Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by TJRP7 at 2015-03-18 08:17:09 Run:1 Running from C:\Users\TJRP7\Downloads Loaded Profiles: TJRP7 (Available profiles: TJRP7) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X] S2 servervo; C:\Users\TJRP7\AppData\Roaming\VOPackage\VOsrv.exe [X] <==== ATTENTION HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=071514 serial=DR12WRX-0072592-PBC lang=EN HKLM-x32\...\Run: [mbot_pl_70] => [X] HKLM-x32\...\Run: [ConvertAd] => C:\Users\TJRP7\AppData\Local\ConvertAd\ConvertAd.exe Task: {206232C0-5B32-496B-81CB-05B5A264A6C8} - System32\Tasks\{06444CA6-D931-4178-839C-80035275566F} => C:\Users\TJRP7\Downloads\TrueCrypt Setup 7.1a(1).exe Task: {228A4EA5-DF9C-4B77-99EF-3D40FC28A62E} - System32\Tasks\Math Problem Solver CPU => C:\Users\TJRP7\AppData\Local\Math Problem Solver\cpu\Solve.exe [2013-07-10] () <==== ATTENTION Task: {68AB474D-BFB5-4459-BA30-0466FB39FA68} - System32\Tasks\{A8751DBA-579F-47CB-BFE6-4BB3E866FDB7} => C:\Users\TJRP7\Downloads\TrueCrypt Setup 7.1a(1).exe Task: {71FFD81B-22D3-4B95-909B-BD7C02F7F905} - System32\Tasks\Math Problem Solver Optimize => C:\Users\TJRP7\AppData\Local\Math Problem Solver\Optimize.exe [2014-01-20] () <==== ATTENTION Task: {7A0B5099-7C13-45C7-8E20-0F20F6FEEB17} - System32\Tasks\Math Problem Solver GPU => C:\Users\TJRP7\AppData\Local\Math Problem Solver\gpu\Solve.exe [2014-02-13] () <==== ATTENTION Task: {7FC09B79-367F-4ABF-A8D0-CE314887A522} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {8A66D101-3B1A-4E52-836C-DACDFB388025} - System32\Tasks\{399F6422-DFB6-4316-962D-04327FE1B6D6} => C:\Users\TJRP7\Downloads\TrueCrypt Setup 7.1a(1).exe Task: {8E26A562-A272-42D5-BAC6-AD6D48F874FE} - System32\Tasks\{D403F81A-B081-46F9-BCC9-36CCBF6C54B3} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe Task: {9BAF97DC-179A-41F0-8B5A-77FC0A84F3C6} - System32\Tasks\{36B14706-85BD-4728-A95F-58D5B5EEED18} => C:\Users\TJRP7\Downloads\TrueCrypt Setup 7.1a(1).exe Task: {AB61B3F9-5D22-4B7A-9E95-F987A2516DDB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {E1D674FE-7041-41E4-8733-94BA493BE13F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolus C:\Users\TJRP7\AppData\Local\nsh463D.tmp C:\Users\TJRP7\AppData\Local\nsyD448.tmp C:\Users\TJRP7\AppData\Local\Math Problem Solver C:\Users\TJRP7\AppData\Roaming\regsvr32.exe_log.txt C:\Users\TJRP7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++ C:\Users\TJRP7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop C:\Users\TJRP7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage CMD: type C:\Users\TJRP7\AppData\Roaming\Mozilla\Firefox\Profiles\zi42guif.default\user.js EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. AdobeARMservice => Service deleted successfully. servervo => Service deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CorelDRAW Graphics Suite 11b => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_pl_70 => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ConvertAd => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{206232C0-5B32-496B-81CB-05B5A264A6C8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{206232C0-5B32-496B-81CB-05B5A264A6C8}" => Key deleted successfully. C:\Windows\System32\Tasks\{06444CA6-D931-4178-839C-80035275566F} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06444CA6-D931-4178-839C-80035275566F}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{228A4EA5-DF9C-4B77-99EF-3D40FC28A62E} => Key not found. C:\Windows\System32\Tasks\Math Problem Solver CPU not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver CPU => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68AB474D-BFB5-4459-BA30-0466FB39FA68}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68AB474D-BFB5-4459-BA30-0466FB39FA68}" => Key deleted successfully. C:\Windows\System32\Tasks\{A8751DBA-579F-47CB-BFE6-4BB3E866FDB7} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8751DBA-579F-47CB-BFE6-4BB3E866FDB7}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71FFD81B-22D3-4B95-909B-BD7C02F7F905} => Key not found. C:\Windows\System32\Tasks\Math Problem Solver Optimize not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver Optimize => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A0B5099-7C13-45C7-8E20-0F20F6FEEB17} => Key not found. C:\Windows\System32\Tasks\Math Problem Solver GPU not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver GPU => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FC09B79-367F-4ABF-A8D0-CE314887A522}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FC09B79-367F-4ABF-A8D0-CE314887A522}" => Key deleted successfully. C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A66D101-3B1A-4E52-836C-DACDFB388025}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A66D101-3B1A-4E52-836C-DACDFB388025}" => Key deleted successfully. C:\Windows\System32\Tasks\{399F6422-DFB6-4316-962D-04327FE1B6D6} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{399F6422-DFB6-4316-962D-04327FE1B6D6}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E26A562-A272-42D5-BAC6-AD6D48F874FE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E26A562-A272-42D5-BAC6-AD6D48F874FE}" => Key deleted successfully. C:\Windows\System32\Tasks\{D403F81A-B081-46F9-BCC9-36CCBF6C54B3} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D403F81A-B081-46F9-BCC9-36CCBF6C54B3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BAF97DC-179A-41F0-8B5A-77FC0A84F3C6}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BAF97DC-179A-41F0-8B5A-77FC0A84F3C6}" => Key deleted successfully. C:\Windows\System32\Tasks\{36B14706-85BD-4728-A95F-58D5B5EEED18} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{36B14706-85BD-4728-A95F-58D5B5EEED18}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB61B3F9-5D22-4B7A-9E95-F987A2516DDB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB61B3F9-5D22-4B7A-9E95-F987A2516DDB}" => Key deleted successfully. C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1D674FE-7041-41E4-8733-94BA493BE13F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1D674FE-7041-41E4-8733-94BA493BE13F}" => Key deleted successfully. C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => Key deleted successfully. C:\Windows\Tasks\APSnotifierPP1.job => Moved successfully. C:\Windows\Tasks\APSnotifierPP2.job => Moved successfully. C:\Windows\Tasks\APSnotifierPP3.job => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolus => Moved successfully. C:\Users\TJRP7\AppData\Local\nsh463D.tmp => Moved successfully. C:\Users\TJRP7\AppData\Local\nsyD448.tmp => Moved successfully. "C:\Users\TJRP7\AppData\Local\Math Problem Solver" => File/Directory not found. C:\Users\TJRP7\AppData\Roaming\regsvr32.exe_log.txt => Moved successfully. C:\Users\TJRP7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++ => Moved successfully. C:\Users\TJRP7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop => Moved successfully. C:\Users\TJRP7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage => Moved successfully. ========= type C:\Users\TJRP7\AppData\Roaming\Mozilla\Firefox\Profiles\zi42guif.default\user.js ========= user_pref("extensions.autoDisableScopes", 0); user_pref("extensions.shownSelectionUI", true); ========= End of CMD: ========= EmptyTemp: => Removed 1.3 GB temporary data. The system needed a reboot. ==== End of Fixlog 08:18:20 ====