Hi there, sorry I took awhile... for some reason I could not log in... tried forgotten password for awhile but no luck, had to use my twitter acc.
Anyways, did as you asked 
I also have another theory, can he be getting my passwords through the wifi? Thanks for the help.
I'm also worried perhaps he did something to stop me from logging on so he can tamper with the results of the scan... might be abit paranoid here but you never know lol
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2015
Ran by User (administrator) on USER_LAPTOP on 25-07-2015 09:35:30
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available Profiles: User)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_559ad4ac\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVG Secure Search) C:\Program Files\AVG Web TuneUp\avgcefrend.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Users\Bodo\Downloads\aswMBR.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [1548288 2007-08-07] (Dell Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598912 2015-05-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [151952 2012-11-29] (Apple Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-06-29] (IDT, Inc.)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM\...\Run: [Denzi] => C:\Program Files\Denzi\Launcher.bat --wait
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3174800 2015-07-20] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2015-01-28] (ESET)
HKU\S-1-5-21-1376256216-2798707952-3444916669-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1376256216-2798707952-3444916669-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1376256216-2798707952-3444916669-1000\...\Run: [] => C:\Users\User\AppData\Local\Temp\~!#D738.tmp <===== ATTENTION
HKU\S-1-5-21-1376256216-2798707952-3444916669-1000\...\Run: [AVG-Secure-Search-Update_1114av] => C:\Users\User\AppData\Roaming\Avg_Update_1114av\AVG-Secure-Search-Update_1114av.exe /PROMPT /mid=fcb8f1f2653f47d08f72d1544fadbe60-cc8888933fd3f2711181313a511eb6ba94036878 /CMPID=1114av
BootExecute: autocheck autochk * avgrmbr.nt /mbr C:\Windows\System32\avgrmbr.binC:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\S-1-5-21-1376256216-2798707952-3444916669-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1376256216-2798707952-3444916669-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
https://mysearch.avg...fr&d=2015-07-2022:59:07&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files\AVG\AVG2012\avgdtiex.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: No Name -> {7f99ec65-f933-463b-b0ac-49e30a932c69} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.4.948\AVG Web TuneUp.dll [2015-07-20] (AVG)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
Winsock: Catalog5 01 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File not found ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2A6D4AEF-D88D-4395-933E-CE57A8589FF1}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-10-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.7.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-06-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-06-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-06-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.647 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-06-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-06-20]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2012-11-20]
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack [2012-11-20]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-19]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-19]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-19]
CHR Extension: (Rapport) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2015-07-05]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-19]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-19]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-19]
CHR Extension: (Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-04-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (AVG Do Not Track) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-07-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-19]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-19]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx [2015-05-19]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5176832 2015-05-19] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [198616 2015-05-19] (AVG Technologies CZ, s.r.o.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2015-01-28] (ESET)
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2222360 2015-06-02] (IBM Corp.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_559ad4ac\STacSV.exe [221266 2009-06-29] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vToolbarUpdater18.7.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [1874320 2015-07-20] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1724416 2007-08-07] (Dell Inc.) [File not signed]
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-20] ()
S2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [X]
S3 McSysmon; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142600 2015-05-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [26504 2015-05-19] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [25352 2015-05-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [19976 2015-05-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250632 2015-05-19] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [43272 2015-05-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [34184 2015-05-19] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302472 2015-05-19] (AVG Technologies CZ, s.r.o.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-01-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-01-30] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2015-01-30] (ESET)
S4 HidBth; C:\Windows\system32\drivers\hidbth.sys [29184 2006-11-02] () [File not signed]
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79816 2009-11-11] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-11-11] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214664 2009-11-11] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-11-11] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-11-11] (McAfee, Inc.)
R1 RapportCerberus_1412112; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412112.sys [531416 2015-07-02] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [280088 2015-06-02] (IBM Corp.)
R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [68280 2015-06-02] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [218264 2015-06-02] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [337176 2015-06-02] (IBM Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [715248 2011-07-22] () [File not signed]
U3 ayp0u25b; C:\Windows\system32\Drivers\ayp0u25b.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 AFGMp50; System32\Drivers\AFGMp50.sys [X]
S3 AFGSp50; System32\Drivers\AFGSp50.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 netbt; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TFSysMon; system32\drivers\TfSysMon.sys [X]
U3 aswMBR; \??\C:\Users\User\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\User\AppData\Local\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 09:35 - 2015-07-25 09:36 - 00021481 _____ C:\Users\User\Downloads\FRST.txt
2015-07-25 09:34 - 2015-07-25 09:35 - 00000000 ____D C:\FRST
2015-07-25 09:33 - 2015-07-25 09:33 - 01638912 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2015-07-25 09:31 - 2015-07-25 09:31 - 00000580 _____ C:\Users\User\Desktop\aswMBR.txt
2015-07-25 09:27 - 2015-07-25 09:27 - 05198336 _____ (AVAST Software) C:\Users\User\Downloads\aswMBR.exe
2015-07-24 10:31 - 2015-07-24 11:06 - 760172736 _____ C:\Users\User\Desktop\something.mp4
2015-07-24 03:51 - 2015-07-24 04:26 - 760056000 _____ C:\Users\User\Desktop\something wierd.mp4
2015-07-24 03:39 - 2015-07-24 03:40 - 00149904 _____ C:\Windows\Minidump\Mini072415-01.dmp
2015-07-24 01:42 - 2015-07-24 01:43 - 16396966 _____ C:\Users\User\Downloads\11125958_520767938070263_969801811_n.mp4
2015-07-23 11:15 - 2015-07-23 11:15 - 39648837 _____ C:\Users\User\Downloads\Hitler reacts to KideroGrass ObamainKenya visit [by @smusyoka].mp4
2015-07-23 09:07 - 2015-07-23 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-23 05:57 - 2015-07-23 05:57 - 47802684 _____ C:\Users\User\Downloads\Hitler rants about his broken PlayStation 4.mp4
2015-07-23 05:56 - 2015-07-23 05:56 - 41176514 _____ C:\Users\User\Downloads\Hitler rants about the Xbox One.mp4
2015-07-23 05:35 - 2015-07-23 05:35 - 09514446 _____ C:\Users\User\Downloads\Hitler gets banned from Xbox Live.mp4
2015-07-22 04:39 - 2015-07-22 04:45 - 83361984 _____ C:\Users\User\Desktop\butterfly knife.mp4
2015-07-22 03:20 - 2015-07-22 03:20 - 00870866 _____ C:\Users\User\Desktop\k3.mp4
2015-07-22 03:06 - 2015-07-22 03:06 - 00774308 _____ C:\Users\User\Desktop\k2.mp4
2015-07-22 02:50 - 2015-07-22 02:50 - 00912525 _____ C:\Users\User\Desktop\k.mp4
2015-07-22 02:16 - 2015-07-22 02:16 - 01211365 _____ C:\Users\User\Desktop\knfe.mp4
2015-07-22 00:38 - 2015-07-22 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-07-22 00:38 - 2015-07-22 00:38 - 00000000 ____D C:\ProgramData\ESET
2015-07-22 00:38 - 2015-07-22 00:38 - 00000000 ____D C:\Program Files\ESET
2015-07-22 00:35 - 2015-07-22 00:35 - 01761992 _____ (ESET) C:\Users\User\Downloads\eset_nod32_antivirus_live_installer.exe
2015-07-21 11:13 - 2015-07-21 11:14 - 00000000 ____D C:\Users\User\Desktop\ps3
2015-07-21 09:59 - 2015-07-21 09:59 - 12487072 _____ C:\Users\User\Desktop\agr.mp4
2015-07-21 08:09 - 2015-07-14 17:02 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 08:09 - 2015-07-14 15:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 22:59 - 2015-07-21 08:38 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2015-07-20 22:59 - 2015-07-20 22:59 - 00000000 ____D C:\Users\User\AppData\Local\AVG Web TuneUp
2015-07-20 22:59 - 2015-07-20 22:59 - 00000000 ____D C:\ProgramData\AVG Secure Search
2015-07-20 22:59 - 2015-07-20 22:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-20 22:58 - 2015-07-20 22:59 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-07-20 22:58 - 2015-07-20 22:59 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-07-20 22:27 - 2015-07-20 22:58 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-07-20 07:59 - 2015-07-20 07:59 - 77795134 _____ C:\Users\User\Downloads\50 CENT TRAV BEEF FULL VIDEO !!!! SLOWBUCKS GET BEAT UP 50 CENT PUSH TRAV ON STAGE!!!.mp4
2015-07-20 04:02 - 2015-07-20 08:18 - 107219136 _____ C:\Users\User\Desktop\3rd World Gameplay.mp4
2015-07-18 19:25 - 2015-07-18 19:26 - 00000000 ____D C:\Users\User\AppData\Local\{960B0861-5F80-4D9E-AC5B-CB02922A9CF7}
2015-07-18 19:25 - 2015-07-18 19:25 - 00000000 ____D C:\Users\User\AppData\Local\{AF127A9B-276D-45D7-A391-8C2F982261AE}
2015-07-18 19:23 - 2015-07-18 19:23 - 00001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
2015-07-18 19:20 - 2015-07-18 19:20 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2015-07-18 19:20 - 2015-07-18 19:20 - 00000978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
2015-07-18 19:18 - 2015-07-18 19:18 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2015-07-18 19:18 - 2015-07-18 19:18 - 00001172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2015-07-18 19:16 - 2015-07-18 19:16 - 00000874 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-07-16 05:08 - 2015-07-16 05:08 - 00539374 _____ C:\Users\User\Desktop\11679801_10153386313401083_878493492_n.mp4
2015-07-16 04:39 - 2015-07-16 04:40 - 00417148 _____ C:\Users\User\Desktop\mk reallife 3rd world.mp4
2015-07-16 03:58 - 2015-06-25 03:57 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 03:57 - 2015-07-03 17:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 03:56 - 2015-06-17 17:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 03:56 - 2015-06-17 16:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 03:55 - 2015-06-12 17:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 03:11 - 2015-05-31 09:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 03:08 - 2015-06-27 17:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 03:08 - 2015-06-27 17:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 03:08 - 2015-06-27 17:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 03:08 - 2015-06-27 17:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-16 03:08 - 2015-06-27 15:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 03:08 - 2015-06-27 15:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 03:08 - 2015-06-12 14:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 03:08 - 2015-01-09 01:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 23:55 - 2011-04-24 22:18 - 00000000 ____D C:\Users\User\Desktop\Adobe Photoshop CS5.1 Extended Edition
2015-07-15 17:21 - 2015-07-15 17:24 - 29477035 _____ C:\Users\User\Desktop\11415131_370643293147010_902081197_n.mp4
2015-07-15 17:11 - 2015-07-15 17:13 - 06755780 _____ C:\Users\User\Desktop\this is funny as , wait till the asian speaks!.mp4
2015-07-15 07:13 - 2015-07-03 06:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 07:13 - 2015-07-03 06:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 07:13 - 2015-06-17 02:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 07:13 - 2015-06-17 02:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 07:13 - 2015-06-17 02:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 07:13 - 2015-06-17 02:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 07:13 - 2015-06-17 02:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 07:13 - 2015-06-17 02:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 07:13 - 2015-06-17 02:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 07:13 - 2015-06-17 02:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 07:13 - 2015-06-17 02:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-15 07:13 - 2015-06-17 02:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-15 07:13 - 2015-06-17 02:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-13 18:22 - 2009-11-11 11:14 - 00079816 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2015-07-13 18:22 - 2009-11-11 11:14 - 00040552 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfesmfk.sys
2015-07-13 18:22 - 2009-11-11 11:14 - 00035272 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfebopk.sys
2015-07-12 17:23 - 2015-07-13 23:30 - 00000000 ____D C:\Program Files\McAfee
2015-07-12 16:22 - 2009-11-11 11:14 - 00034248 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mferkdk.sys
2015-07-12 13:29 - 2015-07-12 13:29 - 00000000 ____D C:\Users\User\Downloads\McAfee-2011
2015-07-12 13:28 - 2015-07-12 13:28 - 00049495 _____ C:\Users\User\Downloads\FF12FC9D48B2880B42DD621E0D645DE7ACFFF77B.torrent
2015-07-12 02:16 - 2015-07-12 02:16 - 00000000 ____D C:\Users\User\AppData\Local\Skype
2015-07-12 02:15 - 2015-07-12 20:55 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-07-12 02:14 - 2015-07-13 15:52 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 02:13 - 2015-07-12 02:13 - 00001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-07-12 02:11 - 2015-07-12 02:12 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-07-12 02:08 - 2015-07-12 02:10 - 00000000 ____D C:\Program Files\Windows Live
2015-07-12 02:07 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-07-12 02:07 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-07-12 02:07 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-07-12 02:07 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-07-12 00:59 - 2015-07-18 19:25 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live
2015-07-12 00:59 - 2015-07-12 00:59 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2015-07-12 00:59 - 2009-08-04 09:02 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2015-07-12 00:55 - 2015-07-12 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-12 00:54 - 2015-07-12 00:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-08 19:15 - 2015-07-08 19:16 - 02742304 _____ (Facebook Inc.) C:\Users\User\Downloads\ESET_T1453692288286313T_.exe
2015-07-08 16:32 - 2015-07-18 01:12 - 434208960 _____ C:\Users\User\Desktop\Mk.mp4
2015-07-08 13:06 - 2015-07-08 13:06 - 03201805 _____ C:\Users\Bodo\Downloads\11417696_809001875888229_925465263_n.mp4
2015-07-05 20:54 - 2015-07-07 07:39 - 00633784 _____ C:\Users\Bodo\Desktop\11535722_10155696936220214_340800297_n.mp4
2015-07-02 01:26 - 2015-07-02 01:26 - 00000000 ____D C:\Users\User\AppData\Local\Trusteer
2015-07-02 01:26 - 2015-07-02 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-07-02 01:26 - 2015-07-02 01:26 - 00000000 ____D C:\Program Files\Trusteer
2015-07-02 01:17 - 2015-07-02 01:17 - 00000000 ____D C:\ProgramData\Trusteer
2015-07-02 01:13 - 2015-07-02 01:13 - 00436504 _____ (IBM Corp.) C:\Users\User\Downloads\RpprtSetup.exe
2015-07-01 02:00 - 2015-07-21 10:49 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-01 02:00 - 2015-07-01 03:42 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-01 02:00 - 2015-07-01 02:00 - 00000899 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-01 02:00 - 2015-07-01 02:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-01 02:00 - 2015-07-01 02:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-01 02:00 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-01 02:00 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-01 02:00 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-01 01:59 - 2015-07-01 01:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-01 01:59 - 2015-07-01 01:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.1.8.1057 (2).exe
2015-07-01 01:59 - 2015-07-01 01:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-06-29 23:14 - 2015-06-29 23:14 - 00570400 _____ C:\Users\User\Downloads\10981149_850884684969886_823910178_n.mp4
2015-06-28 18:33 - 2015-06-28 18:34 - 00000000 ____D C:\Users\User\Documents\Google
2015-06-28 12:57 - 2015-07-07 07:46 - 06895446 _____ C:\Users\User\Downloads\10981809_1602286510015369_45041425_n.mp4
2015-06-25 14:23 - 2015-07-01 01:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dead Space 3 [Lossless repack by R.G. Catalyst]
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 09:33 - 2012-04-24 17:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 09:29 - 2012-11-20 16:14 - 00000000 ____D C:\ProgramData\AVG2012
2015-07-25 09:23 - 2012-06-29 13:10 - 01066832 _____ C:\Windows\WindowsUpdate.log
2015-07-25 09:16 - 2012-11-20 16:14 - 00000000 ____D C:\Windows\system32\Drivers\AVG
2015-07-25 09:15 - 2014-12-19 17:59 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 09:12 - 2014-12-19 17:59 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 09:11 - 2012-12-04 14:41 - 00000468 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-07-25 09:10 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 09:10 - 2006-11-02 13:47 - 00004448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 09:10 - 2006-11-02 13:47 - 00004448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 09:08 - 2006-11-02 14:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-24 18:00 - 2012-12-15 04:19 - 00000442 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2015-07-24 04:28 - 2012-03-27 19:55 - 00000416 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2015-07-24 03:39 - 2015-06-14 09:33 - 223426062 _____ C:\Windows\MEMORY.DMP
2015-07-24 03:39 - 2011-10-12 20:39 - 00000000 ____D C:\Windows\Minidump
2015-07-23 17:46 - 2012-11-20 16:12 - 00000000 ____D C:\ProgramData\MFAData
2015-07-23 09:07 - 2012-11-20 16:15 - 00000842 _____ C:\Users\Public\Desktop\AVG 2012.lnk
2015-07-22 00:41 - 2011-06-20 14:25 - 00000000 ____D C:\Users\User
2015-07-21 08:44 - 2006-11-02 13:47 - 03732416 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 07:09 - 2015-06-21 18:47 - 00006387 _____ C:\Windows\system32\avgrep.txt
2015-07-20 22:23 - 2011-09-27 19:11 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2015-07-18 19:24 - 2011-06-20 14:25 - 00101608 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-18 19:23 - 2011-09-27 19:11 - 00000000 ____D C:\ProgramData\Adobe
2015-07-18 19:23 - 2011-06-20 16:01 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2015-07-18 19:22 - 2011-09-27 19:11 - 00000000 ____D C:\Program Files\Adobe
2015-07-18 19:21 - 2011-09-27 19:12 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-16 05:04 - 2011-09-27 19:12 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-16 04:55 - 2006-11-02 11:33 - 00765776 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-16 03:55 - 2013-08-15 03:07 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 03:29 - 2011-07-22 04:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 03:13 - 2011-06-20 15:56 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2015-07-14 21:33 - 2012-04-24 17:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-14 21:33 - 2011-06-20 16:00 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-14 17:13 - 2014-12-19 18:00 - 00002001 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-13 23:30 - 2014-12-27 11:24 - 00000000 ____D C:\ProgramData\McAfee
2015-07-13 23:30 - 2013-04-24 12:35 - 00182794 _____ C:\Windows\PFRO.log
2015-07-13 18:24 - 2006-11-02 11:23 - 00000251 _____ C:\Windows\win.ini
2015-07-13 15:49 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2015-07-12 18:42 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-07-12 18:25 - 2011-06-20 14:25 - 00001356 _____ C:\Users\User\AppData\Local\d3d9caps.dat
2015-07-12 17:11 - 2012-03-24 02:15 - 00000000 ____D C:\Program Files\PC Tools Security
2015-07-12 02:10 - 2011-12-05 01:36 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-07-12 02:07 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-12 00:30 - 2012-03-19 19:33 - 00000000 ____D C:\ProgramData\TEMP
2015-07-12 00:22 - 2012-03-24 02:15 - 00000000 ____D C:\ProgramData\PC Tools
2015-07-07 07:49 - 2015-05-21 06:54 - 17292399 _____
2015-07-01 03:53 - 2006-11-02 12:18 - 00000000 __RSD C:\Windows\Media
2015-07-01 03:41 - 2006-11-02 12:18 - 00000000 _SHDC C:\Windows\$NtUninstallKB45371$
==================== Files in the root of some directories =======
2014-11-28 05:28 - 2014-12-08 03:52 - 0000053 _____ () C:\Users\User\AppData\Roaming\LogFile.txt
2015-05-08 02:10 - 2015-05-08 02:10 - 0024206 _____ () C:\Users\User\AppData\Roaming\UserTile.png
2015-04-24 03:08 - 2015-04-24 03:08 - 0202188 _____ () C:\Users\User\AppData\Local\ars.cache
2015-04-24 03:08 - 2015-04-24 03:08 - 0312462 _____ () C:\Users\User\AppData\Local\census.cache
2011-06-20 14:25 - 2015-07-12 18:25 - 0001356 _____ () C:\Users\User\AppData\Local\d3d9caps.dat
2011-06-23 14:57 - 2015-04-24 03:05 - 0103936 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-24 02:49 - 2015-04-24 02:49 - 0000036 _____ () C:\Users\User\AppData\Local\housecall.guid.cache
2015-04-24 03:06 - 2015-04-24 03:06 - 0000010 _____ () C:\Users\User\AppData\Local\sponge.last.runtime.cache
Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\InstHelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-25 09:24
==================== End of log ============================
Addition
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by User at 2015-07-25 09:37:23
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1376256216-2798707952-3444916669-500 - Administrator - Disabled)
User (S-1-5-21-1376256216-2798707952-3444916669-1000 - Administrator - Enabled) => C:\Users\User
Guest (S-1-5-21-1376256216-2798707952-3444916669-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: AVG AntiVirus Free Edition 2012 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2012 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1376256216-2798707952-3444916669-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2258 - AVG Technologies)
AVG 2012 (Version: 12.1.2258 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.1.4.948 - AVG Technologies)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space 3 [Special Edition. Lossless Multilanguage Repack by R.G. Catalyst] (HKLM\...\ds3_catalyst_skymmer_Lossless) (Version: - )
Debut Video Capture Software (HKLM\...\Debut) (Version: 2.14 - NCH Software)
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.102.15.61 - Dell Inc.)
ESET NOD32 Antivirus (HKLM\...\{B096B8AB-C3BD-4801-A731-D2B94643DA86}) (Version: 8.0.312.0 - ESET, spol s r. o.)
Free YouTube Downloader 4.0.365 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
High-Definition Video Playback 10 (Version: 7.0.11400.29.0 - Nero AG) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
iTunes (HKLM\...\{1B6C0E95-182C-48E0-9C4B-4F916308249C}) (Version: 11.0.0.163 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 5.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 5.0.0 - )
Lenovo_Wireless_Driver (HKLM\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.22.6.3 - Marvell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Native Instruments Traktor DJ Studio 3 (HKLM\...\Native Instruments Traktor DJ Studio 3) (Version: - )
Nero BackItUp 10 (HKLM\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscCopy Gadget 10 (HKLM\...\{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}) (Version: 3.0.10700.9.100 - Nero AG)
Nero DiscSpeed 10 (HKLM\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Rapport (Version: 3.5.1412.176 - Trusteer) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
RICOH Media Driver ver.2.07.01.04 (HKLM\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.04 - RICOH)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)
VideoLAN VLC media player 0.8.6f (HKLM\...\VLC media player) (Version: 0.8.6f - VideoLAN Team)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.0.0.3995 - ZJMedia Digital Technology Ltd.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
25-07-2015 03:03:43 Scheduled Checkpoint
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00780006-E0F6-43CB-BC85-C11B08C7135A} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1376256216-2798707952-3444916669-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {19E6DE5B-C213-403C-8F26-2F8A6FB136DE} - System32\Tasks\{0CFDC43F-100E-471D-8D92-8287D074D59A} => pcalua.exe -a C:\PROGRA~1\NATIVE~1\TRAKTO~1\UNWISE.EXE -c C:\PROGRA~1\NATIVE~1\TRAKTO~1\INSTALL.LOG
Task: {2EE51AAC-1C7A-4623-B3DD-43DA6E86B749} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: {3FC1293B-9CD9-401C-B23C-4EF5FC50ACBE} - \At1 No Task File <==== ATTENTION
Task: {421BEC85-E0DF-4FBF-B675-8765F945453F} - System32\Tasks\RunAsStdUser Task => C:\Program Files\HBLite\bin\11.0.384.0\HBLiteSA.exe
Task: {4AF2B311-6ECE-4ADB-BFE4-D3277BE6DBAC} - System32\Tasks\User_Feed_Synchronization-{48B9A3EF-2377-4602-8741-8C7666F49F2A}
Task: {4F1C04D6-DE1C-4617-88CD-D9110DC4CAC5} - System32\Tasks\{17AD96F5-8B7A-4FBD-88FE-7934389B6E56} => pcalua.exe -a "C:\Program Files\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|12.0
Task: {5E057017-ABF5-4563-9CB7-FF968EA39BF7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {5FDE9F3B-0BC3-4044-8E9E-43954D71F0B9} - System32\Tasks\1214avUpdateInfo => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe [2014-10-26] ()
Task: {6FF9F2E1-8E54-4659-8D4B-8158571DA71B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7576785F-99EE-4871-999F-424F55AF23A9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1376256216-2798707952-3444916669-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {794AB9C2-7412-453F-9D1B-33180D6CA5A0} - System32\Tasks\{B2CB2963-A156-4BD6-B0B2-B8B77AE1AF3D} => pcalua.exe -a C:\Users\User\AppData\Local\Temp\InstallFlashPlayer.exe -d C:\Users\Bodo\Desktop
Task: {B90682DA-6BFF-40A9-BE1F-838E3C4F389E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1376256216-2798707952-3444916669-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: {C796D70F-5346-42D9-AA64-38A41E38BE96} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1376256216-2798707952-3444916669-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {C94CF07D-E6DC-4798-BE10-921EC2F86C05} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1376256216-2798707952-3444916669-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {DB6D7234-D630-4472-BA61-48AB289814F3} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: {DB8F8E4C-3E93-41EE-A8AE-91E45FE5A532} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1376256216-2798707952-3444916669-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {DC7C941B-4CDA-4E9E-87D0-1883150B66E7} - System32\Tasks\{26DEC309-1901-4C82-B080-AE0A1C6750C0} => pcalua.exe -a C:\PROGRA~1\UTORRE~1\UNWISE.EXE -c /U C:\PROGRA~1\UTORRE~1\INSTALL.LOG
Task: {E371D11E-6D6E-45CB-BD8B-65A53D03EA9A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1376256216-2798707952-3444916669-1000Core => C:\Users\Bodo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E5617A99-73F7-4BF8-A5D3-B6113F8793A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-19] (Google Inc.)
Task: {F3301A35-B6B7-464D-A4A5-168E386E704D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1376256216-2798707952-3444916669-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {F807B107-161D-4AC2-910D-F8B759B95E87} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {FB9E21D6-3809-46C4-91E9-6715E858DDFF} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {FC6105D6-66E5-4BDE-B73B-D351E76F1718} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-19] (Google Inc.)
Task: {FC9E5499-9F40-47A8-B50E-74C9DB3A10B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1376256216-2798707952-3444916669-1000UA => C:\Users\Bodo\AppData\Local\Google\Update\GoogleUpdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1214avUpdateInfo.job => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1376256216-2798707952-3444916669-1000Core.job => 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1376256216-2798707952-3444916669-1000UA.job => 0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-20 22:27 - 2015-07-20 22:58 - 01195920 ____N () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
2011-06-20 15:53 - 2007-03-15 18:41 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2011-06-20 15:53 - 2007-08-07 15:49 - 00065536 _____ () C:\Windows\System32\bcmwlrmt.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-07-20 22:59 - 2015-07-20 22:58 - 00168336 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
2015-07-20 22:59 - 2015-07-20 22:58 - 00528272 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\log4cplusU.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2015-07-20 22:58 - 2015-07-20 22:58 - 03174800 _____ () C:\Program Files\AVG Web TuneUp\vprot.exe
2015-07-20 22:58 - 2015-07-20 22:58 - 40638864 _____ () C:\Program Files\AVG Web TuneUp\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\$NtUninstallKB45371$:SummaryInformation
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\Users\User\Desktop\11359186_971292139567696_920373792_n.mp4:TOC.WMV
AlternateDataStreams: C:\Users\User\Desktop\11535722_10155696936220214_340800297_n.mp4:TOC.WMV
AlternateDataStreams: C:\Users\User\Desktop\360.mp4:TOC.WMV
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1376256216-2798707952-3444916669-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Google Update => "C:\Users\Bodo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Search Protection => "C:\Users\Bodo\AppData\Roaming\Search Protection\SP.EXE" /autostart
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{B4A08367-7EBF-4797-9A4E-E7B604D2E133}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{D9844183-12FB-4BE3-BC51-A97C0FA46900}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{0493C346-92B5-46CA-BEF4-4D8AB55A6C2F}] => (Allow) LPort=80
FirewallRules: [{6C8624B4-B901-4D14-9129-8350FAD97391}] => (Allow) LPort=80
FirewallRules: [{9AF18601-4F4F-4345-916A-B407846CD9DD}] => (Allow) LPort=80
FirewallRules: [{CA3A0912-6AA1-477A-AEFB-9D369119856E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B958B6C-54CD-42F1-94F5-B0C298588737}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{60216164-EFDC-47D5-8D90-1798C6E72B60}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [UDP Query User{F9B6863F-77BB-4B29-B393-485D8B74E0A3}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [TCP Query User{1EC4D12D-E01C-4590-BDC3-D96383193AFC}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{691208A2-EBEC-4929-95DB-6AFE473A4B12}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{E46C8888-368F-40F8-89D9-A293847B42B5}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [UDP Query User{CB4E37B1-CCD3-41D4-95B5-70AFD6567425}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [TCP Query User{AED1B251-D1D7-4585-AEB7-3EE5A6787C46}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{49A0AECD-3131-451B-88DA-1A8AA1CB0089}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{04F3D5BB-B0A8-4475-A151-E279229C6D14}] => (Allow) C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
FirewallRules: [{8563E5B7-AAF2-49F1-BA22-E80D8A032017}] => (Allow) C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
FirewallRules: [{770FB8AC-6078-4E2D-9609-EAE74304DAB2}] => (Allow) C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
FirewallRules: [{428C98FE-03D0-435F-A68B-C9BD8E2B097E}] => (Allow) C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
FirewallRules: [TCP Query User{5555618B-4675-4C4C-8B62-D042FFDB23D7}C:\program files\virgin broadband wireless\wireless manager.exe] => (Block) C:\program files\virgin broadband wireless\wireless manager.exe
FirewallRules: [UDP Query User{409984BD-2A82-432E-B00B-3052A91A6E74}C:\program files\virgin broadband wireless\wireless manager.exe] => (Block) C:\program files\virgin broadband wireless\wireless manager.exe
FirewallRules: [TCP Query User{9A65993E-2430-492A-8E08-7232F3A09878}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4BC25935-0E6F-49F6-A07D-4DE15C7E2591}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{00CFC7A0-FAFF-43DE-8A3A-41E9FC3BAE29}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{703F7155-61BE-4BE1-A8FC-C23F5BC36E21}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{1E25BAF1-40D9-4027-8995-606CB0F35116}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{8DF6E0D4-7A60-48E2-8E18-794B2F97B60D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BAEFB8FF-CBCA-4C8B-A2B7-A37C12D03872}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{76F2F62B-B3A7-4311-A9C0-B96330DE1EB1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [TCP Query User{E72560DB-E4A9-4E71-90FF-3B6A1D7A1F0A}C:\users\bodo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bodo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8486B799-4BF7-4E2B-81B1-B60D752D667F}C:\users\User\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bodo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{73ED7DE0-90F9-4A84-9AD6-DE2F328C4063}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{976D6866-50F3-463C-B0C3-CA8A474838E4}] => (Allow) LPort=2869
FirewallRules: [{BD8CDC86-ECBB-4835-A70F-5D23AEBE014E}] => (Allow) LPort=1900
FirewallRules: [{ED7CE4CD-8476-4F5D-9A21-0A20BE39AC6A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5B0D2699-9A13-4FD6-B09C-45EBB6B8C95E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{97DECFD4-FC1B-4629-9A45-F97E6115085F}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{C17B3F42-2434-42E5-9845-17870F974C02}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{18C8D231-C2CA-40F2-B5D9-ED221BBE2E82}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{65094587-0D18-4898-B375-06DFA2F40014}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{18F2EC9B-8B66-4BB8-A7B0-E8D9CB904C27}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
FirewallRules: [{7BFBE4B1-DDB0-443D-A775-C8E52F75B22F}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
StandardProfile\AuthorizedApplications: [C:\Users\Bodo\AppData\Roaming\zzbrenkzz.exe] => Enabled:qewrghhjptughirghr
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2015 02:32:27 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (07/21/2015 10:42:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2699
Error: (07/21/2015 10:42:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2699
Error: (07/21/2015 10:42:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/21/2015 10:42:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1076
Error: (07/21/2015 10:42:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1076
Error: (07/21/2015 10:42:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/21/2015 09:49:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -1216
Error: (07/21/2015 09:49:40 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database (1760) Catalog Database: Database recovery/restore failed with unexpected error -1216.
Error: (07/21/2015 09:49:40 PM) (Source: ESENT) (EventID: 494) (User: )
Description: Catalog Database (1760) Catalog Database: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.
System errors:
=============
Error: (07/25/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netbt
TfFsMon
TFSysMon
Error: (07/25/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: AVGIDSAgentAVGIDSDriver%%1450
Error: (07/25/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: AVGIDSDriver%%1450
Error: (07/25/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Nero Update
Error: (07/25/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: McAfee Real-time Scanner%%3
Error: (07/25/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (07/25/2015 09:15:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: TCP/IP NetBIOS Helpernetbt%%31
Error: (07/25/2015 09:07:53 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
Error: (07/24/2015 09:39:25 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.0.2 for the Network Card with network address 001D09495793 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
Error: (07/24/2015 03:42:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netbt
TfFsMon
TFSysMon
Microsoft Office:
=========================
Error: (07/22/2015 02:32:27 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (07/21/2015 10:42:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2699
Error: (07/21/2015 10:42:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2699
Error: (07/21/2015 10:42:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/21/2015 10:42:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1076
Error: (07/21/2015 10:42:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1076
Error: (07/21/2015 10:42:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/21/2015 09:49:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -1216
Error: (07/21/2015 09:49:40 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database1760Catalog Database: -1216
Error: (07/21/2015 09:49:40 PM) (Source: ESENT) (EventID: 494) (User: )
Description: Catalog Database1760Catalog Database: -1216C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
CodeIntegrity Errors:
===================================
Date: 2015-07-25 09:36:50.231
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:49.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:49.499
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:49.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:48.535
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:48.154
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:47.780
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:47.414
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:17.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-25 09:36:16.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core™2 Duo CPU T5550 @ 1.83GHz
Percentage of memory in use: 77%
Total physical RAM: 3061.31 MB
Available physical RAM: 680.71 MB
Total Virtual: 6356.61 MB
Available Virtual: 3698.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.09 GB) (Free:67.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 1FC92679)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of log ============================
Edited by J'siosis, 25 July 2015 - 04:34 AM.
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
