Jump to content

TexasAggie

Honorary Members
  • Posts

    187
  • Joined

  • Last visited

Everything posted by TexasAggie

  1. Update: I was able to get rid of quite a few PUP including trackid. Still having problems with MBAM Premium running the CPU at around 100%. Chrome is still crashing some.
  2. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015 Ran by owner at 2015-03-01 17:20:29 Running from C:\Users\owner\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov) 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.) Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated) Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcSoft MediaImpression Codec (HKLM-x32\...\{CED1DF63-8B30-43F2-B9D9-75CCB2D40D96}) (Version: 1.0.0.0 - ArcSoft) ArcSoft MediaImpression for Kodak (HKLM-x32\...\{9EDE7573-F2B0-4FAC-8928-A7E9381BCB91}) (Version: 2.0.24.761 - ArcSoft) Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.82 - WildTangent) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated) CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2230.0 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.2230.0 - CyberLink Corp.) Hidden CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.4203 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.) D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DefaultTab (HKLM-x32\...\DefaultTab) (Version: 1.2.8.0 - Search Results, LLC) <==== ATTENTION DefaultTab Chrome (HKLM-x32\...\DefaultTab Chrome) (Version: 1.1.14 - Search Results, LLC) <==== ATTENTION Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden DIRECTV GenieGO (HKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\InstallShield_{CF2D1F6F-BD25-493C-A257-9ADA0CBC4E1F}) (Version: 2.1.0.62 - DIRECTV, LLC) DIRECTV GenieGO (x32 Version: 2.1.0.62 - DIRECTV, LLC) Hidden Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden Dreamscapes 2 (HKLM-x32\...\Dreamscapes 2_is1) (Version: 1.0 - Media Contact LLC) DriverUpdate (HKLM-x32\...\{850A14FC-F410-47F7-94E4-38F4D3F270D4}) (Version: 2.2.30452 - SlimWare Utilities, Inc.) Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Express Scribe Uninstall (HKLM-x32\...\Scribe) (Version: - ) Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden FormulaCartoon (HKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\Kalydo App FormulaCartoon) (Version: 0.00.01.41 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9452 - HP Photo Creations Powered by RocketLife) HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP) HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard) HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Software Framework (HKLM-x32\...\{223E2363-6643-49CB-A062-59A9858EE8EE}) (Version: 3.5.17.1 - Hewlett-Packard Company) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) HP User Guides 0178 (HKLM-x32\...\{9A4317FB-5775-4FB3-BDC9-995595106F1F}) (Version: 1.02.0000 - Hewlett-Packard) HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard) HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 1.0.0 - Inbox.com, Inc.) InstallAssist (HKLM-x32\...\{5C565EA7-370B-4CEE-8385-3516DEE5A758}_is1) (Version: 1.0.0 - Shop To Win, LLC) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) IObit Toolbar v9.7 (HKLM-x32\...\{0194C594-CB88-42E9-B871-A574FAA47891}) (Version: 9.7 - Spigot, Inc.) <==== ATTENTION Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.) Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kalydo Player 4.10.01 (HKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\KalydoPlayer) (Version: 4.10.01 - Eximion B.V.) K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) KODAK Share Button App (HKLM-x32\...\{C3F0CF4C-0A8C-42F1-A585-2EF7886D6039}) (Version: 4.03.0000.0000 - Eastman Kodak Company) LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) Hidden Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation) Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office XP Small Business (HKLM-x32\...\{91130409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd) Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) Hidden Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue) Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden PicPick (HKLM-x32\...\PicPick) (Version: 3.3.3 - NTeWORKS) Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.85.423.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden ROBLOX Player for owner (HKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.) Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate) SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.7.0 - Synaptics Incorporated) TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden The Legend of Zelda (HKLM-x32\...\The Legend of Zelda_is1) (Version: - DotNes) Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Unity Web Player (HKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Wheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (HKLM\...\3D970B9F930E7AAE23C06D39A1AC98548C90B442) (Version: 01/29/2010 1.4.1.0 - Eastman Kodak) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) WinX Free MOV to MPEG Converter 4.1.9 (HKLM-x32\...\WinX Free MOV to MPEG Converter_is1) (Version: - Digiarty Software,Inc.) Wise Registry Cleaner 8.24 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.24 - WiseCleaner.com, Inc.) Xilisoft MOV Converter (HKLM-x32\...\Xilisoft MOV Converter) (Version: 5.1.37.0120 - Xilisoft) Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4193847945-727969652-2092403397-1000_Classes\CLSID\{F7D4B6AD-AB5F-4fe8-9469-3A4697E41129}\InprocServer32 -> C:\Users\owner\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoplayer64.dll (Eximion B.V.) ==================== Restore Points ========================= 12-02-2015 12:53:01 Windows Update 14-02-2015 12:27:25 Windows Update 18-02-2015 07:08:59 Windows Update 25-02-2015 03:00:19 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {07C7CAF7-4BAE-4C80-AF13-58ED1438BD12} - \PastaQuotes No Task File <==== ATTENTION Task: {2D06A0A5-0869-471E-99B7-DDCFD86F9644} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard) Task: {43D94CDF-06E5-4FA4-A72B-ADB991FEFE9F} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-08-31] () Task: {470C8218-EA1A-4018-8471-A2B66A8F5EEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {5063A61C-8228-40C8-A3E7-2E9D016D9B0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {65AF122F-3C0F-497E-83E0-7AFBFB1EA823} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard) Task: {6C723CDF-FAE8-466B-8093-D6D84700BB62} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-02-10] (Seagate Technology LLC) Task: {6E5BE3F0-B153-402A-8BC0-A468624C7434} - System32\Tasks\{10EF5062-FADE-4238-95E4-4EA61663B88F}-Kodak Share Button App Camera detect => C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe [2012-06-26] (Eastman Kodak Company) Task: {7A26F9D0-6733-45A5-82CB-AB1D8AC32D3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.) Task: {84D44A6A-7013-44D7-8418-60CE9E60E82A} - System32\Tasks\avastBCLRestartS-1-5-21-4193847945-727969652-2092403397-1000 => Chrome.exe Task: {A361E934-2665-431B-84D8-673A406538B0} - System32\Tasks\owner DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-02-10] (Seagate Technology LLC) Task: {A4FB419B-0767-441C-8E97-0BE7A2137822} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.) Task: {C39B8054-2089-49C7-B3D6-664D684A41B2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-15] (AVAST Software) Task: {CFBF92D2-4E87-43D9-BD8E-E041C7A140E7} - System32\Tasks\{87029842-1A87-434A-B86E-716CEB3B2D29} => pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2467173.exe" -d "C:\Program Files (x86)\IObit\Advanced SystemCare 5" -c /quiet /norestart Task: {D7B3AAAA-6731-428C-B5AC-00D28F63F3CB} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2013-06-22] (SlimWare Utilities, Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe ==================== Loaded Modules (whitelisted) ============== 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-24 11:42 - 2015-02-24 11:42 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15022401\algo.dll 2015-03-01 11:37 - 2015-03-01 11:37 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15030101\algo.dll 2015-01-15 17:51 - 2015-01-15 17:51 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-02-19 18:37 - 2015-02-17 16:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll 2015-02-19 18:37 - 2015-02-17 16:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll 2015-02-19 18:37 - 2015-02-17 16:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4193847945-727969652-2092403397-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: ACDaemon => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AERTFilters => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: HP Health Check Service => 2 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: HPWMISVC => 2 MSCONFIG\Services: RichVideo => 2 MSCONFIG\Services: RichVideo64 => 2 MSCONFIG\Services: Seagate Dashboard Services => 2 MSCONFIG\Services: Seagate MobileBackup Service => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Quick Launch => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KGShareApp => C:\Program Files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: PicPick Start => C:\Program Files (x86)\PicPick\picpick.exe /startup MSCONFIG\startupreg: PowerDVD14Agent => "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s MSCONFIG\startupreg: RtkOSD => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe MSCONFIG\startupreg: WirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ==================== Accounts: ============================= Administrator (S-1-5-21-4193847945-727969652-2092403397-500 - Administrator - Disabled) Guest (S-1-5-21-4193847945-727969652-2092403397-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4193847945-727969652-2092403397-1004 - Limited - Enabled) owner (S-1-5-21-4193847945-727969652-2092403397-1000 - Administrator - Enabled) => C:\Users\owner ==================== Faulty Device Manager Devices ============= Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/27/2015 01:38:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iTunes.exe, version: 12.1.0.71, time stamp: 0x54c76235 Faulting module name: objc.dll, version: 1.528.0.126, time stamp: 0x54940801 Exception code: 0xc0000005 Fault offset: 0x0000000000020d92 Faulting process id: 0x18a4 Faulting application start time: 0xiTunes.exe0 Faulting application path: iTunes.exe1 Faulting module path: iTunes.exe2 Report Id: iTunes.exe3 Error: (02/20/2015 02:00:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iTunes.exe, version: 12.1.0.71, time stamp: 0x54c76235 Faulting module name: objc.dll, version: 1.528.0.126, time stamp: 0x54940801 Exception code: 0xc0000005 Fault offset: 0x0000000000020d92 Faulting process id: 0x1274 Faulting application start time: 0xiTunes.exe0 Faulting application path: iTunes.exe1 Faulting module path: iTunes.exe2 Report Id: iTunes.exe3 Error: (02/20/2015 01:03:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iTunes.exe, version: 12.1.0.71, time stamp: 0x54c76235 Faulting module name: objc.dll, version: 1.528.0.126, time stamp: 0x54940801 Exception code: 0xc0000005 Fault offset: 0x0000000000020d92 Faulting process id: 0x176c Faulting application start time: 0xiTunes.exe0 Faulting application path: iTunes.exe1 Faulting module path: iTunes.exe2 Report Id: iTunes.exe3 Error: (02/06/2015 02:38:49 PM) (Source: Windows Search Service) (EventID: 3100) (User: ) Description: Unable to initialize the filter host process. Terminating. Details: This operation returned because the timeout period expired. (HRESULT : 0x800705b4) (0x800705b4) Error: (02/05/2015 00:11:13 AM) (Source: System Restore) (EventID: 8211) (User: ) Description: The scheduled restore point could not be created. Additional information: (0x81000101). Error: (02/05/2015 00:11:13 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x81000101). Error: (02/04/2015 07:12:17 AM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows cannot access the file for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Malwarebytes Anti-Malware because of this error. Program: Malwarebytes Anti-Malware File: The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0 Error: (02/04/2015 07:12:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.1.711, time stamp: 0x542b53ec Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000096 Fault offset: 0x0d280014 Faulting process id: 0x1598 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (01/22/2015 05:19:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f Faulting module name: RPCRT4.dll, version: 6.1.7601.18532, time stamp: 0x53c339ee Exception code: 0xc0020043 Fault offset: 0x000000000008a663 Faulting process id: 0x132c Faulting application start time: 0xwmpnetwk.exe0 Faulting application path: wmpnetwk.exe1 Faulting module path: wmpnetwk.exe2 Report Id: wmpnetwk.exe3 Error: (01/05/2015 08:05:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program chrome.exe version 39.0.2171.95 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1750 Start Time: 01d026ca4238ffdb Termination Time: 2118 Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Report Id: b459fe39-94e3-11e4-ac20-60eb695eba3e System errors: ============= Error: (03/01/2015 01:08:39 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.15. The computer with the IP address 192.168.1.11 did not allow the name to be claimed by this computer. Error: (02/28/2015 01:56:49 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY) Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is auth.ff.avast.com. The SSL connection request has failed. The attached data contains the server certificate. Error: (02/28/2015 01:56:49 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 43. The internal error state is 552. Error: (02/27/2015 00:45:13 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A8AE0CB5-9A40-47C8-BC75-6E154956188D} because another computer on the network has the same name. The server could not start. Error: (02/26/2015 09:11:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error: (02/25/2015 03:20:42 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (02/25/2015 03:20:27 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (02/25/2015 03:20:27 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (02/24/2015 00:43:53 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (02/24/2015 00:43:39 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Microsoft Office Sessions: ========================= Error: (02/27/2015 01:38:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iTunes.exe12.1.0.7154c76235objc.dll1.528.0.12654940801c00000050000000000020d9218a401d052c43a4498a5C:\Program Files\iTunes\iTunes.exeC:\Program Files\Common Files\Apple\Apple Application Support\objc.dll23fbc1cc-beb8-11e4-8bb0-60eb695eba3e Error: (02/20/2015 02:00:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iTunes.exe12.1.0.7154c76235objc.dll1.528.0.12654940801c00000050000000000020d92127401d04d4759b3f4e5C:\Program Files\iTunes\iTunes.exeC:\Program Files\Common Files\Apple\Apple Application Support\objc.dll2560e3c7-b93b-11e4-8a03-60eb695eba3e Error: (02/20/2015 01:03:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iTunes.exe12.1.0.7154c76235objc.dll1.528.0.12654940801c00000050000000000020d92176c01d04d3ed8cf04f9C:\Program Files\iTunes\iTunes.exeC:\Program Files\Common Files\Apple\Apple Application Support\objc.dll1e329ce3-b933-11e4-8a03-60eb695eba3e Error: (02/06/2015 02:38:49 PM) (Source: Windows Search Service) (EventID: 3100) (User: ) Description: Details: This operation returned because the timeout period expired. (HRESULT : 0x800705b4) (0x800705b4) Error: (02/05/2015 00:11:13 AM) (Source: System Restore) (EventID: 8211) (User: ) Description: 0x81000101 Error: (02/05/2015 00:11:13 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x81000101 Error: (02/04/2015 07:12:17 AM) (Source: Application Error) (EventID: 1005) (User: ) Description: Malwarebytes Anti-Malware000000000 Error: (02/04/2015 07:12:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.1.711542b53ecunknown0.0.0.000000000c00000960d280014159801d040319dd3322eC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeunknown70901788-ac6f-11e4-ae48-60eb695eba3e Error: (01/22/2015 05:19:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wmpnetwk.exe12.0.7601.175144ce7ae7fRPCRT4.dll6.1.7601.1853253c339eec0020043000000000008a663132c01d0312c65d5ed0eC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\RPCRT4.dll1de13626-a28d-11e4-a0d3-60eb695eba3e Error: (01/05/2015 08:05:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: chrome.exe39.0.2171.95175001d026ca4238ffdb2118C:\Program Files (x86)\Google\Chrome\Application\chrome.exeb459fe39-94e3-11e4-ac20-60eb695eba3e CodeIntegrity Errors: =================================== Date: 2014-12-22 11:15:50.398 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-22 11:15:50.070 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Celeron® CPU 900 @ 2.20GHz Percentage of memory in use: 57% Total physical RAM: 1978.93 MB Available physical RAM: 833.73 MB Total Pagefile: 5050.93 MB Available Pagefile: 3089 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:218.68 GB) (Free:43.25 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:13.91 GB) (Free:2.3 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 1B1068E4) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=218.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ==================== End Of Log ============================
  3. I've been her so often, I hate to ask, but I've come to the conclusion that although it might be minor it is something I can't figure out. I have MBAM Premium on my laptop, it seems to run hot, then crash and it's not finding anything. Task manager shows multiple instances of chrome. Chrome crashes constantly. If anyone could take a glance at this, I'd appreciate it. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015Ran by owner (administrator) on OWNER-PC on 01-03-2015 17:18:52Running from C:\Users\owner\DesktopLoaded Profiles: owner (Available profiles: owner)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Windows\System32\dllhost.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Eastman Kodak Company) C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\MountPoints2: {18fa4c25-2ae4-11e1-9ac7-60eb695eba3e} - G:\KODAK_Camera_Setup_App.exeHKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\MountPoints2: {319cc5ad-3c58-11e0-aa61-60eb695eba3e} - G:\MI.exeHKU\S-1-5-21-4193847945-727969652-2092403397-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [HKLM] => http=127.0.0.1:8800;https=127.0.0.1:8800ProxyServer: [HKLM-x32] => http=127.0.0.1:8800;https=127.0.0.1:8800AutoConfigURL: [s-1-5-21-4193847945-727969652-2092403397-1000] => http://localhost:9100/proxy.pacHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-4193847945-727969652-2092403397-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/SearchScopes: HKLM -> DefaultScope {926A2FCE-9CD5-4D5E-9A60-910A559011A8} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_clickconnect_14_27_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyD0E0B0AtA0E0FyCtA0DtN0D0Tzu0SzytCyCtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0C0D0BtBtDyBtAtGzzzyyE0EtGyDyE0EyDtG0BtCtByDtGtAzz0B0BzytD0B0AyDzztA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzzzzyBtDzztAzztGyBtCyDzytGyD0EyDzztGzzzy0CtBtGtCyDzztCyBzz0A0F0D0EyB0A2Q&cr=1107118037&ir=SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {698F5D9B-478F-4DE7-8EEB-DC1389AA09B1} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqlSearchScopes: HKLM -> {926A2FCE-9CD5-4D5E-9A60-910A559011A8} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_clickconnect_14_27_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyD0E0B0AtA0E0FyCtA0DtN0D0Tzu0SzytCyCtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyC0C0D0BtBtDyBtAtGzzzyyE0EtGyDyE0EyDtG0BtCtByDtGtAzz0B0BzytD0B0AyDzztA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzzzzyBtDzztAzztGyBtCyDzytGyD0EyDzztGzzzy0CtBtGtCyDzztCyBzz0A0F0D0EyB0A2Q&cr=1107118037&ir=SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=13765&tm=368&src=ds&p={searchTerms}SearchScopes: HKLM-x32 -> DefaultScope {926A2FCE-9CD5-4D5E-9A60-910A559011A8} URL = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBoxSearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {698F5D9B-478F-4DE7-8EEB-DC1389AA09B1} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqlSearchScopes: HKLM-x32 -> {926A2FCE-9CD5-4D5E-9A60-910A559011A8} URL = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBoxSearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=13765&tm=368&src=ds&p={searchTerms}SearchScopes: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> DefaultScope {926A2FCE-9CD5-4D5E-9A60-910A559011A8} URL = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> {698F5D9B-478F-4DE7-8EEB-DC1389AA09B1} URL = SearchScopes: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> {926A2FCE-9CD5-4D5E-9A60-910A559011A8} URL = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=13765&tm=368&src=ds&p={searchTerms}BHO: No Name -> {4F524A2D-5637-006A-76A7-7A786E7484D7} -> No FileBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No FileBHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)BHO-x32: No Name -> {4F524A2D-5637-006A-76A7-7A786E7484D7} -> No FileBHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)Toolbar: HKLM - No Name - {4F524A2D-5637-006A-76A7-7A786E7484D7} - No FileToolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)Toolbar: HKLM-x32 - No Name - {4F524A2D-5637-006A-76A7-7A786E7484D7} - No FileToolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FileToolbar: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> No Name - {4F524A2D-5637-006A-76A7-7A786E7484D7} - No FileToolbar: HKU\S-1-5-21-4193847945-727969652-2092403397-1000 -> No Name - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No FileDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: inbox - No CLSID ValueTcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-4193847945-727969652-2092403397-1000: @eximion.com/KalydoPlayer -> C:\Users\owner\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)FF Plugin HKU\S-1-5-21-4193847945-727969652-2092403397-1000: @nsroblox.roblox.com/launcher -> C:\Users\owner\AppData\Local\Roblox\Versions\version-c4060e4821af4163\\NPRobloxProxy.dll ( ROBLOX Corporation)FF Plugin HKU\S-1-5-21-4193847945-727969652-2092403397-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-16]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-12]FF HKU\S-1-5-21-4193847945-727969652-2092403397-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: =======CHR HomePage: Default -> hxxp://www.google.com/CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"CHR DefaultSearchKeyword: Default -> googleCHR DefaultSearchURL: Default -> https://www.google.de/search?q={searchTerms}?trackid=sp-006CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?client=chrome&q={searchTerms}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No FileCHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)CHR Plugin: (Java Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No FileCHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No FileCHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll ()CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No FileCHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No FileCHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No FileCHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Default Plug-in) - default_plugin No FileCHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-11]CHR Extension: (Avast SafePrice) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-11-10]CHR Extension: (Pin It Button) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-12-01]CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-06]CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path Or update_url valueCHR HKLM-x32\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - No Path Or update_url valueCHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-15]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-15] Opera: =======StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-15] (AVAST Software)R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-01-15] (AVAST Software)S4 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]S4 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-07-13] (Realtek Semiconductor)S4 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-02-10] (Seagate Technology LLC)S4 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-02-10] (Seagate Technology LLC)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-15] ()R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-01-15] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-15] (AVAST Software)R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2015-01-15] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-15] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-15] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-15] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-15] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-15] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-15] ()S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2011-11-12] (LeapFrog) [File not signed]R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-01] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-02-25] () ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 17:18 - 2015-03-01 17:19 - 00020926 _____ () C:\Users\owner\Desktop\FRST.txt2015-03-01 17:16 - 2015-03-01 17:16 - 02092544 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe2015-02-25 03:01 - 2015-01-08 17:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls2015-02-25 03:01 - 2015-01-08 17:43 - 00419936 _____ () C:\Windows\system32\locale.nls2015-02-20 13:17 - 2015-03-01 17:19 - 00000000 ____D () C:\FRST2015-02-13 20:27 - 2015-01-22 22:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-02-13 20:27 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-02-13 20:27 - 2015-01-22 21:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-02-13 20:27 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-02-11 06:59 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-02-11 06:59 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-02-11 06:59 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-02-11 06:59 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-02-11 06:59 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-02-11 06:59 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-02-11 06:59 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-02-11 06:59 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe2015-02-11 06:59 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-02-11 06:59 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-02-11 06:59 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-02-11 06:59 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-02-11 06:59 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-02-11 06:59 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-02-11 06:59 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-02-11 06:59 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-02-11 06:59 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-02-11 06:59 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-02-11 06:59 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-02-11 06:59 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-02-11 06:59 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-02-11 06:59 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-02-11 06:58 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-02-11 06:58 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-02-11 06:58 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-02-11 06:58 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-02-11 06:58 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-02-11 06:58 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-02-11 06:58 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-02-11 06:58 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-02-11 06:58 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-02-11 06:58 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-02-11 06:58 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-02-11 06:58 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-02-11 06:58 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-02-11 06:58 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-02-11 06:58 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-02-11 06:58 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-02-11 06:58 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-02-11 06:58 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-02-11 06:58 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-02-11 06:58 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-02-11 06:58 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-02-11 06:58 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-02-11 06:58 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-02-11 06:58 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-02-11 06:58 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-02-11 06:58 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-02-11 06:58 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-02-11 06:58 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-02-11 06:58 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-02-11 06:58 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-02-11 06:58 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-02-11 06:58 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-02-11 06:58 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-02-11 06:58 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-02-11 06:58 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-02-11 06:58 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-02-11 06:58 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-02-11 06:58 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-02-11 06:58 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-02-11 06:58 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-02-11 06:58 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-02-11 06:58 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-02-11 06:58 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-02-11 06:58 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-02-11 06:58 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-02-11 06:58 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-02-11 06:58 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-02-11 06:58 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-02-11 06:58 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-02-11 06:58 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-02-11 06:58 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-02-11 06:58 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-02-11 06:54 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-02-11 06:54 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-02-11 06:54 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-02-11 06:54 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-02-11 06:54 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-02-11 06:54 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-02-11 06:54 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-02-11 06:54 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-02-11 06:54 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-02-11 06:54 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-02-11 06:54 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-02-11 06:54 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-02-11 06:54 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-02-11 06:54 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-02-11 06:54 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-02-11 06:54 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-02-11 06:54 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-02-11 06:54 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2015-02-11 06:54 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2015-02-11 06:54 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2015-02-11 06:53 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-02-11 06:53 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2015-02-11 06:53 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2015-02-11 06:53 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll2015-02-11 06:53 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll2015-02-11 06:53 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2015-02-11 06:53 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2015-02-11 06:52 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-02-11 06:52 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-02-11 06:52 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-02-11 06:52 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-02-11 06:52 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-02-11 06:52 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-02-11 06:52 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-02-06 13:14 - 2015-02-06 13:14 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk2015-02-06 13:14 - 2015-02-06 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-02-06 13:12 - 2015-02-06 13:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-02-06 13:12 - 2015-02-06 13:14 - 00000000 ____D () C:\Program Files\iTunes2015-02-06 13:12 - 2015-02-06 13:12 - 00000000 ____D () C:\Program Files\iPod2015-02-06 13:12 - 2015-02-06 13:12 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-02-02 21:09 - 2015-02-02 21:10 - 00000000 ____D () C:\Windows\SysWOW64\15020201_stream2015-02-02 21:08 - 2015-02-02 21:09 - 00000000 ____D () C:\Windows\SysWOW64\15020200_stream ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 17:14 - 2012-08-31 09:46 - 00000324 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job2015-03-01 17:10 - 2011-05-10 22:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-03-01 16:55 - 2014-05-19 21:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-03-01 16:55 - 2010-12-29 18:45 - 01829244 _____ () C:\Windows\WindowsUpdate.log2015-03-01 16:51 - 2012-04-14 10:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-03-01 10:10 - 2011-05-10 22:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-28 20:48 - 2011-08-03 21:59 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EB383C1A-230F-4320-AAD4-09C0D680C429}2015-02-28 14:02 - 2009-07-13 22:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-28 14:02 - 2009-07-13 22:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-27 13:38 - 2011-05-04 22:38 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps2015-02-27 08:01 - 2014-11-05 19:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update2015-02-26 21:39 - 2014-11-05 16:48 - 00004730 _____ () C:\Windows\setupact.log2015-02-26 12:48 - 2013-12-15 19:33 - 00000418 _____ () C:\Windows\Tasks\DriverUpdate Startup.job2015-02-26 01:41 - 2009-07-13 23:13 - 00794882 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-25 03:24 - 2013-12-15 19:33 - 00002844 _____ () C:\Windows\System32\Tasks\DriverUpdate Startup2015-02-25 03:23 - 2013-12-15 19:33 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys2015-02-25 03:20 - 2014-11-05 16:47 - 00609532 _____ () C:\Windows\PFRO.log2015-02-25 03:20 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-02-19 18:37 - 2011-07-18 22:14 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-18 08:39 - 2012-06-28 22:49 - 00787496 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2015-02-14 17:20 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache2015-02-12 17:16 - 2015-01-10 20:44 - 00041472 ___SH () C:\Users\owner\Thumbs.db2015-02-12 15:01 - 2009-07-13 22:45 - 00446992 _____ () C:\Windows\system32\FNTCACHE.DAT2015-02-12 14:54 - 2014-12-10 03:35 - 00000000 ____D () C:\Windows\system32\appraiser2015-02-12 14:54 - 2014-04-29 14:59 - 00000000 ___SD () C:\Windows\system32\CompatTel2015-02-12 14:16 - 2014-06-17 23:19 - 00000000 ____D () C:\Windows\system32\MRT2015-02-12 13:08 - 2011-02-16 12:34 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-02-06 13:12 - 2012-02-02 11:14 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-02-05 10:05 - 2011-05-10 22:18 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-05 10:05 - 2011-05-10 22:18 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-04 22:50 - 2015-01-25 13:51 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2015-02-04 22:50 - 2012-04-14 10:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-02-04 22:50 - 2012-04-14 10:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-02-04 22:50 - 2011-06-20 14:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2014-02-13 22:31 - 2014-02-13 22:31 - 49940480 _____ () C:\Program Files (x86)\GUT4C46.tmp2014-10-30 19:04 - 2014-10-30 19:04 - 0000000 _____ () C:\Users\owner\AppData\Roaming\.googlewebacchosts2014-10-04 17:54 - 2014-10-04 22:35 - 0017602 _____ () C:\Users\owner\AppData\Roaming\AutoTagLog.log2014-07-12 19:08 - 2014-10-04 22:36 - 0015980 _____ () C:\Users\owner\AppData\Roaming\RegistrationLog.log2014-07-12 19:08 - 2014-07-12 19:17 - 0004556 _____ () C:\Users\owner\AppData\Roaming\ReplayConverterLog.log2014-10-04 17:49 - 2014-10-04 22:39 - 0057150 _____ () C:\Users\owner\AppData\Roaming\ReplayMusicLog.log2014-07-30 12:39 - 2014-07-30 12:39 - 0000043 _____ () C:\Users\owner\AppData\Roaming\WB.CFG2014-08-31 16:13 - 2014-08-31 16:13 - 0000036 _____ () C:\Users\owner\AppData\Local\housecall.guid.cache2013-11-14 13:55 - 2013-11-14 13:55 - 0004096 ____H () C:\Users\owner\AppData\Local\keyfile3.drm2011-04-20 07:58 - 2014-07-31 22:31 - 0007617 _____ () C:\Users\owner\AppData\Local\Resmon.ResmonCfg2011-02-16 09:59 - 2015-01-15 19:33 - 0000511 _____ () C:\ProgramData\HPWALog.txt2012-02-16 22:57 - 2012-02-16 23:13 - 0001279 _____ () C:\ProgramData\hpzinstall.log2010-12-29 18:56 - 2010-12-29 18:56 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log2010-03-30 21:25 - 2010-03-30 21:26 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log2010-12-29 18:56 - 2010-12-29 18:56 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log2010-03-30 21:20 - 2010-03-30 21:21 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log2010-12-29 18:55 - 2010-12-29 18:55 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log2010-12-29 18:56 - 2010-12-29 18:56 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log2010-03-30 21:19 - 2010-03-30 21:19 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log2010-03-30 21:21 - 2010-03-30 21:25 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log2010-12-29 18:56 - 2010-12-29 18:56 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log Some content of TEMP:====================C:\Users\owner\AppData\Local\Temp\CerberAntivirus.exeC:\Users\owner\AppData\Local\Temp\Cerber_tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 00:37 ==================== End Of Log ============================QuoteMultiQuote
  4. Got it!!! THANKS!! SO VERY MUCH!! PS If you're in the upper east in New England be safe. I love snow, but I don't think this is the kind of snow storm I would want either. Of course, if you are any other part of the US, help us pray for those in the path of this storm.
  5. GOOD NEWS!! After connecting to the internet via the wired adapter I was able to repair and update the driver for the WLAN. Now, the wireless connection is working!!! I think y'all might have just pulled off a miracle!! Now, please pray for a miracle for my dad that he might be able to use this again. Thank y'all soo soo soo much!! (thanks to Blackbird as well, he is a trooper!)
  6. *I promise "I'll" give you the right file this time. So, as I promised here are the files....PS I think I was awake this time when I ran these.... FRST.txt Addition.txt
  7. Here is the fixlog.txt. And I promise I give you the right file this time. Fixlog.txt
  8. Oh my, didn't even notice that!!! And I should have, sorry. I don't know how the heck I managed to do that....
  9. Okay, here they are.....thanks for being so patient. FRST.txt Addition.txt
  10. I'm on it. Sorry I was away from the site and didn't see your post. This is my father's computer and yes, it is sick, but my father has taken to being sick as well so today the computer wasn't number 1 on the list. Thanks so much for your help!!
  11. FARBAR Services Scan Farbar Service Scanner Version: 21-07-2014Ran by Boyd (administrator) on 16-01-2015 at 11:44:09Running from "C:\Users\Boyd\Desktop"Microsoft Windows 7 Home Premium Service Pack 1 (X64)Boot Mode: Normal**************************************************************** Internet Services:============ Connection Status:==============Localhost is accessible.LAN connected.Attempt to access Google IP returned error. Google IP is unreachableAttempt to access Google.com returned error: Other errorsAttempt to access Yahoo.com returned error: Other errors Windows Firewall:============= Firewall Disabled Policy: ================== System Restore:============ System Restore Disabled Policy: ======================== Action Center:============ Windows Update:============ Windows Autoupdate Disabled Policy: ============================ Windows Defender:============== Other Services:============== File Check:========C:\Windows\System32\nsisvc.dll => File is digitally signedC:\Windows\System32\drivers\nsiproxy.sys => File is digitally signedC:\Windows\System32\dhcpcore.dll => File is digitally signedC:\Windows\System32\drivers\afd.sys => File is digitally signedC:\Windows\System32\drivers\tdx.sys => File is digitally signedC:\Windows\System32\Drivers\tcpip.sys => File is digitally signedC:\Windows\System32\dnsrslvr.dll => File is digitally signedC:\Windows\System32\mpssvc.dll => File is digitally signedC:\Windows\System32\bfe.dll => File is digitally signedC:\Windows\System32\drivers\mpsdrv.sys => File is digitally signedC:\Windows\System32\SDRSVC.dll => File is digitally signedC:\Windows\System32\vssvc.exe => File is digitally signedC:\Windows\System32\wscsvc.dll => File is digitally signedC:\Windows\System32\wbem\WMIsvc.dll => File is digitally signedC:\Windows\System32\wuaueng.dll => File is digitally signedC:\Windows\System32\qmgr.dll => File is digitally signedC:\Windows\System32\es.dll => File is digitally signedC:\Windows\System32\cryptsvc.dll => File is digitally signedC:\Program Files\Windows Defender\MpSvc.dll => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signed **** End of log ****
  12. Miracle of all Miracles....it posted everything!! Here is the Addition.txt. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01Ran by Boyd at 2015-01-16 11:32:20Running from C:\Users\Boyd\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden6500_E709n (x32 Version: 140.0.000.000 - Hewlett-Packard) HiddenAcrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)Adobe Reader 9.5.2 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) HiddenBlackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) HiddenBlasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hiddenbpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) HiddenBPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) HiddenBPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) HiddenBufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) HiddenBuild-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) HiddenCake Mania (x32 Version: 2.2.0.82 - WildTangent) HiddenChuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) HiddenCisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.)CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1110 - CyberLink Corp.)CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) HiddenDeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) HiddenDiner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) HiddenDocMgr (x32 Version: 140.0.65.000 - Hewlett-Packard) HiddenDocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) HiddenDora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) HiddenDragon NaturallySpeaking 10 (HKLM-x32\...\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}) (Version: 10.10.0 - Nuance Communications Inc.)Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) HiddenESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) HiddenFATE (x32 Version: 2.2.0.82 - WildTangent) HiddenFax (x32 Version: 140.0.213.000 - Hewlett-Packard) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) HiddenGPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenHewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) HiddenHP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)HP User Guides 0178 (HKLM-x32\...\{9A4317FB-5775-4FB3-BDC9-995595106F1F}) (Version: 1.02.0000 - Hewlett-Packard)HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) HiddenHPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenIHA_MessageCenter (HKLM-x32\...\{834265C4-CDF4-44D3-BD24-31531617EFB8}) (Version: 1.8.70 - Verizon)Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) HiddenJewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) HiddenJunk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) HiddenLabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) HiddenLightScribe System Software (HKLM-x32\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)Mobile Broadband Generic Drivers (HKLM-x32\...\Mobile Broadband Generic Drivers) (Version: 2.03.09.005.14 - Novatel Wireless)Mobile Broadband Generic Drivers (x32 Version: 2.03.09.005.14 - Novatel Wireless) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)muvee Reveal (HKLM-x32\...\{DE626616-D7C4-4F00-7E0B-EAF26FA65749}) (Version: 7.0.43.12698 - muvee Technologies Pte Ltd)My Driver Updater v3.1 (HKLM-x32\...\My Driver Updater_is1) (Version: 3.1 - Softitube Ltd)Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) HiddenNetwork64 (Version: 140.0.215.000 - Hewlett-Packard) HiddenOCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)Penguins! (x32 Version: 2.2.0.82 - WildTangent) HiddenPlants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) HiddenPoker Superstars III (x32 Version: 2.2.0.82 - WildTangent) HiddenPolar Bowler (x32 Version: 2.2.0.82 - WildTangent) HiddenPolar Golfer (x32 Version: 2.2.0.82 - WildTangent) HiddenPower2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) HiddenPowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) HiddenProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) HiddenRealtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) HiddenRevo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) HiddenShop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) HiddenSolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) HiddenStatus (x32 Version: 140.0.256.000 - Hewlett-Packard) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) HiddenToolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) HiddenTrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) HiddenUpdate Installer for WildTangent Games App (x32 Version: - WildTangent) HiddenVerizon Wireless USB760 Firmware Updates (HKLM-x32\...\{629CCE02-041D-4577-892C-577861181771}) (Version: 1.0.0 - Smith Micro Software, Inc.)Virtual Families (x32 Version: 2.2.0.82 - WildTangent) HiddenVirtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) HiddenVisual C++ Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}) (Version: 10.00.800.228 - Nuance Communications Inc.)Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) HiddenWheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) HiddenWildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.2 - WildTangent)Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2015-01-15 22:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {26F6765E-F7FC-4304-9FDA-EFA6C7C0D67C} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] ()Task: {302D416F-A8AA-421E-98ED-F3A12E4D2B8B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-05] (AVAST Software)Task: {483C22B9-A58A-4451-B636-76BE2D08A4AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)Task: {55E244FC-E224-4D19-9CDF-B6210B92F6D6} - System32\Tasks\{CF10AF8B-2611-4E13-84D8-D71229268B19} => C:\Users\Boyd\Desktop\SpiderSolitaire.exeTask: {63FB9057-1496-48ED-AAD0-B849FEF2CDFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)Task: {67FB2EA8-84AB-4A6C-B7C8-5757584AD63D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)Task: {6AB44665-9B1E-4F38-ADCC-2EE0541CE76B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-12-15] (Hewlett-Packard)Task: {796CC964-88EA-4C3F-B046-A1CEAF9C2426} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)Task: {7C8D155E-16EC-4784-B4CB-0B4F9E1859B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-05] (Adobe Systems Incorporated)Task: {90819DBE-9F00-4C10-B651-9C1B7D5942FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)Task: {CAB67526-F5B8-44A7-8B74-84550C48FE3B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2015-01-12 16:52 - 2015-01-12 16:52 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011201\algo.dll2014-12-08 13:36 - 2014-02-10 11:04 - 00430080 _____ () C:\Windows\mod_frst.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3MSCONFIG\Services: AeLookupSvc => 3MSCONFIG\Services: ALG => 3MSCONFIG\Services: AppIDSvc => 3MSCONFIG\Services: AudioEndpointBuilder => 2MSCONFIG\Services: AudioSrv => 2MSCONFIG\Services: AxInstSV => 3MSCONFIG\Services: BDESVC => 3MSCONFIG\Services: BITS => 2MSCONFIG\Services: Browser => 3MSCONFIG\Services: CertPropSvc => 3MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2MSCONFIG\Services: COMSysApp => 3MSCONFIG\Services: CryptSvc => 2MSCONFIG\Services: defragsvc => 3MSCONFIG\Services: Dhcp => 2MSCONFIG\Services: Dnscache => 2MSCONFIG\Services: dot3svc => 3MSCONFIG\Services: DPS => 2MSCONFIG\Services: EapHost => 3MSCONFIG\Services: EFS => 3MSCONFIG\Services: ehRecvr => 3MSCONFIG\Services: ehSched => 3MSCONFIG\Services: eventlog => 2MSCONFIG\Services: EventSystem => 2MSCONFIG\Services: Fax => 3MSCONFIG\Services: fdPHost => 3MSCONFIG\Services: FDResPub => 2MSCONFIG\Services: FontCache => 2MSCONFIG\Services: FontCache3.0.0.0 => 3MSCONFIG\Services: GamesAppService => 3MSCONFIG\Services: gupdate => 2MSCONFIG\Services: gupdatem => 3MSCONFIG\Services: hidserv => 3MSCONFIG\Services: hkmsvc => 3MSCONFIG\Services: HomeGroupListener => 3MSCONFIG\Services: HomeGroupProvider => 3MSCONFIG\Services: HP Support Assistant Service => 2MSCONFIG\Services: HPDrvMntSvc.exe => 2MSCONFIG\Services: hpqcxs08 => 3MSCONFIG\Services: hpqddsvc => 2MSCONFIG\Services: hpqwmiex => 3MSCONFIG\Services: HPSLPSVC => 2MSCONFIG\Services: HPWMISVC => 2MSCONFIG\Services: idsvc => 3MSCONFIG\Services: IEEtwCollectorService => 3MSCONFIG\Services: IHA_MessageCenter => 2MSCONFIG\Services: IKEEXT => 2MSCONFIG\Services: IPBusEnum => 3MSCONFIG\Services: iphlpsvc => 2MSCONFIG\Services: KeyIso => 3MSCONFIG\Services: KtmRm => 3MSCONFIG\Services: LanmanServer => 2MSCONFIG\Services: LanmanWorkstation => 2MSCONFIG\Services: LightScribeService => 2MSCONFIG\Services: lltdsvc => 3MSCONFIG\Services: lmhosts => 2MSCONFIG\Services: MBAMScheduler => 2MSCONFIG\Services: MBAMService => 2MSCONFIG\Services: MDM => 2MSCONFIG\Services: MMCSS => 2MSCONFIG\Services: MpsSvc => 2MSCONFIG\Services: MSDTC => 3MSCONFIG\Services: MSiSCSI => 3MSCONFIG\Services: msiserver => 3MSCONFIG\Services: napagent => 3MSCONFIG\Services: Net Driver HPZ12 => 2MSCONFIG\Services: Netlogon => 3MSCONFIG\Services: Netman => 3MSCONFIG\Services: netprofm => 3MSCONFIG\Services: NlaSvc => 2MSCONFIG\Services: nsi => 2MSCONFIG\Services: ose => 3MSCONFIG\Services: p2pimsvc => 3MSCONFIG\Services: p2psvc => 3MSCONFIG\Services: PcaSvc => 2MSCONFIG\Services: PerfHost => 3MSCONFIG\Services: pla => 3MSCONFIG\Services: Pml Driver HPZ12 => 2MSCONFIG\Services: PNRPAutoReg => 3MSCONFIG\Services: PNRPsvc => 3MSCONFIG\Services: PolicyAgent => 3MSCONFIG\Services: Power => 2MSCONFIG\Services: ProtectedStorage => 3MSCONFIG\Services: QWAVE => 3MSCONFIG\Services: RasAuto => 3MSCONFIG\Services: RasMan => 3MSCONFIG\Services: RemoteRegistry => 3MSCONFIG\Services: RichVideo => 2MSCONFIG\Services: RpcLocator => 3MSCONFIG\Services: RtVOsdService => 2MSCONFIG\Services: SamSs => 2MSCONFIG\Services: SCardSvr => 3MSCONFIG\Services: SCPolicySvc => 3MSCONFIG\Services: SDRSVC => 3MSCONFIG\Services: seclogon => 3MSCONFIG\Services: SENS => 2MSCONFIG\Services: SensrSvc => 3MSCONFIG\Services: SessionEnv => 3MSCONFIG\Services: SharedAccess => 3MSCONFIG\Services: ShellHWDetection => 2MSCONFIG\Services: SNMPTRAP => 3MSCONFIG\Services: Spooler => 2MSCONFIG\Services: sppuinotify => 3MSCONFIG\Services: SSDPSRV => 3MSCONFIG\Services: SstpSvc => 3MSCONFIG\Services: stisvc => 2MSCONFIG\Services: swprv => 3MSCONFIG\Services: SysMain => 2MSCONFIG\Services: TabletInputService => 3MSCONFIG\Services: TapiSrv => 3MSCONFIG\Services: TBS => 3MSCONFIG\Services: TermService => 3MSCONFIG\Services: Themes => 2MSCONFIG\Services: THREADORDER => 3MSCONFIG\Services: TrkWks => 2MSCONFIG\Services: TrustedInstaller => 3MSCONFIG\Services: UI0Detect => 3MSCONFIG\Services: upnphost => 3MSCONFIG\Services: UxSms => 2MSCONFIG\Services: VaultSvc => 3MSCONFIG\Services: vds => 3MSCONFIG\Services: VSS => 3MSCONFIG\Services: W32Time => 3MSCONFIG\Services: WatAdminSvc => 3MSCONFIG\Services: wbengine => 3MSCONFIG\Services: WbioSrvc => 3MSCONFIG\Services: wcncsvc => 3MSCONFIG\Services: WcsPlugInService => 3MSCONFIG\Services: WdiServiceHost => 3MSCONFIG\Services: WdiSystemHost => 3MSCONFIG\Services: WebClient => 3MSCONFIG\Services: Wecsvc => 3MSCONFIG\Services: wercplsupport => 3MSCONFIG\Services: WerSvc => 3MSCONFIG\Services: WinDefend => 2MSCONFIG\Services: WinHttpAutoProxySvc => 3MSCONFIG\Services: Winmgmt => 2MSCONFIG\Services: WinRM => 3MSCONFIG\Services: Wlansvc => 2MSCONFIG\Services: wmiApSrv => 3MSCONFIG\Services: WMPNetworkSvc => 2MSCONFIG\Services: WPCSvc => 3MSCONFIG\Services: WPDBusEnum => 3MSCONFIG\Services: wscsvc => 2MSCONFIG\Services: WSearch => 2MSCONFIG\Services: wuauserv => 2MSCONFIG\Services: wudfsvc => 3MSCONFIG\Services: WwanSvc => 3MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exeMSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exeMSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exeMSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupMSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -startMSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exeMSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sMSCONFIG\startupreg: RtkOSD => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exeMSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exeMSCONFIG\startupreg: WirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ========================= Accounts: ========================== Administrator (S-1-5-21-2175057770-1179709591-2881846538-500 - Administrator - Disabled)Boyd (S-1-5-21-2175057770-1179709591-2881846538-1002 - Administrator - Enabled) => C:\Users\BoydGuest (S-1-5-21-2175057770-1179709591-2881846538-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-2175057770-1179709591-2881846538-1001 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: HP LaserJet P2015 SeriesDescription: HP LaserJet P2015 SeriesClass Guid: {4d36e971-e325-11ce-bfc1-08002be10318}Manufacturer: Hewlett-PackardService: Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart D110 seriesDescription: Photosmart D110 seriesClass Guid: {4d36e971-e325-11ce-bfc1-08002be10318}Manufacturer: HPService: Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (01/16/2015 11:32:24 AM) (Source: VSS) (EventID: 12292) (User: )Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.]. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 11:32:24 AM) (Source: VSS) (EventID: 13) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.] Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 03:00:12 AM) (Source: System Restore) (EventID: 8193) (User: )Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80042302). Error: (01/16/2015 03:00:12 AM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine GetProviderMgmtInterface. hr = 0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.. Error: (01/16/2015 03:00:12 AM) (Source: VSS) (EventID: 12292) (User: )Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.]. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (01/16/2015 03:00:12 AM) (Source: VSS) (EventID: 13) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.] Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (01/16/2015 00:00:45 AM) (Source: VSS) (EventID: 12292) (User: )Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.]. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 00:00:45 AM) (Source: VSS) (EventID: 13) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.] Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 00:00:44 AM) (Source: System Restore) (EventID: 8211) (User: )Description: The scheduled restore point could not be created. Additional information: (0x80042302). Error: (01/16/2015 00:00:44 AM) (Source: System Restore) (EventID: 8193) (User: )Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80042302). System errors:=============Error: (01/16/2015 03:01:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2676562). Error: (01/16/2015 03:00:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2872339). Error: (01/16/2015 03:00:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2871997). Error: (01/16/2015 03:00:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Update for Windows 7 for x64-based Systems (KB2882822). Error: (01/15/2015 10:36:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: %%1058 Error: (01/15/2015 10:36:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The PNRP Machine Name Publication Service service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%1058 Error: (01/15/2015 10:36:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%1058 Error: (01/15/2015 10:22:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/15/2015 10:21:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/15/2015 10:20:53 PM) (Source: Application Popup) (EventID: 1060) (User: )Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Microsoft Office Sessions:=========================Error: (01/16/2015 11:32:24 AM) (Source: VSS) (EventID: 12292) (User: )Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 11:32:24 AM) (Source: VSS) (EventID: 13) (User: )Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 03:00:12 AM) (Source: System Restore) (EventID: 8193) (User: )Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80042302 Error: (01/16/2015 03:00:12 AM) (Source: VSS) (EventID: 8193) (User: )Description: GetProviderMgmtInterface0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation. Error: (01/16/2015 03:00:12 AM) (Source: VSS) (EventID: 12292) (User: )Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (01/16/2015 03:00:12 AM) (Source: VSS) (EventID: 13) (User: )Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (01/16/2015 00:00:45 AM) (Source: VSS) (EventID: 12292) (User: )Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 00:00:45 AM) (Source: VSS) (EventID: 13) (User: )Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (01/16/2015 00:00:44 AM) (Source: System Restore) (EventID: 8211) (User: )Description: 0x80042302 Error: (01/16/2015 00:00:44 AM) (Source: System Restore) (EventID: 8193) (User: )Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80042302 CodeIntegrity Errors:=================================== Date: 2015-01-15 22:20:53.339 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-15 22:20:52.622 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Celeron® CPU 900 @ 2.20GHzPercentage of memory in use: 47%Total physical RAM: 1978.93 MBAvailable physical RAM: 1038.33 MBTotal Pagefile: 3957.86 MBAvailable Pagefile: 2873.66 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.86 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:218.67 GB) (Free:144.87 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (RECOVERY) (Fixed) (Total:13.92 GB) (Free:2.29 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32Drive g: () (Removable) (Total:3.74 GB) (Free:2.12 GB) FAT32 ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 232.9 GB) (Disk ID: 505C85E0)Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=218.7 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ========================================================Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================
  13. Here is the FRST.txt. Note: If it didn't all post I'll follow up with the rest in the next post. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01 Ran by Boyd (administrator) on BOYD-PC on 16-01-2015 11:31:09 Running from C:\Users\Boyd\Desktop Loaded Profiles: Boyd (Available profiles: Boyd) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [sSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.) HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe [259624 2007-04-16] (Nuance Communications, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2015-01-05] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2175057770-1179709591-2881846538-1002\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company) HKU\S-1-5-21-2175057770-1179709591-2881846538-1002\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard) HKU\S-1-5-21-2175057770-1179709591-2881846538-1002\...\Run: [My Driver Updater] => C:\Program Files (x86)\My Driver Updater\MDULauncher.exe [133432 2014-02-06] (Softitube Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2175057770-1179709591-2881846538-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyServer: [HKLM] => http=127.0.0.1:8877;https=127.0.0.1:8877 ProxyServer: [HKLM-x32] => http=127.0.0.1:8877;https=127.0.0.1:8877 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2175057770-1179709591-2881846538-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> {0C00C7CA-668A-4AE1-9D55-159E68DD3E7A} URL = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\16\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-02-04] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-05] FF HKU\S-1-5-21-2175057770-1179709591-2881846538-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-05] CHR Extension: (Google Docs) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-05] CHR Extension: (Google Drive) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-05] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-05] CHR Extension: (YouTube) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-05] CHR Extension: (Google Search) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05] CHR Extension: (Google Sheets) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-05] CHR Extension: (Avast Online Security) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-05] CHR Extension: (Google Wallet) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05] CHR Extension: (Gmail) - C:\Users\Boyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-05] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-05] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-05] (AVAST Software) S4 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed] S4 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon) S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed] S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed] S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] () S4 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-05] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-05] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-05] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-05] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-05] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-05] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-15] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [213376 2009-06-03] (Novatel Wireless Inc.) S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [213376 2009-06-03] (Novatel Wireless Inc.) S3 NWUSBPort2; C:\Windows\System32\DRIVERS\nwusbser2.sys [213376 2009-06-03] (Novatel Wireless Inc.) S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-16 11:31 - 2015-01-16 11:31 - 00013994 _____ () C:\Users\Boyd\Desktop\FRST.txt 2015-01-16 11:29 - 2015-01-16 11:29 - 02125312 _____ (Farbar) C:\Users\Boyd\Desktop\FRST64.exe 2015-01-15 22:45 - 2015-01-15 22:45 - 00022180 _____ () C:\ComboFix.txt 2015-01-15 22:04 - 2015-01-15 22:47 - 00000000 ____D () C:\ComboFix 2015-01-15 22:04 - 2015-01-15 22:45 - 00000000 ____D () C:\Qoobox 2015-01-15 22:04 - 2015-01-15 22:42 - 00000000 ____D () C:\Windows\erdnt 2015-01-15 22:04 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-01-15 22:04 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-01-15 22:04 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-01-15 22:04 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-01-15 22:04 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-01-15 22:04 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe 2015-01-15 22:04 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe 2015-01-15 22:04 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe 2015-01-15 21:58 - 2015-01-15 21:59 - 05609736 ____R (Swearware) C:\Users\Boyd\Desktop\ComboFix.exe 2015-01-15 13:52 - 2015-01-15 13:52 - 00000000 ____D () C:\Users\Boyd\Desktop\comintrep_2103 2015-01-15 13:49 - 2015-01-15 13:50 - 01378217 _____ () C:\Users\Boyd\Desktop\comintrep_2103.zip 2015-01-13 16:21 - 2015-01-13 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-01-13 16:18 - 2015-01-13 16:19 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Boyd\Desktop\mbar-1.08.2.1001.exe 2015-01-13 14:01 - 2015-01-13 16:44 - 00000000 ____D () C:\Users\Boyd\Desktop\mbar 2015-01-12 16:41 - 2015-01-12 16:41 - 260019360 _____ () C:\Users\Boyd\Desktop\backup.reg 2015-01-12 12:51 - 2015-01-12 12:51 - 00001242 _____ () C:\Users\Boyd\Desktop\Paint.lnk 2015-01-11 15:58 - 2015-01-11 16:01 - 00001253 _____ () C:\Users\Boyd\Desktop\Clear Clipboard.lnk 2015-01-10 19:39 - 2015-01-10 19:39 - 00000000 ____D () C:\Users\Boyd\AppData\Local\VS Revo Group 2015-01-10 19:38 - 2015-01-10 19:38 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2015-01-10 19:38 - 2015-01-10 19:38 - 00000000 ____D () C:\ProgramData\VS Revo Group 2015-01-10 19:38 - 2015-01-10 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2015-01-10 19:38 - 2015-01-10 19:38 - 00000000 ____D () C:\Program Files\VS Revo Group 2015-01-10 19:38 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2015-01-10 13:25 - 2015-01-10 13:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2015-01-10 13:12 - 2015-01-10 13:12 - 00000000 __SHD () C:\Users\Boyd\AppData\Local\EmieBrowserModeList 2015-01-09 12:57 - 2015-01-10 12:59 - 00000000 ____D () C:\AdwCleaner 2015-01-09 12:53 - 2015-01-09 12:53 - 00000000 _____ () C:\Users\Boyd\defogger_reenable 2015-01-09 12:40 - 2015-01-09 12:40 - 00050477 _____ () C:\Users\Boyd\Desktop\Defogger.exe 2015-01-08 17:47 - 2015-01-16 11:31 - 00000000 ____D () C:\FRST 2015-01-05 16:18 - 2015-01-16 11:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-05 16:18 - 2015-01-05 16:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-05 11:53 - 2015-01-05 11:53 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2015-01-05 11:53 - 2015-01-05 11:53 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2015-01-05 11:39 - 2015-01-05 11:39 - 00000000 ____D () C:\Users\Boyd\AppData\Roaming\AVAST Software 2015-01-05 11:31 - 2015-01-05 19:38 - 00000000 ____D () C:\Program Files\Google 2015-01-05 11:31 - 2015-01-05 11:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-01-05 11:31 - 2015-01-05 11:31 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-01-05 11:31 - 2015-01-05 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-01-05 11:30 - 2015-01-05 11:30 - 00002219 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-01-05 11:30 - 2015-01-05 11:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-05 11:27 - 2015-01-16 11:32 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-05 11:27 - 2015-01-16 11:32 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-05 11:27 - 2015-01-05 19:38 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-05 11:27 - 2015-01-05 11:31 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-01-05 11:27 - 2015-01-05 11:27 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-01-05 11:27 - 2015-01-05 11:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-01-05 11:27 - 2015-01-05 11:27 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-01-05 11:27 - 2015-01-05 11:27 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-01-05 11:21 - 2015-01-05 11:21 - 00000000 ____D () C:\Program Files\AVAST Software 2015-01-05 11:20 - 2015-01-05 11:21 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-01-05 11:20 - 2015-01-05 11:20 - 05006864 _____ (AVAST Software) C:\Users\Boyd\Downloads\avast_free_antivirus_setup_online.exe 2015-01-04 22:42 - 2015-01-15 22:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-04 22:35 - 2015-01-13 16:21 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-04 22:35 - 2015-01-10 13:25 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-04 22:35 - 2015-01-09 13:17 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-01-04 22:35 - 2015-01-09 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-01-04 22:35 - 2015-01-09 13:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-01-04 22:35 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-04 22:35 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-04 22:31 - 2015-01-04 22:34 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Boyd\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-04 18:49 - 2015-01-05 16:59 - 00001911 _____ () C:\Users\Boyd\Uninstall-VzInHomeAgentlog.log 2014-12-26 08:14 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-26 08:14 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-26 08:14 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-12-26 08:14 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-12-26 08:14 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-12-26 08:14 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-12-26 08:14 - 2014-07-08 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-12-26 08:14 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-12-26 08:14 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-12-26 08:14 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-12-26 08:14 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-12-26 08:14 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-12-26 08:14 - 2014-07-08 16:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-12-26 08:14 - 2014-07-08 16:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-12-26 04:20 - 2014-12-26 04:20 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-26 03:09 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-26 03:09 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-26 03:09 - 2014-07-06 20:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-26 03:09 - 2014-07-06 20:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-26 03:09 - 2014-07-06 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-26 03:09 - 2014-07-06 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-26 03:09 - 2014-07-06 19:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-12-26 03:09 - 2014-07-06 19:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-12-26 03:09 - 2014-07-06 19:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-12-26 03:09 - 2014-07-06 19:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-12-25 13:08 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-25 13:08 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-25 13:08 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-25 13:08 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-25 13:08 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-25 13:08 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-25 13:08 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-25 13:08 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-25 13:08 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-25 13:08 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-25 13:08 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-25 13:08 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-25 13:08 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-25 13:08 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-25 13:08 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-25 13:08 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-25 13:08 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-25 13:08 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-25 13:08 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-25 13:08 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-25 13:08 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-25 13:08 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-25 13:08 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-25 13:08 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-25 13:08 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-25 13:08 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-25 13:08 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-25 13:08 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-25 13:08 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-25 13:08 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-25 13:08 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-25 13:08 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-25 13:08 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-25 13:08 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-25 13:08 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-25 13:08 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-25 13:08 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-25 13:08 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-25 13:08 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-25 13:08 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-25 13:08 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-25 13:08 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-25 13:08 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-25 13:08 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-25 13:08 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-25 13:08 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-25 13:08 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-25 13:08 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-25 13:08 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-25 13:08 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-25 13:08 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-25 13:08 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-25 13:08 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-25 13:08 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-12-25 13:08 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-12-25 13:08 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-12-25 13:08 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-12-25 13:08 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-12-25 13:08 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-12-25 13:08 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-12-25 13:08 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-12-25 13:08 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-12-25 13:08 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-12-25 13:08 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-12-25 13:08 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-12-25 13:08 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-12-25 13:08 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-12-25 13:08 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-12-25 13:07 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-25 13:07 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-25 13:07 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-25 13:07 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-25 13:07 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-25 13:07 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-25 13:07 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-25 13:07 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-25 13:07 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-25 13:07 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-25 13:07 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-25 13:07 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-25 13:06 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-12-25 13:06 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-12-25 13:06 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-12-25 13:06 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2014-12-25 13:06 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-25 13:06 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-12-25 13:06 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-25 13:06 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-25 13:06 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-12-25 13:06 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-12-25 13:06 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-12-25 13:06 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-12-25 13:06 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-12-25 13:06 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-25 13:06 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-12-25 13:06 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-25 13:06 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-25 13:06 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-25 13:06 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-12-25 13:06 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-12-25 13:06 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-12-25 13:06 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-12-25 13:06 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-25 13:06 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-25 13:06 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-25 13:06 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-25 13:06 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-25 13:06 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-12-25 13:06 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-12-25 13:06 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-25 13:06 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-12-25 13:06 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-12-25 13:06 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-12-25 13:06 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-12-25 13:06 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-12-25 13:06 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-12-25 13:06 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-12-25 13:06 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-12-25 13:06 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-12-25 13:06 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-12-25 13:06 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-12-25 13:06 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-12-25 13:06 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-12-25 13:06 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-12-25 13:06 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-12-25 13:06 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-12-25 13:06 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-12-25 13:06 - 2014-07-16 20:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-12-25 13:06 - 2014-07-16 20:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-12-25 13:06 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-12-25 13:06 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-12-25 13:06 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-12-25 13:06 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-12-25 13:06 - 2014-07-16 19:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-12-25 13:06 - 2014-07-16 19:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-12-25 13:06 - 2014-07-16 19:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-12-25 13:06 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-12-25 13:06 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-12-25 13:05 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-12-25 13:05 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-12-25 13:05 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-12-25 13:05 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-12-25 13:05 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-12-25 13:05 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-12-25 13:05 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-12-25 13:05 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-12-25 13:05 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-12-25 13:05 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-12-25 13:05 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-12-25 12:41 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-12-25 12:41 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-12-25 12:39 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-12-25 12:39 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-12-25 12:39 - 2014-06-23 21:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-12-25 12:39 - 2014-06-23 20:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-12-25 12:39 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-12-25 12:38 - 2014-06-24 20:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-12-25 12:38 - 2014-06-24 19:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-12-25 12:35 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-12-25 12:35 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-12-25 12:35 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-12-25 12:34 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-16 11:31 - 2010-09-01 12:03 - 01464893 _____ () C:\Windows\WindowsUpdate.log 2015-01-15 22:45 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Default 2015-01-15 22:44 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-15 22:44 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-15 22:37 - 2009-07-13 20:34 - 00000215 _____ () C:\Windows\system.ini 2015-01-15 22:36 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-15 22:34 - 2010-09-01 12:46 - 00553352 _____ () C:\Windows\PFRO.log 2015-01-15 17:32 - 2011-01-29 16:21 - 00000000 ____D () C:\Users\Boyd\Tracing 2015-01-10 19:39 - 2009-07-13 23:13 - 00786578 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-10 17:27 - 2014-06-28 22:42 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-01-10 13:10 - 2009-07-13 21:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-01-10 12:58 - 2014-06-28 22:26 - 00001064 _____ () C:\Users\Boyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2015-01-09 18:09 - 2011-07-02 12:08 - 00000000 ____D () C:\Users\Boyd\Desktop\AGC pics 2011 (1) 2015-01-09 18:04 - 2011-02-07 09:37 - 00000000 ____D () C:\Windows\Sun 2015-01-09 12:53 - 2011-01-29 15:32 - 00000000 ____D () C:\Users\Boyd 2015-01-05 17:19 - 2014-06-28 22:42 - 00000000 ____D () C:\Users\Boyd\AppData\Local\Google 2015-01-05 16:59 - 2012-11-04 15:04 - 00000000 ____D () C:\Program Files (x86)\Verizon 2015-01-05 16:59 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-01-05 16:18 - 2012-08-18 12:35 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-05 16:18 - 2012-08-18 12:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-05 11:53 - 2011-02-03 11:42 - 00000000 ____D () C:\Users\Boyd\AppData\Local\Adobe 2015-01-05 11:53 - 2011-01-29 15:51 - 00000000 ____D () C:\Users\Boyd\AppData\Roaming\Adobe 2015-01-05 11:53 - 2010-03-30 20:58 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-01-05 08:09 - 2009-07-13 22:51 - 00118816 _____ () C:\Windows\setupact.log 2015-01-05 08:09 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SchCache 2015-01-05 00:01 - 2010-09-01 13:41 - 00000000 ____D () C:\ProgramData\Recovery 2015-01-04 23:48 - 2014-06-27 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon 2015-01-04 23:48 - 2011-12-25 13:21 - 00000000 ____D () C:\ProgramData\InstallShield 2015-01-04 23:48 - 2011-01-29 15:47 - 00000000 ____D () C:\Users\Boyd\AppData\Local\Hewlett-Packard 2015-01-04 23:48 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration 2015-01-04 23:38 - 2014-07-31 20:58 - 00000000 ____D () C:\Users\Boyd\AppData\Local\com 2015-01-04 23:37 - 2014-06-28 22:23 - 00000000 ____D () C:\Users\Boyd\AppData\Local\26379 2015-01-04 23:24 - 2011-02-07 09:46 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-01-04 23:22 - 2011-10-29 08:03 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2015-01-04 22:19 - 2009-07-13 23:08 - 00032544 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-01-04 22:13 - 2009-07-13 22:45 - 00430848 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-27 03:21 - 2009-07-13 22:51 - 00118648 _____ () C:\Windows\setupact(17).log 2014-12-26 06:05 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache 2014-12-26 04:20 - 2014-06-26 04:10 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-26 04:20 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-26 04:20 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-26 03:50 - 2011-04-07 20:53 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-12-26 03:31 - 2014-06-26 03:31 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-26 03:14 - 2011-07-12 09:41 - 00779192 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-14 00:16 ==================== End Of Log ============================
  14. Okay, ran into an error...after it finished the scan and went to reboot it showed an error message that said it was "unable to create a backup of the current registry file" It then asks if you want to continue restoration of the file, yes or no. When I choose yes it gives me another error message, "Error restoring C:\Windows\erdnt\subs\security to C:\Windows\System32\config\security ! Continue with the next file? [RegReplaceKey: 5 - Access is denied] Now, I chose to go through all the prompts of the failed restoration files so that it would reboot. I hope I didn't mess up. The logfile is attached. Combo Fix Log.txt
  15. Also, I'm going to go ahead and download combofix to removable media then transfer it to the other computer's desktop as I have no internet connection on the other computer. I'll then run it from there.
  16. Okay, great!! Blackbird is a real trooper!! I'll report back when once I'm done. Thank you sooo sooo much!!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.