RunDll error prompt problem

M

mikehende

Active Member
Joined
Apr 5, 2005
Messages
956
Hey guys, my machine running win7 is showing an error message on startup:

There was a problem starting
C:\Users\mike\AppData\local\Conduit\BackgroundContainer\BackgroundContainer.dll
The specified module could not be found

Help please?
 
Actually Cindy, I think I just solved it, I never expected this pc to get any viruses since I only use it to play music and it never goes on the net so I thought it was something else but the malware scan showed many entries, all is well now, thanks.
 
There was a problem starting
C:\Users\mike\AppData\local\Conduit\BackgroundContainer\BackgroundContainer.dll
The specified module could not be found
Click to expand...
Sounds like a security program has removed Conduit, but has left one or more orphan entries behind.
 
As long as the internet is connected as you have found out, Malware can creep in and networks that are open are all suspect! You might want toi let Pete take a look at some logs Mike.
 
Yeah, I did not pay attention to that and also that something can creep in from other pc's on my network, no need to bother Pete, I did a total cleaning, all is fine now so far.
 
With malware it's never certain I think unless you reformat, I see no abnormal activity but I don't really use that pc much, only on a saturday to run music for a few hours, come to think of it why not be sure? I'll reach out to Pete to see if he can find anything, thanks.
 
Oh, sop sorry Pete, looks like I had posted in the pm by mistake last night instead of in this thread, please see blow:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-12-2014
Ran by mike (administrator) on MIKEPC on 03-12-2014 19:05:32
Running from C:\Users\mike\Desktop
Loaded Profile: mike (Available profiles: mike)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(2X Software Ltd.) C:\Program Files\2X\ApplicationServer\2XController.exe
(2X Software Ltd.) C:\Program Files\2X\ApplicationServer\2XRedundancy.exe
(2X Software Ltd.) C:\Program Files\2X\ApplicationServer\2XProxyGateway.exe
(2X Software Ltd.) C:\Program Files\2X\ApplicationServer\2XAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Copyright 2013 SAMSUNG) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncservice.exe
() C:\Program Files\NETGEAR\A6200\WifiService.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(2X Software Ltd.) C:\Program Files\2X\ApplicationServer\TuxMonitor.exe
(NETGEAR,Inc.) C:\Program Files\NETGEAR\A6200\A6200.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncclipboard.exe
(Ipswitch) C:\Program Files\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [GENIE] => C:\Program Files\NETGEAR\A6200\A6200.exe [348888 2013-02-18] (NETGEAR,Inc.)
HKLM\...\Run: [LanuchApp] => C:\Program Files\NETGEAR\A6200\LanuchApp.exe [15136 2012-07-11] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 0
HKU\S-1-5-21-855852175-3270004835-611297600-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-855852175-3270004835-611297600-1001\...\Run: [EPSONB8BAA5 (WorkForce 840)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGMA.EXE [201216 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-08-17] (Microsoft Corporation)
Startup: C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X Monitor.lnk
ShortcutTarget: 2X Monitor.lnk -> C:\Program Files\2X\ApplicationServer\TuxMonitor.exe (2X Software Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-855852175-3270004835-611297600-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-855852175-3270004835-611297600-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-855852175-3270004835-611297600-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-855852175-3270004835-611297600-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7EA3F9548398CE01
HKU\S-1-5-21-855852175-3270004835-611297600-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-855852175-3270004835-611297600-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - (No Name) - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - No File
SearchScopes: HKLM -> DefaultScope {4D367D41-2111-4C13-B8A9-8FA3CFE72D27} URL =
SearchScopes: HKU\S-1-5-21-855852175-3270004835-611297600-1001 -> DefaultScope {4D367D41-2111-4C13-B8A9-8FA3CFE72D27} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files\VIPRE\VSGN.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files\VIPRE\VSGN.dll No File
ShellExecuteHooks: UrlHook Class - {AFBDFF94-346C-4C3D-AC24-3DA0B41BB6CD} - C:\Program Files\2X\ApplicationServer\TUXUrlHandler.dll [96136 2014-05-26] (2X Software Ltd.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\gmdv69d4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKU\S-1-5-21-855852175-3270004835-611297600-1001: @citrixonline.com/appdetectorplugin -> C:\Users\mike\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-11-22]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path
CHR HKLM\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - No Path
CHR HKLM\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - No Path
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 2X Publishing Agent; C:\Program Files\2X\ApplicationServer\2XController.exe [3397512 2014-05-26] (2X Software Ltd.)
R2 2X Redundancy Service; C:\Program Files\2X\ApplicationServer\2XRedundancy.exe [2981768 2014-05-26] (2X Software Ltd.)
R2 2X SecureClientGateway; C:\Program Files\2X\ApplicationServer\2XProxyGateway.exe [1943944 2014-05-26] (2X Software Ltd.)
R2 2X Terminal Server Agent; C:\Program Files\2X\ApplicationServer\2XAgent.exe [1785736 2014-05-26] (2X Software Ltd.)
R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll [2407936 2013-08-21] (Microsoft Corporation) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [577376 2014-01-17] (Copyright 2013 SAMSUNG)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [371008 2014-04-01] (RealVNC Ltd)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2013-08-16] () [File not signed]
R2 WNDA6200; C:\Program Files\NETGEAR\A6200\WifiService.exe [29984 2012-09-24] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [2375472 2013-02-28] (Broadcom Corporation)
R1 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-26] (CACE Technologies, Inc.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [182680 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2014-04-01] (RealVNC Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 catchme; \??\C:\Users\mike\AppData\Local\Temp\catchme.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 19:05 - 2014-12-03 19:06 - 00012868 _____ () C:\Users\mike\Desktop\FRST.txt
2014-12-03 19:05 - 2014-12-03 19:05 - 00000000 ____D () C:\FRST
2014-12-03 19:03 - 2014-12-03 19:03 - 01110016 _____ (Farbar) C:\Users\mike\Desktop\FRST.exe
2014-12-02 12:34 - 2014-12-02 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh6_01009.Wdf
2014-12-02 12:33 - 2014-12-02 12:33 - 00001893 _____ () C:\Users\Public\Desktop\NETGEAR A6200 Genie.lnk
2014-12-02 12:33 - 2014-12-02 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6200 Genie
2014-12-02 12:32 - 2010-06-26 01:07 - 00035088 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2014-12-02 12:31 - 2014-12-02 12:31 - 00000000 ____D () C:\Program Files\NETGEAR
2014-12-02 12:31 - 2013-02-28 17:54 - 02375472 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWLHIGH6.SYS
2014-12-02 12:31 - 2013-02-28 17:53 - 00092464 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2014-12-02 12:31 - 2013-02-28 16:55 - 04263936 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll
2014-12-02 12:31 - 2013-02-28 16:55 - 03649536 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll
2014-12-02 12:30 - 2014-12-02 12:30 - 00000000 ____D () C:\ProgramData\NETGEAR
2014-12-01 18:08 - 2014-12-01 18:08 - 00000000 ____D () C:\Users\mike\Downloads\Autoruns
2014-12-01 18:07 - 2014-12-01 18:07 - 00511633 _____ () C:\Users\mike\Downloads\Autoruns(1).zip
2014-12-01 18:06 - 2014-12-01 18:06 - 00511633 _____ () C:\Users\mike\Downloads\Autoruns.zip
2014-12-01 18:01 - 2014-12-01 18:01 - 00002330 _____ () C:\Users\mike\Desktop\JRT.txt
2014-12-01 17:54 - 2014-12-01 17:56 - 00000000 ____D () C:\AdwCleaner
2014-12-01 17:53 - 2014-12-01 17:53 - 02154496 _____ () C:\Users\mike\Downloads\AdwCleaner.exe
2014-12-01 17:39 - 2014-12-01 17:39 - 00000000 ____D () C:\Users\mike\AppData\Roaming\SUPERAntiSpyware.com
2014-12-01 17:38 - 2014-12-01 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-01 16:33 - 2014-12-01 16:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-01 16:08 - 2014-12-01 16:08 - 00000000 ____D () C:\Users\mike\Documents\Splashtop Whiteboard
2014-12-01 16:08 - 2014-12-01 16:08 - 00000000 ____D () C:\Users\mike\Documents\Splashtop Presenter
2014-12-01 13:33 - 2014-12-01 14:25 - 00000000 ____D () C:\Users\mike\AppData\Roaming\AlbumPlayer
2014-12-01 13:33 - 2014-12-01 13:33 - 00000000 ____D () C:\Users\mike\AppData\Local\AlbumPlayer
2014-12-01 13:33 - 2014-12-01 13:33 - 00000000 ____D () C:\ProgramData\AlbumPlayer
2014-12-01 13:31 - 2014-12-01 13:31 - 00001001 _____ () C:\Users\mike\Desktop\AlbumPlayer.lnk
2014-12-01 13:31 - 2014-12-01 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlbumPlayer
2014-12-01 13:31 - 2014-12-01 13:31 - 00000000 ____D () C:\Program Files\AlbumPlayer
2014-12-01 13:30 - 2014-12-01 13:30 - 27904340 _____ (Albumon ) C:\Users\mike\Downloads\albumplayer_demo.exe
2014-12-01 09:54 - 2014-12-01 09:54 - 00000000 ____D () C:\Dell
2014-12-01 09:53 - 2014-12-01 09:53 - 00380096 _____ () C:\Users\mike\Downloads\DELL_S2240T-MONITOR_A00-00_DRVR_4P0GH.EXE
2014-12-01 09:52 - 2014-12-01 16:15 - 00000000 ____D () C:\Users\mike\AppData\Local\Deployment
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 ____D () C:\Users\mike\AppData\Local\Apps\2.0
2014-12-01 09:51 - 2014-12-01 09:51 - 00417064 _____ () C:\Users\mike\Downloads\DellSystemDetect.exe
2014-11-22 11:24 - 2014-11-22 11:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 19:03 - 2013-08-13 19:18 - 00781406 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-03 19:02 - 2013-08-13 22:09 - 01984969 _____ () C:\Windows\WindowsUpdate.log
2014-12-03 18:57 - 2013-08-19 08:49 - 00072583 _____ () C:\Windows\setupact.log
2014-12-03 18:57 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-03 17:27 - 2014-09-27 14:21 - 00000000 ____D () C:\Users\mike\AppData\Local\CrashDumps
2014-12-03 17:08 - 2013-08-13 19:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 12:42 - 2009-07-13 23:34 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 12:42 - 2009-07-13 23:34 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 12:31 - 2013-09-15 14:48 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-01 18:26 - 2013-08-19 10:44 - 00761394 _____ () C:\Windows\PFRO.log
2014-12-01 16:30 - 2014-05-21 16:02 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-12-01 16:14 - 2013-10-22 19:57 - 00000000 ____D () C:\Program Files\Citrix
2014-12-01 16:11 - 2013-09-15 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-12-01 16:11 - 2013-09-15 14:01 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-12-01 16:08 - 2014-05-22 12:15 - 00000000 ____D () C:\Program Files\Splashtop
2014-12-01 15:34 - 2014-01-31 16:49 - 00000000 ____D () C:\Users\mike\AppData\Roaming\Skype
2014-11-27 08:15 - 2013-08-13 19:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-26 12:08 - 2013-08-13 19:27 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 12:08 - 2013-08-13 19:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-24 14:04 - 2013-08-13 19:37 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-07 12:13 - 2013-08-14 08:56 - 00000000 ____D () C:\mike's docs

Some content of TEMP:
====================
C:\Users\mike\AppData\Local\temp\avgnt.exe
C:\Users\mike\AppData\Local\temp\i4jdel0.exe
C:\Users\mike\AppData\Local\temp\oi_{3818E67A-553D-4C2A-939B-2D818A12ACBA}.exe
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1389549848551.exe
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1389979349451.exe
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1411264141087.exe
C:\Users\mike\AppData\Local\temp\SetupUtil.exe
C:\Users\mike\AppData\Local\temp\SkypeSetup.exe
C:\Users\mike\AppData\Local\temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-26 11:18

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-12-2014
Ran by mike at 2014-12-03 19:06:31
Running from C:\Users\mike\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2X ApplicationServer XG (HKLM\...\{7482AA9A-F7C5-46BB-BDDB-A68511E0E247}) (Version: 11.1.2026 - 2X Software Ltd.)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AlbumPlayer V5.3e Demo Edition (HKLM\...\AlbumPlayer Demo Edition_is1) (Version: - Albumon)
AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPM Counter 1.6.0.0 (HKLM\...\BPM Counter_is1) (Version: 1.6.0.0 - AbyssMedia.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
CopyTrans Suite Remove Only (HKU\S-1-5-21-855852175-3270004835-611297600-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
EncSpot Basic 2.0 (HKLM\...\EncSpot Basic_is1) (Version: - GuerillaSoft)
Epson Easy Photo Print 2 (HKLM\...\{674E262F-72EA-41C1-AF16-9727311A4553}) (Version: 2.4.1.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WorkForce 840 Series Printer Uninstall (HKLM\...\EPSON WorkForce 840 Series) (Version: - SEIKO EPSON Corporation)
E-Touch Jukebox (HKLM\...\E-Touch Jukebox) (Version: - )
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
FastStone Image Viewer 4.8 (HKLM\...\FastStone Image Viewer) (Version: 4.8 - FastStone Soft)
Free YouTube Downloader 3.5.159 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
GoldWave v5.69 (HKLM\...\GoldWave v5.69) (Version: 5.69 - GoldWave Inc.)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Inzomia Viewer 3.11 (HKLM\...\Inzomia Viewer) (Version: 3.11 - Fredrik Lönn)
iPad/iPhone/iPod to Computer Transfer 7.8.7.0 (HKLM\...\Cucusoft iPad/iPhone/iPod to Computer Transfer_is1) (Version: - Cucusoft, Inc.)
Ipswitch WS_FTP 12 (HKLM\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
IsoBuster 3.3 (HKLM\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
iTunes (HKLM\...\{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}) (Version: 11.1.0.126 - Apple Inc.)
Java(TM) 6 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
K-Lite Codec Pack 9.3.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.6.8 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.8.7417 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-855852175-3270004835-611297600-1001\...\MyFreeCodec) (Version: - )
NETGEAR A6200 Genie (HKLM\...\{48E61F3E-61D4-42A3-9D29-D0CF40838779}) (Version: 26.0.0.0 - NETGEAR)
OpenOffice 4.0.0 (HKLM\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
OtsAV DJ 1.90.015 (HKLM\...\OtsAV DJ) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Samsung Link 1.8.0.1401171024 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1401171024 - Copyright 2013 SAMSUNG)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
VirtualDJ (HKLM\...\VirtualDJ) (Version: - )
VNC Server 5.1.1 (HKLM\...\{A8BF600C-049B-4F57-9C53-9E3001D2B1A0}) (Version: 5.1.1 - RealVNC Ltd)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

10-10-2014 18:07:35 Scheduled Checkpoint
13-10-2014 07:06:09 Windows Update
07-11-2014 14:13:58 Scheduled Checkpoint
24-11-2014 20:06:17 Scheduled Checkpoint
01-12-2014 10:36:44 Windows Update
01-12-2014 21:06:48 Removed Splashtop Streamer.
01-12-2014 21:11:16 Removed Samsung Story Album Viewer
01-12-2014 21:12:15 Removed Paragon HFS+ for Windows™ 10.2.
01-12-2014 21:15:41 Removed 2X ApplicationServer XG
01-12-2014 21:25:26 Removed LogMeIn
01-12-2014 21:29:33 Removed LogMeIn
02-12-2014 17:31:34 Installed NETGEAR Genie

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2013-08-26 18:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {345C5912-94E8-4C6A-B06B-90739CEE4A2F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {54FE7FF3-4A6A-413D-9764-1B414628BE68} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {5C282200-F772-4F39-BCD3-DC4ED4F2C80A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.h...MNMKJOMMMJNBJCMCJGJEJKJJNKJCMJNNICMJNDJCMKJBJ"
Task: {676F25A1-C13A-45EF-9E98-443F2B1944BF} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-16] ()
Task: {A06CCE9E-68E0-496A-857D-1B8FC6BDD8B6} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {BB644DAF-06F1-4040-A2C1-CB441B2306BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {CBF980FB-D869-4A42-BD87-1F1FF9715AE1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 20:17 - 2010-03-24 20:17 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-10-15 13:04 - 2010-09-28 14:56 - 06551672 _____ () C:\Program Files\Ipswitch\WS_FTP 12\res0409.dll
2013-09-15 16:11 - 2014-01-17 10:24 - 00012800 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniSys.dll
2013-09-15 16:12 - 2013-09-15 16:12 - 00541696 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-09-15 16:11 - 2014-01-17 10:24 - 00987648 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_proxy.dll
2013-09-15 16:11 - 2014-01-17 10:24 - 01025024 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_stub.dll
2013-12-21 11:15 - 2013-12-21 11:15 - 00038912 _____ () C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\JNIInterface.dll
2013-12-21 11:15 - 2013-12-21 11:15 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ASFAPI.dll
2013-12-21 11:17 - 2013-12-21 11:17 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB_Manager.dll
2013-10-01 09:46 - 2013-10-01 09:46 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-21 11:17 - 2013-12-21 11:17 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMS_Manager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2013-09-15 16:11 - 2014-01-17 10:24 - 00040448 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniIO.dll
2014-12-02 12:32 - 2012-09-24 17:28 - 00029984 _____ () C:\Program Files\NETGEAR\A6200\WifiService.exe
2014-12-02 12:32 - 2013-02-18 16:13 - 00106496 _____ () C:\Program Files\NETGEAR\A6200\GWlanController.dll
2014-12-02 12:32 - 2013-03-26 17:00 - 00018944 _____ () C:\Program Files\NETGEAR\A6200\GWPSController.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2014-11-22 11:24 - 2014-11-22 11:24 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-15 13:04 - 2010-09-28 14:53 - 00948496 _____ () C:\Program Files\Ipswitch\WS_FTP 12\LIBEAY32.dll
2013-10-15 13:04 - 2010-09-28 14:53 - 00153360 _____ () C:\Program Files\Ipswitch\WS_FTP 12\SSLEAY32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\mike\Downloads\dotNetFx45_Full_setup.exe:BDU
AlternateDataStreams: C:\Users\mike\Downloads\Install_CopyTrans_Suite.exe:BDU
AlternateDataStreams: C:\Users\mike\Downloads\install_virtualdj_home_v7.4.exe:BDU
AlternateDataStreams: C:\Users\mike\Downloads\iphone-ipad-ipod-transfer.exe:BDU
AlternateDataStreams: C:\Users\mike\Downloads\iTunesSetup.exe:BDU
AlternateDataStreams: C:\Users\mike\Downloads\iview436_setup.exe:BDU
AlternateDataStreams: C:\Users\mike\Downloads\mp3gain-win-1_2_5.exe:BDU
AlternateDataStreams: C:\Users\mike\Downloads\MPC-HC.1.6.8.x86.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DellSystemDetect => C:\Users\mike\AppData\Local\Apps\2.0\XN4M7702.HD2\3K7JA2OM.KZ4\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-855852175-3270004835-611297600-500 - Administrator - Disabled)
Guest (S-1-5-21-855852175-3270004835-611297600-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-855852175-3270004835-611297600-1002 - Limited - Enabled)
mike (S-1-5-21-855852175-3270004835-611297600-1001 - Administrator - Enabled) => C:\Users\mike

==================== Faulty Device Manager Devices =============

Name: Broadcom 802.11g Network Adapter
Description: Broadcom 802.11g Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2014 06:57:52 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/03/2014 05:24:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Config 8.exe, version: 8.0.0.5, time stamp: 0x5263c0eb
Faulting module name: AudioGenie3.dll, version: 2.0.4.0, time stamp: 0x4d78b3d1
Exception code: 0xc0000005
Fault offset: 0x0000ced7
Faulting process id: 0x12e8
Faulting application start time: 0xConfig 8.exe0
Faulting application path: Config 8.exe1
Faulting module path: Config 8.exe2
Report Id: Config 8.exe3

Error: (12/03/2014 03:45:00 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/03/2014 03:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Config 8.exe, version: 8.0.0.5, time stamp: 0x5263c0eb
Faulting module name: AudioGenie3.dll, version: 2.0.4.0, time stamp: 0x4d78b3d1
Exception code: 0xc0000005
Fault offset: 0x0000ced7
Faulting process id: 0x1448
Faulting application start time: 0xConfig 8.exe0
Faulting application path: Config 8.exe1
Faulting module path: Config 8.exe2
Report Id: Config 8.exe3

Error: (12/03/2014 03:00:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Config 8.exe, version: 8.0.0.5, time stamp: 0x5263c0eb
Faulting module name: AudioGenie3.dll, version: 2.0.4.0, time stamp: 0x4d78b3d1
Exception code: 0xc0000005
Fault offset: 0x0000ced7
Faulting process id: 0x7cc
Faulting application start time: 0xConfig 8.exe0
Faulting application path: Config 8.exe1
Faulting module path: Config 8.exe2
Report Id: Config 8.exe3

Error: (12/03/2014 02:31:31 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/02/2014 05:00:50 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/02/2014 00:15:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/01/2014 06:27:10 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.


System errors:
=============
Error: (12/03/2014 07:01:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BCM42RLY service failed to start due to the following error:
%%2

Error: (12/03/2014 06:58:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/03/2014 03:46:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/03/2014 02:32:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/02/2014 05:01:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/02/2014 05:01:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BCM42RLY service failed to start due to the following error:
%%2

Error: (12/02/2014 05:01:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BCM42RLY service failed to start due to the following error:
%%2

Error: (12/02/2014 00:34:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BCM42RLY service failed to start due to the following error:
%%2

Error: (12/02/2014 00:16:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/01/2014 06:28:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (12/03/2014 06:57:52 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (12/03/2014 05:24:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Config 8.exe8.0.0.55263c0ebAudioGenie3.dll2.0.4.04d78b3d1c00000050000ced712e801d00f4469b34292C:\Etouch8\E-Touch Jukebox 8\Config 8.exeC:\Etouch8\E-Touch Jukebox 8\AudioGenie3.dll245138c0-7b3b-11e4-a096-001d099c6cf2

Error: (12/03/2014 03:45:00 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (12/03/2014 03:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Config 8.exe8.0.0.55263c0ebAudioGenie3.dll2.0.4.04d78b3d1c00000050000ced7144801d00f342a9b75baC:\Etouch8\E-Touch Jukebox 8\Config 8.exeC:\Etouch8\E-Touch Jukebox 8\AudioGenie3.dll2e07c289-7b2b-11e4-9bcc-001d099c6cf2

Error: (12/03/2014 03:00:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Config 8.exe8.0.0.55263c0ebAudioGenie3.dll2.0.4.04d78b3d1c00000050000ced77cc01d00f2fec71b09eC:\Etouch8\E-Touch Jukebox 8\Config 8.exeC:\Etouch8\E-Touch Jukebox 8\AudioGenie3.dll0292d8e3-7b27-11e4-9bcc-001d099c6cf2

Error: (12/03/2014 02:31:31 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (12/02/2014 05:00:50 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (12/02/2014 00:15:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (12/01/2014 06:27:10 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000


CodeIntegrity Errors:
===================================
Date: 2013-09-28 09:34:34.253
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.245
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.231
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.227
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.223
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.203
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.198
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-28 09:34:34.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 86%
Total physical RAM: 1013.18 MB
Available physical RAM: 140.36 MB
Total Pagefile: 2037.18 MB
Available Pagefile: 1023.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.77 GB) (Free:34.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:10 GB) (Free:9.89 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:172.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 88000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=222.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1576D506)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
Hi Mike,

Nothing seriously amiss.... No malware showing in the reports.
A few things for you to think about and quite a few orphan entries we need to remove:

Rich said:
As long as the internet is connected as you have found out, Malware can creep in and networks that are open are all suspect!
Click to expand...
Did you read this about Ipswitch WS_FTP 12
A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The software is designed to connect to the Internet and adds a Windows Firewall exception in order to do so without being interfered with.
Click to expand...
Is this something that you want connecting to the internet when it decides to?
----------------------------
Drive c: () (Fixed) (Total:222.77 GB) (Free:34.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Click to expand...
Approx 15% - 16% left.... not a great deal. May cause system slowdowns.
---------------------------
Description: Windows license activation failed. Error 0x80070005.
Is this a problem?
There's a possible cause and fix here:
Windows Activation Error : Error Code 0x80070005
-----------------------
A few BitDefender entries in the report..... but no security software showing in the uninstall list??


Step 1
Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system

Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

0df4bc680758f78740215d6a95eed89e.png


The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.



Step 2
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 8 Update 25 and save it to your desktop.
  • Scroll down to where it says "Java SE 8 Update 25".
  • Click the "Download JRE " button.
  • Accept the license agreement.
  • select 'Windows x86'offline or 'Windows x64.exe' (depending on whether you are running a 32 or 64 bit system) from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on downloaded icon to install the newest version.
 

Attachments

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-12-2014
Ran by mike at 2014-12-04 17:20:45 Run:1
Running from C:\Users\mike\Desktop
Loaded Profile: mike (Available profiles: mike)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-855852175-3270004835-611297600-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKLM - (No Name) - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - No File
SearchScopes: HKLM -> DefaultScope {4D367D41-2111-4C13-B8A9-8FA3CFE72D27} URL =
SearchScopes: HKU\S-1-5-21-855852175-3270004835-611297600-1001 -> DefaultScope {4D367D41-2111-4C13-B8A9-8FA3CFE72D27} URL =
BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files\VIPRE\VSGN.dll No File
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files\VIPRE\VSGN.dll No File
FF Plugin: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path
CHR HKLM\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - No Path
CHR HKLM\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - No Path
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [Not Found]
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 catchme; \??\C:\Users\mike\AppData\Local\Temp\catchme.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
C:\Users\mike\AppData\Local\temp\avgnt.exe
C:\Users\mike\AppData\Local\temp\i4jdel0.exe
C:\Users\mike\AppData\Local\temp\oi_{3818E67A-553D-4C2A-939B-2D818A12ACBA}.exe
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1389549848551.exe
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1389979349451.exe
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1411264141087.exe
C:\Users\mike\AppData\Local\temp\SetupUtil.exe
C:\Users\mike\AppData\Local\temp\SkypeSetup.exe
C:\Users\mike\AppData\Local\temp\UNINSTALL.EXE
Task: {A06CCE9E-68E0-496A-857D-1B8FC6BDD8B6} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
CMD: ipconfig /flushdns
EmptyTemp:
*****************

"HKU\S-1-5-21-855852175-3270004835-611297600-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{eef3855c-fc2d-41e6-8d91-d368f51b3055} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\S-1-5-21-855852175-3270004835-611297600-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}" => Key deleted successfully.
"HKCR\CLSID\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} => value deleted successfully.
"HKCR\CLSID\{A924C17A-5E94-4E02-BED5-49720BA6F7FA}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\vipresg" => Key deleted successfully.
"HKCR\CLSID\{47BE2E5B-703B-444F-ABD3-05717D2191C6}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\samsung.com/SamsungLinkPCPlugin" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dflinnddekagfkncpgojoppgnppfkbkj" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof" => Key deleted successfully.
BCM42RLY => Service deleted successfully.
catchme => Service deleted successfully.
lmimirr => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\Users\mike\AppData\Local\temp\avgnt.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\i4jdel0.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\oi_{3818E67A-553D-4C2A-939B-2D818A12ACBA}.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1389549848551.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1389979349451.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\SamsungAPInstaller_1411264141087.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\SetupUtil.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\SkypeSetup.exe => Moved successfully.
C:\Users\mike\AppData\Local\temp\UNINSTALL.EXE => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A06CCE9E-68E0-496A-857D-1B8FC6BDD8B6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A06CCE9E-68E0-496A-857D-1B8FC6BDD8B6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => Key deleted successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => Removed 255.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
 
Alright, to address all issues Pete:

1] I uninstalled IPswitch, no need for that any longer, was only used when I was making constant website changes a while back from this pc.

2] Looking at my System screen I am not seeing any windows activation issues at all?

3] Since as mentioned this is only my music playback pc which is only used once per week, I never saw any need to have an AV software installed.

4] Now this I think I need to address:

Drive c: () (Fixed) (Total:222.77 GB) (Free:34.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Approx 15% - 16% left.... not a great deal. May cause system slowdowns.

I had always thought that only when you have under maybe 5% or so of HDD space left then it may cause slow downs, is there a documented % anywhere which can confirm the minimum free space?
 
Hi Mike,

Since as mentioned this is only my music playback pc which is only used once per week, I never saw any need to have an AV software installed.
Click to expand...
I understand.
I have one system just for my music that hardly ever goes online.... that has no AV either.
I just wondered about the Bitdefender entries.
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"
Click to expand...
Seems the uninstall didn't clear everything.
Might be best to run the BitDefender removal tool:
http://www.bitdefender.com/support/How-to-uninstall-Bitdefender-333.html
Just scroll down the page for the removal tool.

Looking at my System screen I am not seeing any windows activation issues at all?
Click to expand...
Ok, just something to watch for then.
There are a few recent entries in the Error Logs.

I had always thought that only when you have under maybe 5% or so of HDD space left then it may cause slow downs, is there a documented % anywhere which can confirm the minimum free space?
Click to expand...
I've always been taught that 12% - 18% should be the minimum for ordinary hard drives and about 20% for Solid State Drives.
There is a lot of debate on the internet about this, but the figures are there abouts.
 
Hey Pete, sorry for the late reply, I have now carried out all of your instructions, thank you very much! I see you're a music guy too? Maybe this Touchscreen jukebox setup might interest you?

View: https://www.youtube.com/watch?v=lpbo-SJagQ8


That is not mine, just one that's online but I have the same setup, if you should need any help with it, i'd be happy to help. Also this is the best dj/radio software on the planet, I have been using it for over 10 years: http://www.otsav.com/
You can use it to play live music or you can customize it to play back music for you any way you want, sort of like having your own private DJ or radio station and it's the most stable music software on the planet.
 
Back
Top