\Users\Stephen\AppData\Local\{3633D24B-CCF3-478A-9534-3DB5885D27DD} [2010-01-16]
    CHR HKLM\...\Chrome\Extension: [ajhcekcffkpnaednoeoegnmnjdlnjjmg] - C:\ProgramData\Bcool\ajhcekcffkpnaednoeoegnmnjdlnjjmg.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
    S2 XAudioService; %SystemRoot%\system32\DRIVERS\xaudio.exe [X]
    S4 cvzczyry; No ImagePath
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S0 Lbd; system32\DRIVERS\Lbd.sys [X]
    S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
    S4 nhruz; No ImagePath
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
    S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
    S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
    U2 WZCSVC; No ImagePath
    S2 XAudio; system32\DRIVERS\xaudio.sys [X]
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{15732B9A-DAF9-4509-8DA1-1D968A80A5B0}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.93\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{d0a0ed0a-55ac-4469-a197-1d08ce99cfb9}\localserver32 -> No File Path
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Stephen\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
    Task: {2B9014EB-E44E-4E8C-B1A8-B5F1995129BB} - System32\Tasks\SpeedUpMyPC Subscription => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
    Task: {5A438485-D107-4925-8C7C-67EEDE80BB99} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    Task: {5F374905-C2BD-4F82-AA05-F98C099538D7} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
    Task: {8A893085-DF20-48F9-9DB5-F5E716E152C3} - System32\Tasks\{25CB7D26-B1A2-4EBA-A5BE-F6D17ADEB1EF} => pcalua.exe -a "C:\Program Files\Uniblue\System Tweaker\unins000.exe"
    Task: {94075FE6-0E34-4453-A2E1-402CB0275593} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
    Task: {9D62CD29-8D86-4A00-B6C3-0A3C553243E5} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
    Task: {A7E106F4-A49C-4C28-A371-CEA378C1BB23} - System32\Tasks\{A67581DA-03C5-48FE-B7E4-EC4D93ADDC1C} => pcalua.exe -a "C:\Users\Stephen\AppData\Local\CyberDefender Internet Security\cdinstx.exe" -c /u
    Task: {C8BFA3CA-9D5B-4FCF-962C-9E815CEC1C71} - System32\Tasks\{A33BF2D2-88D9-4FF7-B950-E0573FC6E017} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {CE00ECF1-0FFC-4DAA-BE88-1F752C0D07B9} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
    C:\Program Files\Uniblue\SpeedUpMyPC
    C:\Program Files\Lavasoft\Ad-Aware
    C:\Program Files\Uniblue\System Tweaker
    C:\Program Files\PC-Doctor 5 for Windows
    C:\Users\Stephen\AppData\Local\CyberDefender Internet Security
    AlternateDataStreams: C:\ProgramData\TEMP:A0409AF5
    AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
    AlternateDataStreams: C:\ProgramData\TEMP:FC5A2B2
    Reboot:
    end

    *****************

    Restore point was successfully created.
    Processes closed successfully.
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDesktopCleanupWizard => value deleted successfully.
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}" => Key deleted successfully.
    HKCR\CLSID\{1A6F7013-B594-4E76-B64A-9926DF8F0A52} => Key not found.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}" => Key deleted successfully.
    HKCR\CLSID\{1A6F7013-B594-4E76-B64A-9926DF8F0A52} => Key not found.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C12723A8-735D-4B0E-B040-8C645D6F6BF4}" => Key deleted successfully.
    HKCR\CLSID\{C12723A8-735D-4B0E-B040-8C645D6F6BF4} => Key not found.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E4C80174-5830-4D7D-B130-8830E06CF153}" => Key deleted successfully.
    HKCR\CLSID\{E4C80174-5830-4D7D-B130-8830E06CF153} => Key not found.
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => value deleted successfully.
    HKCR\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Key not found.
    HKU\S-1-5-21-1318713196-1334084056-162886860-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} => value deleted successfully.
    HKCR\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => Key not found.
    Firefox DefaultSearchEngine deleted successfully.
    Firefox SearchEngineOrder.1 deleted successfully.
    Firefox SelectedSearchEngine deleted successfully.
    "HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1" => Key deleted successfully.
    C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\ user.js => not found.
    "C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\ user.js" => File/Directory not found.
    HKLM\Software\Mozilla\Firefox\Extensions\\{3633D24B-CCF3-478A-9534-3DB5885D27DD} => value deleted successfully.
    C:\Users\Stephen\AppData\Local\{3633D24B-CCF3-478A-9534-3DB5885D27DD} => Moved successfully.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg" => Key deleted successfully.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh" => Key deleted successfully.
    XAudioService => Service deleted successfully.
    cvzczyry => Service deleted successfully.
    IpInIp => Service deleted successfully.
    Lbd => Service deleted successfully.
    mdmxsdk => Unable to stop service
    mdmxsdk => Service deleted successfully.
    MREMPR5 => Service deleted successfully.
    MRENDIS5 => Service deleted successfully.
    nhruz => Service deleted successfully.
    NwlnkFlt => Service deleted successfully.
    NwlnkFwd => Service deleted successfully.
    TfFsMon => Service deleted successfully.
    TfNetMon => Service deleted successfully.
    TfSysMon => Service deleted successfully.
    WZCSVC => Service deleted successfully.
    XAudio => Service stopped successfully.
    XAudio => Service deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{15732B9A-DAF9-4509-8DA1-1D968A80A5B0}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{d0a0ed0a-55ac-4469-a197-1d08ce99cfb9}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => Key deleted successfully.
    "HKU\S-1-5-21-1318713196-1334084056-162886860-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2B9014EB-E44E-4E8C-B1A8-B5F1995129BB}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B9014EB-E44E-4E8C-B1A8-B5F1995129BB}" => Key deleted successfully.
    C:\Windows\System32\Tasks\SpeedUpMyPC Subscription => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedUpMyPC Subscription" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A438485-D107-4925-8C7C-67EEDE80BB99}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A438485-D107-4925-8C7C-67EEDE80BB99}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F374905-C2BD-4F82-AA05-F98C099538D7}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F374905-C2BD-4F82-AA05-F98C099538D7}" => Key deleted successfully.
    C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedUpMyPC Maintenance" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A893085-DF20-48F9-9DB5-F5E716E152C3}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A893085-DF20-48F9-9DB5-F5E716E152C3}" => Key deleted successfully.
    C:\Windows\System32\Tasks\{25CB7D26-B1A2-4EBA-A5BE-F6D17ADEB1EF} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{25CB7D26-B1A2-4EBA-A5BE-F6D17ADEB1EF}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{94075FE6-0E34-4453-A2E1-402CB0275593}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94075FE6-0E34-4453-A2E1-402CB0275593}" => Key deleted successfully.
    C:\Windows\System32\Tasks\SpeedUpMyPC Startup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedUpMyPC Startup" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D62CD29-8D86-4A00-B6C3-0A3C553243E5}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D62CD29-8D86-4A00-B6C3-0A3C553243E5}" => Key deleted successfully.
    C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7E106F4-A49C-4C28-A371-CEA378C1BB23}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7E106F4-A49C-4C28-A371-CEA378C1BB23}" => Key deleted successfully.
    C:\Windows\System32\Tasks\{A67581DA-03C5-48FE-B7E4-EC4D93ADDC1C} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A67581DA-03C5-48FE-B7E4-EC4D93ADDC1C}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8BFA3CA-9D5B-4FCF-962C-9E815CEC1C71}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8BFA3CA-9D5B-4FCF-962C-9E815CEC1C71}" => Key deleted successfully.
    C:\Windows\System32\Tasks\{A33BF2D2-88D9-4FF7-B950-E0573FC6E017} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A33BF2D2-88D9-4FF7-B950-E0573FC6E017}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE00ECF1-0FFC-4DAA-BE88-1F752C0D07B9}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE00ECF1-0FFC-4DAA-BE88-1F752C0D07B9}" => Key deleted successfully.
    C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance Swap" => Key deleted successfully.
    "C:\Program Files\Uniblue\SpeedUpMyPC" => File/Directory not found.
    "C:\Program Files\Lavasoft\Ad-Aware" => File/Directory not found.
    "C:\Program Files\Uniblue\System Tweaker" => File/Directory not found.
    C:\Program Files\PC-Doctor 5 for Windows => Moved successfully.
    "C:\Users\Stephen\AppData\Local\CyberDefender Internet Security" => File/Directory not found.
    C:\ProgramData\TEMP => ":A0409AF5" ADS removed successfully.
    C:\ProgramData\TEMP => ":A8ADE5D8" ADS removed successfully.
    "C:\ProgramData\TEMP" => ":FC5A2B2" ADS not found.


    The system needed a reboot.

    ==== End of Fixlog 07:40:48 ====
     
  6. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    First, how is your system running now?
    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    Second, please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):

    Internet Explorer Toolbar 4.9 by SweetPacks

    To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window.

    Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.

    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    AdwCleaner by Xplode

    Download AdwCleaner from here or from here. Save the file to the desktop.


    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

    Close all open windows and browsers.
    1. XP users: Double click the AdwCleaner icon to start the program.
    2. Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:

      [​IMG]
    3. Click the Scan button and wait for the scan to finish.
    4. After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
    5. Click the Report button to get the log.
    6. Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
    7. Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.

    Optional:

    NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
     
  7. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    The computer still lags and freezes. I should have mentioned I've gotten the blue screen of death a few times as well these past few days.

    I tried to delete Internet Explorer Toolbar 4.9 by SweetPacks but I get an error message reading:

    The feature you are trying to use is on a network resource that is unavailable. Click OK to try again, or enter an alternate path to a folder containing the installation package 'SweetIESetup.msi' in the box below.

    There is a "use source" label with a field below it, and a related browse option. I don't know how to locate where "Sweet's" package is hiding on my computer, though.

    I downloaded AdwCleaner, and here is the log:

    # AdwCleaner v4.107 - Report created 16/01/2015 at 17:32:46
    # Updated 07/01/2015 by Xplode
    # Database : 2015-01-13.2 [Live]
    # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Username : Stephen - STEPHEN-PC
    # Running from : C:\Users\Stephen\Desktop\computer fixes\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : YahooAUService

    ***** [ Files / Folders ] *****

    File Found : C:\Users\Stephen\AppData\LocalLow\SkwConfig.bin
    File Found : C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\user.js
    Folder Found : C:\Program Files\BabylonToolbar
    Folder Found : C:\Program Files\ParetoLogic
    Folder Found : C:\Program Files\Uniblue
    Folder Found : C:\ProgramData\FileCure
    Folder Found : C:\ProgramData\Premium
    Folder Found : C:\ProgramData\Yahoo! Companion
    Folder Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
    Folder Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
    Folder Found : C:\Users\Stephen\AppData\LocalLow\HPAppData
    Folder Found : C:\Users\Stephen\AppData\LocalLow\Yahoo! Companion
    Folder Found : C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    Folder Found : C:\Users\Stephen\AppData\Roaming\Uniblue

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\IM
    Key Found : HKCU\Software\ImInstaller
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{20E7BC40-33F6-4A81-9D52-B58349326206}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\ParetoLogic
    Key Found : HKCU\Software\Uniblue
    Key Found : HKCU\Software\WNLT
    Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
    Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
    Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
    Key Found : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
    Key Found : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
    Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
    Key Found : HKLM\SOFTWARE\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Found : HKLM\SOFTWARE\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\speedupmypc
    Key Found : HKLM\SOFTWARE\LookSafe
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E7F552EF334C802D75A55F0F6344722
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
    Key Found : HKLM\SOFTWARE\ParetoLogic
    Key Found : HKLM\SOFTWARE\Uniblue
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16599


    -\\ Mozilla Firefox v34.0.5 (x86 en-US)


    -\\ Google Chrome v

    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : ajhcekcffkpnaednoeoegnmnjdlnjjmg
    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : bopakagnckmlgajfccecajhnimjiiedh

    *************************

    AdwCleaner[R0].txt - [326 octets] - [16/01/2015 17:12:18]
    AdwCleaner[R1].txt - [10064 octets] - [16/01/2015 17:20:58]
    AdwCleaner[R2].txt - [9985 octets] - [16/01/2015 17:32:46]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [10045 octets] ##########
     
  8. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Don't worry about the uninstall; AdwCleaner should take care of the toolbar if it is still there.

    Re-run AdwCleaner

    Close all open windows and browsers.
    1. Double click the AdwCleaner icon to run AdwCleaner. (Vista and 7 users) Right click the AdwCleaner icon, click Run as administrator and accept the UAC prompt to run AdwCleaner.[/*]
    2. Click the Scan button and wait for the scan to complete.
    3. When the Scan has finished the Scan button will be grayed out and the Clean button will be activated.
    4. Click the Clean button.
    5. Everything checked will be deleted.
    6. When the program has finished cleaning a report appears.
    7. Once done it will ask to reboot, allow this

      [​IMG]
    8. On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    After the AdwCleaner cleaning, let's check your file system please.

    Please go to Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

    sfc /scannow

    (Notice the SPACE after sfc and before the /.) This will check your critical system files.

    Does this finish without complaint? IF it says it couldn't fix everything then:

    Copy the next two lines:

    findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
    notepad \windows\logs\cbs\junk.txt

    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply. Close Notepad. Close the Command Window.
     
  9. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    Alright, here's the AdwCleaner log:

    # AdwCleaner v4.107 - Report created 17/01/2015 at 08:29:43
    # Updated 07/01/2015 by Xplode
    # Database : 2015-01-13.2 [Live]
    # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Username : Stephen - STEPHEN-PC
    # Running from : C:\Users\Stephen\Desktop\computer fixes\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : YahooAUService

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\FileCure
    Folder Deleted : C:\ProgramData\Premium
    Folder Deleted : C:\ProgramData\Yahoo! Companion
    Folder Deleted : C:\Program Files\BabylonToolbar
    Folder Deleted : C:\Program Files\ParetoLogic
    Folder Deleted : C:\Program Files\Uniblue
    Folder Deleted : C:\Users\Stephen\AppData\LocalLow\HPAppData
    Folder Deleted : C:\Users\Stephen\AppData\LocalLow\Yahoo! Companion
    Folder Deleted : C:\Users\Stephen\AppData\Roaming\Uniblue
    Folder Deleted : C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    Folder Deleted : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
    Folder Deleted : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
    File Deleted : C:\Users\Stephen\AppData\LocalLow\SkwConfig.bin
    File Deleted : C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\d8p0tfye.default\user.js

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
    Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
    Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
    Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1A6F7013-B594-4E76-B64A-9926DF8F0A52}
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\ParetoLogic
    Key Deleted : HKCU\Software\Uniblue
    Key Deleted : HKCU\Software\WNLT
    Key Deleted : HKLM\SOFTWARE\ParetoLogic
    Key Deleted : HKLM\SOFTWARE\Uniblue
    Key Deleted : HKLM\SOFTWARE\LookSafe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{20E7BC40-33F6-4A81-9D52-B58349326206}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E7F552EF334C802D75A55F0F6344722
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16599


    -\\ Mozilla Firefox v35.0 (x86 en-US)


    -\\ Google Chrome v

    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ajhcekcffkpnaednoeoegnmnjdlnjjmg
    [C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh

    *************************

    AdwCleaner[R0].txt - [326 octets] - [16/01/2015 17:12:18]
    AdwCleaner[R1].txt - [10064 octets] - [16/01/2015 17:20:58]
    AdwCleaner[R2].txt - [10126 octets] - [16/01/2015 17:32:46]
    AdwCleaner[R3].txt - [10186 octets] - [17/01/2015 08:27:25]
    AdwCleaner[S0].txt - [10310 octets] - [17/01/2015 08:29:43]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10371 octets] ##########



    Command Prompt found corrupt files but was unable to fix some of them. I entered the command and it generated this log on Notepad:


    2015-01-17 08:43:10, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:10, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:17, Info CSI 00000009 [SR] Verify complete
    2015-01-17 08:43:18, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:18, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:29, Info CSI 0000000d [SR] Verify complete
    2015-01-17 08:43:30, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:30, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:32, Info CSI 00000011 [SR] Verify complete
    2015-01-17 08:43:33, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:33, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:34, Info CSI 00000015 [SR] Verify complete
    2015-01-17 08:43:35, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:35, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:36, Info CSI 00000019 [SR] Verify complete
    2015-01-17 08:43:37, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:37, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:39, Info CSI 0000001d [SR] Verify complete
    2015-01-17 08:43:40, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:40, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:41, Info CSI 00000021 [SR] Verify complete
    2015-01-17 08:43:42, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:42, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:43, Info CSI 00000025 [SR] Verify complete
    2015-01-17 08:43:44, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:44, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:45, Info CSI 00000029 [SR] Verify complete
    2015-01-17 08:43:46, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:46, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:47, Info CSI 0000002d [SR] Verify complete
    2015-01-17 08:43:49, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:49, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:50, Info CSI 00000031 [SR] Verify complete
    2015-01-17 08:43:51, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:51, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:52, Info CSI 00000035 [SR] Verify complete
    2015-01-17 08:43:53, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:53, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:54, Info CSI 00000039 [SR] Verify complete
    2015-01-17 08:43:55, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:43:55, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:43:58, Info CSI 0000003d [SR] Verify complete
    2015-01-17 08:44:01, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:01, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:03, Info CSI 00000041 [SR] Verify complete
    2015-01-17 08:44:05, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:05, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:08, Info CSI 00000045 [SR] Verify complete
    2015-01-17 08:44:10, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:10, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:11, Info CSI 00000049 [SR] Verify complete
    2015-01-17 08:44:12, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:12, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:14, Info CSI 0000004d [SR] Verify complete
    2015-01-17 08:44:16, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:16, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:19, Info CSI 00000051 [SR] Verify complete
    2015-01-17 08:44:21, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:21, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:23, Info CSI 00000055 [SR] Verify complete
    2015-01-17 08:44:25, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:25, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:26, Info CSI 00000059 [SR] Verify complete
    2015-01-17 08:44:27, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:27, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:28, Info CSI 0000005d [SR] Verify complete
    2015-01-17 08:44:29, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:29, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:33, Info CSI 00000061 [SR] Verify complete
    2015-01-17 08:44:35, Info CSI 00000062 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:35, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:38, Info CSI 00000065 [SR] Verify complete
    2015-01-17 08:44:40, Info CSI 00000066 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:40, Info CSI 00000067 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:44, Info CSI 00000069 [SR] Verify complete
    2015-01-17 08:44:46, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:46, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:48, Info CSI 0000006d [SR] Verify complete
    2015-01-17 08:44:49, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:49, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:51, Info CSI 00000071 [SR] Verify complete
    2015-01-17 08:44:51, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:51, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:53, Info CSI 00000075 [SR] Verify complete
    2015-01-17 08:44:54, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:54, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:55, Info CSI 00000079 [SR] Verify complete
    2015-01-17 08:44:56, Info CSI 0000007a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:56, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:44:58, Info CSI 0000007d [SR] Verify complete
    2015-01-17 08:44:59, Info CSI 0000007e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:44:59, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:01, Info CSI 00000081 [SR] Verify complete
    2015-01-17 08:45:02, Info CSI 00000082 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:02, Info CSI 00000083 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:03, Info CSI 00000085 [SR] Verify complete
    2015-01-17 08:45:04, Info CSI 00000086 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:04, Info CSI 00000087 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:07, Info CSI 00000089 [SR] Verify complete
    2015-01-17 08:45:08, Info CSI 0000008a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:08, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:09, Info CSI 0000008d [SR] Verify complete
    2015-01-17 08:45:10, Info CSI 0000008e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:10, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:11, Info CSI 00000091 [SR] Verify complete
    2015-01-17 08:45:12, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:12, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:15, Info CSI 00000095 [SR] Verify complete
    2015-01-17 08:45:16, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:16, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:17, Info CSI 00000099 [SR] Verify complete
    2015-01-17 08:45:18, Info CSI 0000009a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:18, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:19, Info CSI 0000009d [SR] Verify complete
    2015-01-17 08:45:20, Info CSI 0000009e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:20, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:23, Info CSI 000000a1 [SR] Verify complete
    2015-01-17 08:45:24, Info CSI 000000a2 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:24, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:25, Info CSI 000000a5 [SR] Verify complete
    2015-01-17 08:45:27, Info CSI 000000a6 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:27, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:28, Info CSI 000000a9 [SR] Verify complete
    2015-01-17 08:45:29, Info CSI 000000aa [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:29, Info CSI 000000ab [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:31, Info CSI 000000ad [SR] Verify complete
    2015-01-17 08:45:32, Info CSI 000000ae [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:32, Info CSI 000000af [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:33, Info CSI 000000b1 [SR] Verify complete
    2015-01-17 08:45:34, Info CSI 000000b2 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:34, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:38, Info CSI 000000b5 [SR] Verify complete
    2015-01-17 08:45:40, Info CSI 000000b6 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:40, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:45:47, Info CSI 000000b9 [SR] Verify complete
    2015-01-17 08:45:49, Info CSI 000000ba [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:45:49, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
    2015-01-17 08:46:00, Info CSI 000000bd [SR] Verify complete
    2015-01-17 08:46:01, Info CSI 000000be [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:46:01, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
    2015-01-17 08:46:14, Info CSI 000000c2 [SR] Verify complete
    2015-01-17 08:46:15, Info CSI 000000c3 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:46:15, Info CSI 000000c4 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:46:23, Info CSI 000000c7 [SR] Verify complete
    2015-01-17 08:46:24, Info CSI 000000c8 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:46:24, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:46:33, Info CSI 000000cb [SR] Verify complete
    2015-01-17 08:46:34, Info CSI 000000cc [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:46:34, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
    2015-01-17 08:46:46, Info CSI 000000d5 [SR] Verify complete
    2015-01-17 08:46:47, Info CSI 000000d6 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:46:47, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:47:01, Info CSI 000000db [SR] Verify complete
    2015-01-17 08:47:03, Info CSI 000000dc [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:47:03, Info CSI 000000dd [SR] Beginning Verify and Repair transaction
    2015-01-17 08:47:29, Info CSI 000000df [SR] Verify complete
    2015-01-17 08:47:31, Info CSI 000000e0 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:47:31, Info CSI 000000e1 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:47:49, Info CSI 000000e3 [SR] Verify complete
    2015-01-17 08:47:50, Info CSI 000000e4 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:47:50, Info CSI 000000e5 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:48:02, Info CSI 000000e7 [SR] Verify complete
    2015-01-17 08:48:04, Info CSI 000000e8 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:48:04, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:48:38, Info CSI 000000eb [SR] Verify complete
    2015-01-17 08:48:40, Info CSI 000000ec [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:48:40, Info CSI 000000ed [SR] Beginning Verify and Repair transaction
    2015-01-17 08:48:59, Info CSI 000000f1 [SR] Verify complete
    2015-01-17 08:49:00, Info CSI 000000f2 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:49:00, Info CSI 000000f3 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:49:31, Info CSI 000000f5 [SR] Verify complete
    2015-01-17 08:49:31, Info CSI 000000f6 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:49:31, Info CSI 000000f7 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:49:55, Info CSI 000000f9 [SR] Verify complete
    2015-01-17 08:49:57, Info CSI 000000fa [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:49:57, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
    2015-01-17 08:50:08, Info CSI 000000fd [SR] Verify complete
    2015-01-17 08:50:09, Info CSI 000000fe [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:50:09, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
    2015-01-17 08:50:12, Info CSI 00000101 [SR] Verify complete
    2015-01-17 08:50:13, Info CSI 00000102 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:50:13, Info CSI 00000103 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:50:16, Info CSI 00000105 [SR] Verify complete
    2015-01-17 08:50:18, Info CSI 00000106 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:50:18, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:50:40, Info CSI 00000125 [SR] Verify complete
    2015-01-17 08:50:41, Info CSI 00000126 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:50:41, Info CSI 00000127 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:50:48, Info CSI 00000129 [SR] Verify complete
    2015-01-17 08:50:49, Info CSI 0000012a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:50:49, Info CSI 0000012b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:50:54, Info CSI 0000012d [SR] Verify complete
    2015-01-17 08:50:56, Info CSI 0000012e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:50:56, Info CSI 0000012f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:51:01, Info CSI 00000131 [SR] Verify complete
    2015-01-17 08:51:02, Info CSI 00000132 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:51:02, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:51:13, Info CSI 00000135 [SR] Verify complete
    2015-01-17 08:51:15, Info CSI 00000136 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:51:15, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:51:33, Info CSI 0000013a [SR] Verify complete
    2015-01-17 08:51:34, Info CSI 0000013b [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:51:34, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
    2015-01-17 08:51:42, Info CSI 0000013e [SR] Verify complete
    2015-01-17 08:51:43, Info CSI 0000013f [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:51:43, Info CSI 00000140 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:51:55, Info CSI 00000142 [SR] Verify complete
    2015-01-17 08:51:57, Info CSI 00000143 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:51:57, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:52:08, Info CSI 00000146 [SR] Verify complete
    2015-01-17 08:52:09, Info CSI 00000147 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:52:09, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:52:25, Info CSI 0000014a [SR] Verify complete
    2015-01-17 08:52:26, Info CSI 0000014b [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:52:26, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
    2015-01-17 08:52:42, Info CSI 0000014e [SR] Verify complete
    2015-01-17 08:52:44, Info CSI 0000014f [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:52:44, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:53:05, Info CSI 00000175 [SR] Verify complete
    2015-01-17 08:53:06, Info CSI 00000176 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:53:06, Info CSI 00000177 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:53:23, Info CSI 00000179 [SR] Verify complete
    2015-01-17 08:53:24, Info CSI 0000017a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:53:24, Info CSI 0000017b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:54:07, Info CSI 0000017d [SR] Verify complete
    2015-01-17 08:54:08, Info CSI 0000017e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:54:08, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:54:31, Info CSI 00000181 [SR] Verify complete
    2015-01-17 08:54:32, Info CSI 00000182 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:54:32, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:54:48, Info CSI 00000185 [SR] Verify complete
    2015-01-17 08:54:49, Info CSI 00000186 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:54:49, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:55:03, Info CSI 00000189 [SR] Verify complete
    2015-01-17 08:55:07, Info CSI 0000018a [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:55:07, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
    2015-01-17 08:55:18, Info CSI 0000018d [SR] Verify complete
    2015-01-17 08:55:19, Info CSI 0000018e [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:55:19, Info CSI 0000018f [SR] Beginning Verify and Repair transaction
    2015-01-17 08:55:30, Info CSI 00000192 [SR] Verify complete
    2015-01-17 08:55:32, Info CSI 00000193 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:55:32, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:56:01, Info CSI 00000196 [SR] Verify complete
    2015-01-17 08:56:02, Info CSI 00000197 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:56:02, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:56:20, Info CSI 0000019a [SR] Verify complete
    2015-01-17 08:56:22, Info CSI 0000019b [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:56:22, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
    2015-01-17 08:56:36, Info CSI 0000019e [SR] Verify complete
    2015-01-17 08:56:38, Info CSI 0000019f [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:56:38, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:56:44, Info CSI 000001a2 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-01-17 08:56:49, Info CSI 000001a4 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-01-17 08:56:49, Info CSI 000001a5 [SR] This component was referenced by [l:158{79}]"Package_16_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-49_neutral_GDR"
    2015-01-17 08:56:54, Info CSI 000001a7 [SR] Verify complete
    2015-01-17 08:56:55, Info CSI 000001a8 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:56:55, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:57:06, Info CSI 000001ab [SR] Verify complete
    2015-01-17 08:57:06, Info CSI 000001ac [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:57:06, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
    2015-01-17 08:57:21, Info CSI 000001af [SR] Verify complete
    2015-01-17 08:57:22, Info CSI 000001b0 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:57:22, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:57:54, Info CSI 000001b4 [SR] Verify complete
    2015-01-17 08:57:56, Info CSI 000001b5 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:57:56, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:58:04, Info CSI 000001b8 [SR] Verify complete
    2015-01-17 08:58:05, Info CSI 000001b9 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:58:05, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
    2015-01-17 08:58:13, Info CSI 000001bc [SR] Verify complete
    2015-01-17 08:58:13, Info CSI 000001bd [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:58:13, Info CSI 000001be [SR] Beginning Verify and Repair transaction
    2015-01-17 08:58:26, Info CSI 000001c0 [SR] Verify complete
    2015-01-17 08:58:27, Info CSI 000001c1 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:58:27, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:58:36, Info CSI 000001c3 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
    2015-01-17 08:58:36, Info CSI 000001c4 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
    2015-01-17 08:58:42, Info CSI 000001c9 [SR] Verify complete
    2015-01-17 08:58:43, Info CSI 000001ca [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:58:43, Info CSI 000001cb [SR] Beginning Verify and Repair transaction
    2015-01-17 08:58:55, Info CSI 000001cd [SR] Verify complete
    2015-01-17 08:58:56, Info CSI 000001ce [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:58:56, Info CSI 000001cf [SR] Beginning Verify and Repair transaction
    2015-01-17 08:59:08, Info CSI 000001d1 [SR] Verify complete
    2015-01-17 08:59:09, Info CSI 000001d2 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:59:09, Info CSI 000001d3 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:59:14, Info CSI 000001d5 [SR] Verify complete
    2015-01-17 08:59:15, Info CSI 000001d6 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:59:15, Info CSI 000001d7 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:59:21, Info CSI 000001d9 [SR] Verify complete
    2015-01-17 08:59:21, Info CSI 000001da [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:59:21, Info CSI 000001db [SR] Beginning Verify and Repair transaction
    2015-01-17 08:59:30, Info CSI 000001dd [SR] Verify complete
    2015-01-17 08:59:31, Info CSI 000001de [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:59:31, Info CSI 000001df [SR] Beginning Verify and Repair transaction
    2015-01-17 08:59:42, Info CSI 000001e1 [SR] Verify complete
    2015-01-17 08:59:43, Info CSI 000001e2 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:59:43, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
    2015-01-17 08:59:50, Info CSI 000001e5 [SR] Verify complete
    2015-01-17 08:59:50, Info CSI 000001e6 [SR] Verifying 100 (0x00000064) components
    2015-01-17 08:59:50, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
    2015-01-17 09:00:12, Info CSI 000001e9 [SR] Verify complete
    2015-01-17 09:00:13, Info CSI 000001ea [SR] Verifying 100 (0x00000064) components
    2015-01-17 09:00:13, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
    2015-01-17 09:00:18, Info CSI 000001ed [SR] Verify complete
    2015-01-17 09:00:19, Info CSI 000001ee [SR] Verifying 100 (0x00000064) components
    2015-01-17 09:00:19, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
    2015-01-17 09:00:28, Info CSI 000001f1 [SR] Verify complete
    2015-01-17 09:00:29, Info CSI 000001f2 [SR] Verifying 87 (0x00000057) components
    2015-01-17 09:00:29, Info CSI 000001f3 [SR] Beginning Verify and Repair transaction
    2015-01-17 09:00:40, Info CSI 000001fe [SR] Verify complete
    2015-01-17 09:00:40, Info CSI 000001ff [SR] Repairing 2 components
    2015-01-17 09:00:40, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
    2015-01-17 09:00:40, Info CSI 00000202 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-01-17 09:00:40, Info CSI 00000203 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
    2015-01-17 09:00:40, Info CSI 00000204 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
    2015-01-17 09:00:40, Info CSI 00000206 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
    2015-01-17 09:00:40, Info CSI 00000207 [SR] This component was referenced by [l:158{79}]"Package_16_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-49_neutral_GDR"
    2015-01-17 09:00:40, Info CSI 00000209 [SR] Repair complete
    2015-01-17 09:00:40, Info CSI 0000020a [SR] Committing transaction
    2015-01-17 09:00:41, Info CSI 0000020e [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
     
  10. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Yes, that is what I suspected; the WMI store is / was corrupt. Let's get that taken care of before moving on ....

    Please download Repair WMI v2 to your desktop from here.
    Double click on the file to begin the self-extraction and running of the utility.
    Click on Start in the Repair WMI v2 program and it will start working to rebuild / repair the WMI stores on your system.

    When the repair is finished, please restart your system to ensure everything loads properly.

    When finished, there will be two log files in the folder Tweaking.com-Repair WMI \ logs that is now on your desktop. Please either copy and paste them in a reply here or attach them to a reply here.

    Also, are you still getting the lags and hangs now?
     
  11. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    Alright, here is the first log:


    Microsoft Windows [Version 6.0.6002]
    Copyright (c) 2006 Microsoft Corporation. All rights reserved.

    C:\Users\Stephen\Desktop>CD /D C:\

    C:\>chkdsk C:
    The type of the file system is NTFS.
    Volume label is COMPAQ.

    WARNING! F parameter not specified.
    Running CHKDSK in read-only mode.

    CHKDSK is verifying files (stage 1 of 3)...
    0 percent complete. (0 of 298496 file records processed)
    0 percent complete. (10 of 298496 file records processed)
    0 percent complete. (3841 of 298496 file records processed)
    0 percent complete. (7553 of 298496 file records processed)
    0 percent complete. (16952 of 298496 file records processed)
    0 percent complete. (24833 of 298496 file records processed)
    0 percent complete. (28417 of 298496 file records processed)
    1 percent complete. (29850 of 298496 file records processed)
    1 percent complete. (34935 of 298496 file records processed)
    1 percent complete. (44673 of 298496 file records processed)
    1 percent complete. (50433 of 298496 file records processed)
    1 percent complete. (52481 of 298496 file records processed)
    1 percent complete. (54529 of 298496 file records processed)
    2 percent complete. (59700 of 298496 file records processed)
    2 percent complete. (76420 of 298496 file records processed)
    3 percent complete. (89549 of 298496 file records processed)
    4 percent complete. (119399 of 298496 file records processed)
    4 percent complete. (130177 of 298496 file records processed)
    4 percent complete. (134657 of 298496 file records processed)
    4 percent complete. (141441 of 298496 file records processed)
    5 percent complete. (149248 of 298496 file records processed)
    5 percent complete. (155009 of 298496 file records processed)
    5 percent complete. (157953 of 298496 file records processed)
    5 percent complete. (170397 of 298496 file records processed)
    5 percent complete. (173441 of 298496 file records processed)
    5 percent complete. (176385 of 298496 file records processed)
    5 percent complete. (178945 of 298496 file records processed)
    6 percent complete. (179098 of 298496 file records processed)
    6 percent complete. (182913 of 298496 file records processed)
    6 percent complete. (196993 of 298496 file records processed)
    6 percent complete. (200603 of 298496 file records processed)
    6 percent complete. (202113 of 298496 file records processed)
    6 percent complete. (203905 of 298496 file records processed)
    6 percent complete. (205494 of 298496 file records processed)
    7 percent complete. (208948 of 298496 file records processed)
    7 percent complete. (213875 of 298496 file records processed)
    7 percent complete. (220289 of 298496 file records processed)
    8 percent complete. (238797 of 298496 file records processed)
    8 percent complete. (246622 of 298496 file records processed)
    9 percent complete. (268647 of 298496 file records processed)
    9 percent complete. (281089 of 298496 file records processed)
    9 percent complete. (283265 of 298496 file records processed)
    9 percent complete. (285057 of 298496 file records processed)
    9 percent complete. (293121 of 298496 file records processed)
    298496 file records processed.

    File verification completed.
    1209 large file records processed.

    0 bad file records processed.

    0 EA records processed.

    76 reparse records processed.

    CHKDSK is verifying indexes (stage 2 of 3)...
    10 percent complete. (1794 of 382018 index entries processed)
    10 percent complete. (3330 of 382018 index entries processed)
    10 percent complete. (4354 of 382018 index entries processed)
    10 percent complete. (6146 of 382018 index entries processed)
    10 percent complete. (7938 of 382018 index entries processed)
    10 percent complete. (14594 of 382018 index entries processed)
    10 percent complete. (21941 of 382018 index entries processed)
    10 percent complete. (27650 of 382018 index entries processed)
    11 percent complete. (31668 of 382018 index entries processed)
    11 percent complete. (43784 of 382018 index entries processed)
    11 percent complete. (47821 of 382018 index entries processed)
    11 percent complete. (51276 of 382018 index entries processed)
    11 percent complete. (53506 of 382018 index entries processed)
    12 percent complete. (63764 of 382018 index entries processed)
    12 percent complete. (78996 of 382018 index entries processed)
    13 percent complete. (95860 of 382018 index entries processed)
    13 percent complete. (122264 of 382018 index entries processed)
    14 percent complete. (127955 of 382018 index entries processed)
    14 percent complete. (130818 of 382018 index entries processed)
    14 percent complete. (133634 of 382018 index entries processed)
    14 percent complete. (137346 of 382018 index entries processed)
    14 percent complete. (151298 of 382018 index entries processed)
    14 percent complete. (159490 of 382018 index entries processed)
    15 percent complete. (160051 of 382018 index entries processed)
    15 percent complete. (170419 of 382018 index entries processed)
    15 percent complete. (173826 of 382018 index entries processed)
    15 percent complete. (177538 of 382018 index entries processed)
    15 percent complete. (180354 of 382018 index entries processed)
    16 percent complete. (192147 of 382018 index entries processed)
    16 percent complete. (200066 of 382018 index entries processed)
    16 percent complete. (201602 of 382018 index entries processed)
    16 percent complete. (204674 of 382018 index entries processed)
    16 percent complete. (206160 of 382018 index entries processed)
    16 percent complete. (213876 of 382018 index entries processed)
    17 percent complete. (224243 of 382018 index entries processed)
    17 percent complete. (243598 of 382018 index entries processed)
    17 percent complete. (249318 of 382018 index entries processed)
    18 percent complete. (256338 of 382018 index entries processed)
    18 percent complete. (279007 of 382018 index entries processed)
    18 percent complete. (281090 of 382018 index entries processed)
    18 percent complete. (284930 of 382018 index entries processed)
    18 percent complete. (286722 of 382018 index entries processed)
    19 percent complete. (288434 of 382018 index entries processed)
    19 percent complete. (295721 of 382018 index entries processed)
    19 percent complete. (298499 of 382018 index entries processed)
    19 percent complete. (298507 of 382018 index entries processed)
    19 percent complete. (298601 of 382018 index entries processed)
    19 percent complete. (298658 of 382018 index entries processed)
    19 percent complete. (298735 of 382018 index entries processed)
    19 percent complete. (298833 of 382018 index entries processed)
    19 percent complete. (298951 of 382018 index entries processed)
    19 percent complete. (299052 of 382018 index entries processed)
    19 percent complete. (299088 of 382018 index entries processed)
    19 percent complete. (299126 of 382018 index entries processed)
    19 percent complete. (299144 of 382018 index entries processed)
    19 percent complete. (299172 of 382018 index entries processed)
    19 percent complete. (299209 of 382018 index entries processed)
    19 percent complete. (299224 of 382018 index entries processed)
    19 percent complete. (299348 of 382018 index entries processed)
    19 percent complete. (299419 of 382018 index entries processed)
    19 percent complete. (299496 of 382018 index entries processed)
    19 percent complete. (299536 of 382018 index entries processed)
    19 percent complete. (299592 of 382018 index entries processed)
    19 percent complete. (299659 of 382018 index entries processed)
    19 percent complete. (299740 of 382018 index entries processed)
    19 percent complete. (299804 of 382018 index entries processed)
    19 percent complete. (299845 of 382018 index entries processed)
    19 percent complete. (299913 of 382018 index entries processed)
    19 percent complete. (300045 of 382018 index entries processed)
    19 percent complete. (300097 of 382018 index entries processed)
    19 percent complete. (300178 of 382018 index entries processed)
    19 percent complete. (300212 of 382018 index entries processed)
    19 percent complete. (300255 of 382018 index entries processed)
    19 percent complete. (300401 of 382018 index entries processed)
    19 percent complete. (300445 of 382018 index entries processed)
    19 percent complete. (300483 of 382018 index entries processed)
    19 percent complete. (300532 of 382018 index entries processed)
    19 percent complete. (300595 of 382018 index entries processed)
    19 percent complete. (300691 of 382018 index entries processed)
    19 percent complete. (300776 of 382018 index entries processed)
    19 percent complete. (300804 of 382018 index entries processed)
    19 percent complete. (300840 of 382018 index entries processed)
    19 percent complete. (300942 of 382018 index entries processed)
    19 percent complete. (301016 of 382018 index entries processed)
    19 percent complete. (301051 of 382018 index entries processed)
    19 percent complete. (301089 of 382018 index entries processed)
    19 percent complete. (301142 of 382018 index entries processed)
    19 percent complete. (301205 of 382018 index entries processed)
    19 percent complete. (301277 of 382018 index entries processed)
    19 percent complete. (301318 of 382018 index entries processed)
    19 percent complete. (301357 of 382018 index entries processed)
    19 percent complete. (301412 of 382018 index entries processed)
    19 percent complete. (301449 of 382018 index entries processed)
    19 percent complete. (301465 of 382018 index entries processed)
    19 percent complete. (301508 of 382018 index entries processed)
    19 percent complete. (301562 of 382018 index entries processed)
    19 percent complete. (301676 of 382018 index entries processed)
    19 percent complete. (301824 of 382018 index entries processed)
    19 percent complete. (301907 of 382018 index entries processed)
    19 percent complete. (301969 of 382018 index entries processed)
    19 percent complete. (302087 of 382018 index entries processed)
    19 percent complete. (302169 of 382018 index entries processed)
    19 percent complete. (302283 of 382018 index entries processed)
    19 percent complete. (302331 of 382018 index entries processed)
    19 percent complete. (302518 of 382018 index entries processed)
    19 percent complete. (302636 of 382018 index entries processed)
    19 percent complete. (302749 of 382018 index entries processed)
    19 percent complete. (302861 of 382018 index entries processed)
    19 percent complete. (302989 of 382018 index entries processed)
    19 percent complete. (303081 of 382018 index entries processed)
    19 percent complete. (303248 of 382018 index entries processed)
    19 percent complete. (303435 of 382018 index entries processed)
    19 percent complete. (303610 of 382018 index entries processed)
    19 percent complete. (303807 of 382018 index entries processed)
    19 percent complete. (303923 of 382018 index entries processed)
    19 percent complete. (304067 of 382018 index entries processed)
    19 percent complete. (304192 of 382018 index entries processed)
    19 percent complete. (304284 of 382018 index entries processed)
    19 percent complete. (304380 of 382018 index entries processed)
    19 percent complete. (304521 of 382018 index entries processed)
    19 percent complete. (304591 of 382018 index entries processed)
    19 percent complete. (304752 of 382018 index entries processed)
    19 percent complete. (305070 of 382018 index entries processed)
    19 percent complete. (305264 of 382018 index entries processed)
    19 percent complete. (305466 of 382018 index entries processed)
    19 percent complete. (305501 of 382018 index entries processed)
    19 percent complete. (305528 of 382018 index entries processed)
    19 percent complete. (305622 of 382018 index entries processed)
    19 percent complete. (305713 of 382018 index entries processed)
    19 percent complete. (305785 of 382018 index entries processed)
    19 percent complete. (305860 of 382018 index entries processed)
    19 percent complete. (305935 of 382018 index entries processed)
    19 percent complete. (306004 of 382018 index entries processed)
    19 percent complete. (306063 of 382018 index entries processed)
    19 percent complete. (306146 of 382018 index entries processed)
    19 percent complete. (306251 of 382018 index entries processed)
    19 percent complete. (306417 of 382018 index entries processed)
    19 percent complete. (306514 of 382018 index entries processed)
    19 percent complete. (306520 of 382018 index entries processed)
    19 percent complete. (306683 of 382018 index entries processed)
    19 percent complete. (306727 of 382018 index entries processed)
    19 percent complete. (306933 of 382018 index entries processed)
    19 percent complete. (307122 of 382018 index entries processed)
    19 percent complete. (307576 of 382018 index entries processed)
    19 percent complete. (307960 of 382018 index entries processed)
    19 percent complete. (308189 of 382018 index entries processed)
    19 percent complete. (308299 of 382018 index entries processed)
    19 percent complete. (308383 of 382018 index entries processed)
    19 percent complete. (308774 of 382018 index entries processed)
    19 percent complete. (308980 of 382018 index entries processed)
    19 percent complete. (309207 of 382018 index entries processed)
    19 percent complete. (309380 of 382018 index entries processed)
    19 percent complete. (309468 of 382018 index entries processed)
    19 percent complete. (309609 of 382018 index entries processed)
    19 percent complete. (309811 of 382018 index entries processed)
    19 percent complete. (309967 of 382018 index entries processed)
    19 percent complete. (310163 of 382018 index entries processed)
    19 percent complete. (310432 of 382018 index entries processed)
    19 percent complete. (310554 of 382018 index entries processed)
    19 percent complete. (310659 of 382018 index entries processed)
    19 percent complete. (310745 of 382018 index entries processed)
    19 percent complete. (310916 of 382018 index entries processed)
    19 percent complete. (311016 of 382018 index entries processed)
    19 percent complete. (311191 of 382018 index entries processed)
    19 percent complete. (311362 of 382018 index entries processed)
    19 percent complete. (311636 of 382018 index entries processed)
    19 percent complete. (311758 of 382018 index entries processed)
    19 percent complete. (311981 of 382018 index entries processed)
    19 percent complete. (312107 of 382018 index entries processed)
    19 percent complete. (312313 of 382018 index entries processed)
    19 percent complete. (312560 of 382018 index entries processed)
    19 percent complete. (312831 of 382018 index entries processed)
    19 percent complete. (313183 of 382018 index entries processed)
    19 percent complete. (313401 of 382018 index entries processed)
    19 percent complete. (313632 of 382018 index entries processed)
    19 percent complete. (313866 of 382018 index entries processed)
    19 percent complete. (313976 of 382018 index entries processed)
    19 percent complete. (314043 of 382018 index entries processed)
    19 percent complete. (314136 of 382018 index entries processed)
    19 percent complete. (314457 of 382018 index entries processed)
    19 percent complete. (314643 of 382018 index entries processed)
    19 percent complete. (314922 of 382018 index entries processed)
    19 percent complete. (315179 of 382018 index entries processed)
    19 percent complete. (315315 of 382018 index entries processed)
    19 percent complete. (315552 of 382018 index entries processed)
    19 percent complete. (315729 of 382018 index entries processed)
    19 percent complete. (315926 of 382018 index entries processed)
    19 percent complete. (316089 of 382018 index entries processed)
    19 percent complete. (316441 of 382018 index entries processed)
    19 percent complete. (316582 of 382018 index entries processed)
    19 percent complete. (316653 of 382018 index entries processed)
    19 percent complete. (316765 of 382018 index entries processed)
    19 percent complete. (316861 of 382018 index entries processed)
    19 percent complete. (316912 of 382018 index entries processed)
    19 percent complete. (316984 of 382018 index entries processed)
    19 percent complete. (317042 of 382018 index entries processed)
    19 percent complete. (317123 of 382018 index entries processed)
    19 percent complete. (317183 of 382018 index entries processed)
    19 percent complete. (317309 of 382018 index entries processed)
    19 percent complete. (317516 of 382018 index entries processed)
    19 percent complete. (317631 of 382018 index entries processed)
    19 percent complete. (317709 of 382018 index entries processed)
    19 percent complete. (317779 of 382018 index entries processed)
    19 percent complete. (317851 of 382018 index entries processed)
    19 percent complete. (317916 of 382018 index entries processed)
    19 percent complete. (317999 of 382018 index entries processed)
    19 percent complete. (318073 of 382018 index entries processed)
    19 percent complete. (318179 of 382018 index entries processed)
    19 percent complete. (318272 of 382018 index entries processed)
    19 percent complete. (318578 of 382018 index entries processed)
    19 percent complete. (318727 of 382018 index entries processed)
    19 percent complete. (318791 of 382018 index entries processed)
    19 percent complete. (318910 of 382018 index entries processed)
    19 percent complete. (318995 of 382018 index entries processed)
    19 percent complete. (319091 of 382018 index entries processed)
    19 percent complete. (319171 of 382018 index entries processed)
    19 percent complete. (319285 of 382018 index entries processed)
    19 percent complete. (319350 of 382018 index entries processed)
    19 percent complete. (319589 of 382018 index entries processed)
    19 percent complete. (319655 of 382018 index entries processed)
    19 percent complete. (319771 of 382018 index entries processed)
    19 percent complete. (319856 of 382018 index entries processed)
    19 percent complete. (319940 of 382018 index entries processed)
    19 percent complete. (320025 of 382018 index entries processed)
    19 percent complete. (320096 of 382018 index entries processed)
    19 percent complete. (320191 of 382018 index entries processed)
    19 percent complete. (320378 of 382018 index entries processed)
    19 percent complete. (320520 of 382018 index entries processed)
    20 percent complete. (320530 of 382018 index entries processed)
    20 percent complete. (320833 of 382018 index entries processed)
    20 percent complete. (321168 of 382018 index entries processed)
    20 percent complete. (321613 of 382018 index entries processed)
    20 percent complete. (321704 of 382018 index entries processed)
    20 percent complete. (321804 of 382018 index entries processed)
    20 percent complete. (321909 of 382018 index entries processed)
    20 percent complete. (321993 of 382018 index entries processed)
    20 percent complete. (322082 of 382018 index entries processed)
    20 percent complete. (322148 of 382018 index entries processed)
    20 percent complete. (322203 of 382018 index entries processed)
    20 percent complete. (322344 of 382018 index entries processed)
    20 percent complete. (322431 of 382018 index entries processed)
    20 percent complete. (322484 of 382018 index entries processed)
    20 percent complete. (322546 of 382018 index entries processed)
    20 percent complete. (322642 of 382018 index entries processed)
    20 percent complete. (322761 of 382018 index entries processed)
    20 percent complete. (322865 of 382018 index entries processed)
    20 percent complete. (322962 of 382018 index entries processed)
    20 percent complete. (323076 of 382018 index entries processed)
    20 percent complete. (323157 of 382018 index entries processed)
    20 percent complete. (323304 of 382018 index entries processed)
    20 percent complete. (323412 of 382018 index entries processed)
    20 percent complete. (323497 of 382018 index entries processed)
    20 percent complete. (323651 of 382018 index entries processed)
    20 percent complete. (323800 of 382018 index entries processed)
    20 percent complete. (323940 of 382018 index entries processed)
    20 percent complete. (324022 of 382018 index entries processed)
    20 percent complete. (324112 of 382018 index entries processed)
    20 percent complete. (324217 of 382018 index entries processed)
    20 percent complete. (324304 of 382018 index entries processed)
    20 percent complete. (324368 of 382018 index entries processed)
    20 percent complete. (324433 of 382018 index entries processed)
    20 percent complete. (324495 of 382018 index entries processed)
    20 percent complete. (324552 of 382018 index entries processed)
    20 percent complete. (324621 of 382018 index entries processed)
    20 percent complete. (324698 of 382018 index entries processed)
    20 percent complete. (324776 of 382018 index entries processed)
    20 percent complete. (324875 of 382018 index entries processed)
    20 percent complete. (324969 of 382018 index entries processed)
    20 percent complete. (325022 of 382018 index entries processed)
    20 percent complete. (325032 of 382018 index entries processed)
    20 percent complete. (325125 of 382018 index entries processed)
    20 percent complete. (325286 of 382018 index entries processed)
    20 percent complete. (325394 of 382018 index entries processed)
    20 percent complete. (325517 of 382018 index entries processed)
    20 percent complete. (325576 of 382018 index entries processed)
    20 percent complete. (325640 of 382018 index entries processed)
    20 percent complete. (325689 of 382018 index entries processed)
    20 percent complete. (325756 of 382018 index entries processed)
    20 percent complete. (325865 of 382018 index entries processed)
    20 percent complete. (325943 of 382018 index entries processed)
    20 percent complete. (326089 of 382018 index entries processed)
    20 percent complete. (326173 of 382018 index entries processed)
    20 percent complete. (326268 of 382018 index entries processed)
    20 percent complete. (326436 of 382018 index entries processed)
    20 percent complete. (326549 of 382018 index entries processed)
    20 percent complete. (326670 of 382018 index entries processed)
    20 percent complete. (326771 of 382018 index entries processed)
    20 percent complete. (326865 of 382018 index entries processed)
    20 percent complete. (326959 of 382018 index entries processed)
    20 percent complete. (327104 of 382018 index entries processed)
    20 percent complete. (327196 of 382018 index entries processed)
    20 percent complete. (327277 of 382018 index entries processed)
    20 percent complete. (327648 of 382018 index entries processed)
    20 percent complete. (329956 of 382018 index entries processed)
    20 percent complete. (332366 of 382018 index entries processed)
    20 percent complete. (334942 of 382018 index entries processed)
    20 percent complete. (337115 of 382018 index entries processed)
    382018 index entries processed.

    Index verification completed.
    0 unindexed files processed.

    CHKDSK is verifying security descriptors (stage 3 of 3)...
    21 percent complete. (0 of 298496 descriptors processed)
    21 percent complete. (3713 of 298496 descriptors processed)
    21 percent complete. (7425 of 298496 descriptors processed)
    22 percent complete. (8110 of 298496 descriptors processed)
    22 percent complete. (22401 of 298496 descriptors processed)
    22 percent complete. (28033 of 298496 descriptors processed)
    22 percent complete. (41792 of 298496 descriptors processed)
    22 percent complete. (52993 of 298496 descriptors processed)
    22 percent complete. (71018 of 298496 descriptors processed)
    23 percent complete. (104397 of 298496 descriptors processed)
    23 percent complete. (130433 of 298496 descriptors processed)
    23 percent complete. (135553 of 298496 descriptors processed)
    23 percent complete. (151297 of 298496 descriptors processed)
    23 percent complete. (164209 of 298496 descriptors processed)
    23 percent complete. (174620 of 298496 descriptors processed)
    23 percent complete. (178939 of 298496 descriptors processed)
    23 percent complete. (197377 of 298496 descriptors processed)
    24 percent complete. (200685 of 298496 descriptors processed)
    24 percent complete. (205825 of 298496 descriptors processed)
    24 percent complete. (218497 of 298496 descriptors processed)
    24 percent complete. (242561 of 298496 descriptors processed)
    24 percent complete. (263764 of 298496 descriptors processed)
    24 percent complete. (280577 of 298496 descriptors processed)
    24 percent complete. (284929 of 298496 descriptors processed)
    24 percent complete. (293761 of 298496 descriptors processed)
    25 percent complete. (296972 of 298496 descriptors processed)
    298496 security descriptors processed.

    Security descriptor verification completed.
    41762 data files processed.

    CHKDSK is verifying Usn Journal...
    99 percent complete. (0 of 36389080 USN bytes processed)
    99 percent complete. (8208384 of 36389080 USN bytes processed)
    99 percent complete. (16846848 of 36389080 USN bytes processed)
    99 percent complete. (25874432 of 36389080 USN bytes processed)
    99 percent complete. (35000320 of 36389080 USN bytes processed)
    100 percent complete. (36388864 of 36389080 USN bytes processed)
    36389080 USN bytes processed.

    Usn Journal verification completed.
    Windows has checked the file system and found no problems.

    477716840 KB total disk space.
    121791844 KB in 170858 files.
    193788 KB in 41763 indexes.
    4 KB in bad sectors.
    429604 KB in use by the system.
    65536 KB occupied by the log file.
    355301600 KB available on disk.

    4096 bytes in each allocation unit.
    119429210 total allocation units on disk.
    88825400 allocation units available on disk.

    C:\>



    Here is the second log:


    Tweaking.com - Windows Repair v2.10.3
    --------------------------------------------------------------------------------

    System Variables
    --------------------------------------------------------------------------------
    OS: Windows Vista (TM) Home Premium
    OS Architecture: 32-bit
    OS Version: 6.0.6002
    OS Service Pack: Service Pack 2
    Computer Name: STEPHEN-PC
    Windows Drive: C:\
    Windows Path: C:\Windows
    Program Files: C:\Program Files
    Current Profile: C:\Users\Stephen
    Current Profile SID: S-1-5-21-1318713196-1334084056-162886860-1000
    Current Profile Classes: S-1-5-21-1318713196-1334084056-162886860-1000_Classes
    Profiles Location: C:\Users
    Profiles Location 2: C:\Windows\ServiceProfiles
    Local Settings AppData: C:\Users\Stephen\AppData\Local
    --------------------------------------------------------------------------------

    System Information
    --------------------------------------------------------------------------------
    System Up Time: 0 Days 03:30:31

    Process Count: 92
    Commit Total: 2.08 GB
    Commit Limit: 5.79 GB
    Commit Peak: 2.58 GB
    Handle Count: 27273
    Kernel Total: 259.89 MB
    Kernel Paged: 180.56 MB
    Kernel Non Paged: 79.33 MB
    System Cache: 1.41 GB
    Thread Count: 1141
    --------------------------------------------------------------------------------

    Memory Before Cleaning with CleanMem
    --------------------------------------------------------------------------------
    Memory Total: 2.87 GB
    Memory Used: 1.73 GB(60.252%)
    Memory Avail.: 1.14 GB
    --------------------------------------------------------------------------------

    Cleaning Memory Before Starting Repairs...

    Memory After Cleaning with CleanMem
    --------------------------------------------------------------------------------
    Memory Total: 2.87 GB
    Memory Used: 1.26 GB(43.7834%)
    Memory Avail.: 1.62 GB
    --------------------------------------------------------------------------------

    Starting Repairs...
    Started at (1/17/2015 7:25:14 PM)

    Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
    Total Missing 'InstallDate' Fixed: 112

    01 - Reset Registry Permissions 01/03
    HKEY_CURRENT_USER & Sub Keys
    Start (1/17/2015 7:25:19 PM)
    Running Repair Under Current User Account
    Done (1/17/2015 7:25:46 PM)

    01 - Reset Registry Permissions 02/03
    HKEY_LOCAL_MACHINE & Sub Keys
    Start (1/17/2015 7:25:46 PM)
    Running Repair Under System Account
    Done (1/17/2015 7:37:38 PM)

    01 - Reset Registry Permissions 03/03
    HKEY_CLASSES_ROOT & Sub Keys
    Start (1/17/2015 7:37:38 PM)
    Running Repair Under System Account
    Done (1/17/2015 7:39:55 PM)

    03 - Reset Service Permissions
    Start (1/17/2015 7:39:55 PM)
    Running Repair Under System Account
    Done (1/17/2015 7:40:12 PM)

    04 - Register System Files
    Start (1/17/2015 7:40:12 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:41:04 PM)

    05 - Repair WMI
    Start (1/17/2015 7:41:04 PM)

    Starting Security Center So We Can Export The Security Info.

    Exporting Antivirus Info...
    McAfee Anti-Virus and Anti-Spyware Exported.

    Exporting AntiSpyware Info...
    McAfee Anti-Virus and Anti-Spyware Exported.
    Windows Defender Exported.

    Exporting 3rd Party Firewall Info...
    McAfee Firewall Exported.

    Running Repair Under Current User Account
    Done (1/17/2015 7:45:46 PM)

    06 - Repair Windows Firewall
    Start (1/17/2015 7:45:47 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:46:37 PM)

    07 - Repair Internet Explorer
    Start (1/17/2015 7:46:37 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:47:26 PM)

    08 - Repair MDAC/MS Jet
    Start (1/17/2015 7:47:26 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:47:57 PM)

    09 - Repair Hosts File
    Start (1/17/2015 7:47:57 PM)
    Running Repair Under System Account
    Done (1/17/2015 7:47:58 PM)

    10 - Remove Policies Set By Infections
    Start (1/17/2015 7:47:58 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:48:03 PM)

    11 - Repair Start Menu Icons Removed By Infections
    Start (1/17/2015 7:48:03 PM)
    Running Repair Under System Account
    Done (1/17/2015 7:48:04 PM)

    12 - Repair Icons
    Start (1/17/2015 7:48:04 PM)
    Running Repair Under Current User Account
    Done (1/17/2015 7:48:06 PM)

    13 - Repair Winsock & DNS Cache
    Start (1/17/2015 7:48:06 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:48:33 PM)

    15 - Repair Proxy Settings
    Start (1/17/2015 7:48:33 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:48:35 PM)

    17 - Repair Windows Updates
    Start (1/17/2015 7:48:35 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
    Done (1/17/2015 7:49:12 PM)

    18 - Repair CD/DVD Missing/Not Working
    Start (1/17/2015 7:49:12 PM)
    iTunes was found, adding UpperFilters for iTunes Reg Key
    UpperFilters added?: True
    Done (1/17/2015 7:49:12 PM)

    19 - Repair Volume Shadow Copy Service
    Start (1/17/2015 7:49:12 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:49:47 PM)

    21 - Repair MSI (Windows Installer)
    Start (1/17/2015 7:49:48 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:02 PM)

    23.01 - Repair bat Association
    Start (1/17/2015 7:50:02 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:04 PM)

    23.02 - Repair cmd Association
    Start (1/17/2015 7:50:04 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:07 PM)

    23.03 - Repair com Association
    Start (1/17/2015 7:50:07 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:09 PM)

    23.04 - Repair Directory Association
    Start (1/17/2015 7:50:09 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:11 PM)

    23.05 - Repair Drive Association
    Start (1/17/2015 7:50:11 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:14 PM)

    23.06 - Repair exe Association
    Start (1/17/2015 7:50:14 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:16 PM)

    23.07 - Repair Folder Association
    Start (1/17/2015 7:50:16 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:18 PM)

    23.08 - Repair inf Association
    Start (1/17/2015 7:50:18 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:21 PM)

    23.09 - Repair lnk (Shortcuts) Association
    Start (1/17/2015 7:50:21 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:23 PM)

    23.10 - Repair msc Association
    Start (1/17/2015 7:50:23 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:25 PM)

    23.11 - Repair reg Association
    Start (1/17/2015 7:50:25 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:28 PM)

    23.12 - Repair scr Association
    Start (1/17/2015 7:50:28 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:30 PM)

    24 - Repair Windows Safe Mode
    Start (1/17/2015 7:50:30 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:33 PM)

    25 - Repair Print Spooler
    Start (1/17/2015 7:50:33 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:50:53 PM)

    26 - Restore Important Windows Services
    Start (1/17/2015 7:50:53 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:51:10 PM)

    27 - Set Windows Services To Default Startup
    Start (1/17/2015 7:51:10 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:51:27 PM)

    Skipping Repair.
    Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
    Current version: 6.0

    Skipping Repair.
    Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
    Current version: 6.0

    Skipping Repair.
    Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
    Current version: 6.0

    31 - Repair Windows 'New' Submenu
    Start (1/17/2015 7:51:27 PM)
    Running Repair Under Current User Account
    Running Repair Under System Account
    Done (1/17/2015 7:51:30 PM)

    Cleaning up empty logs...

    All Selected Repairs Done.
    Done at (1/17/2015 7:51:30 PM)
    Total Repair Time: 00:26:18


    ...YOU MUST RESTART YOUR SYSTEM...


    I think the system is not quite as slow, but it doesn't seem like it's back to normal. It's hard to tell, though.
     
  12. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Give it a day to sort out some of the update / change / refresh it just went through. I will be looking for any input from you tomorrow whenever you are ready. Thanks.
     
  13. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    I think it's still fairly slow. I should have mentioned earlier that the system has a freezing problem and that the freezing happened again today.
     
  14. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Go to Explorer and right click on the C: drive; choose Properties.
    Go to Tools and then Defragmentation. Click "Defragment now..." Run through the routine even if the disk is not but a little fragmented.
     
  15. darknight25

    darknight25 Thread Starter

    Joined:
    Jul 14, 2013
    Messages:
    42
    I started defragmentation yesterday evening and it's still going. Is that normal?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1141223

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice