Jump to content

CWB

Honorary Members
  • Posts

    2,386
  • Joined

  • Last visited

Everything posted by CWB

  1. VLC ... FTW . a great tool . additionally , for picture type files ... i use "irfanview" (main program and the "plug-ins") . it is loaded with features and renders/deals with color space , etc , much better than MS picture viewer or MSMP . the best source is through "majorgeeks": http://www.majorgeeks.com/files/details/irfanview.html http://www.majorgeeks.com/files/details/irfanview_plugins.html
  2. you might want to think about a different AV solution other than MSE .
  3. a little information to avoid confusion ... malwarebytes is not an "antivirus" , it is an "antimalware" program ... two different things . there is a policy at these forums against recommending/endorsing a particular "anti" program .
  4. those "let-us-do-everything" programs are not a good thing . if they were , the guys that make their living maintaining computer systems would sure have an easier life . instead , those programs make money for the people that "sell" them (either up front or through malware inclusions) and the guys that fix the comps that these programs happened to . "if it sounds to good to be true ... it usually is" .
  5. it depends on : terrain ground cover/foliage building/wall material between extender and target equipment distances involved signal output levels receiver sensitivities data rates one item that will help over all is the use of external antenna(s) . output levels on consumer extenders is limited to a maximum ... most decent units will be engineered to produce this level if/as required .
  6. "First it turned on itself as well. I charged the batteries and I couldn`t use my laptop on the train, because on the way there (4 hours) it slowly used its battery." as written , this is a bit confusing . please explain . a comp "turning itself on" is usually due to an internal timer being told to do so . ...or ... it could have been in or somehow put into one of these modes and is waking from the sleep/standby/hibernate mode by an action such as raising the display/lid . there are settings in windows that will put the comp into the sleep/hibernate/standby mode even though the comp has been told to shut down .
  7. odd ... as you mentioned it was 10 years old i believed it to have XP or vista in it (there is a factor/issue with IE in these cases) . however , there should be no issues with W7 in place ... there are other problems/issues that can cause not being able to install the higher versions of IE . if you want to , try a search at microsoft or using some google-foo (can't install IE [insert version here] on W7) . (not being able to install IE has no real bearing on the operation of the comp) and with all of the toolbars you mentioned , there is a fair chance that the machine is infected . (six of one , a half dozen of the other ... a crap shoot) if you have decided to bail on straightening out the machine due to age then further research (except for personal satisfaction) would be moot .
  8. that is correct about the IE stopping at "9" ... the *framework* is not there . just out of curiosity , what is the operating system (OS) ?
  9. just to let you know ... nothing wrong with pertinent verbosity ... it sure beats prying information out of people . (something that can be as difficult as putting lipstick on a rattlesnake) diagnosing/assessing a problem requires information . there are a couple of other fellows here that can help you out .
  10. all looks good ... there is a problem with the touch pad that returned ; spastic/sluggish in response . i do not believe it is due to an "infection" but either a driver or hardware problem ... outside issue to this thread . i'll head over to HP and see what i can find . are there any more items to perform ? if not , thanks for your help and time .
  11. things seem to be running ok ... much quicker in reponse the mouse and touchpad work smoothly no redirects i can dl and surf along with the remants of "trend" there are a couple of other programs/remnants that need to go away . and ... they do not show in the "uninstall programs" panel . using revo in the "hunter mode" does not work on the remaining pieces ... as long as they are not hurting anything , i may leave them . has there been a recent update to flash and adobe reader ? i just installed them a short time back . .......................................................................................................................... Results of screen317's Security Check version 0.99.87 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SUPERAntiSpyware CCleaner Adobe Flash Player 12.0.0.77 Flash Player out of Date! Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (31.0) Google Chrome 36.0.1985.143 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  12. helping out a friend ... a noble cause indeed (as others here ; been there many times) . as you may have discovered , the questions you (or your friend) were asked make for asking more questions ... the reason being that there is not a single "pat/universal answer" . at times it is hard to convey answers/ideas pertaining to "security" in a forum as there are several variables involved . specialization : there are others here that know much more than myself about the issues involved with "security" (et al) . sure , i know the basics (as it were) but my real *thing* is the electronic/internal workings/repair of computers (as well as other devices/machines) . the same goes for *others* out there in the real world ... you wouldn't ask a plumber to bake your daughter's wedding cake . asking the tech that asked the questions of your friend to elaborate further on the issue(s) would be step in the right direction . as he would be "right there" he has immediate feedback and can fine-tune his explanations . the tech can also "have a look" at what is the cause of your friend's concerns/issues and thus be better able to provide more concise answers that are specific to the system at hand . second opinions are always good ... there have been such issues raised in these forums and in some cases , the OP was helped/straightened out by those members proffering information . and as advancedsetup noted ... misinformation and half-truths only add to the problem(s) .
  13. ok on the additions log . as requested : mbscanlog2.txt
  14. my question is : why has the OP returned after all this time to ask a poignant question ? perhaps he has reason to ask about this situation ? he may not see a fire but he can smell smoke .
  15. that is a great idea ... it is always best to hear all sides of a story before making any judgment calls .
  16. yeah ... i have seen situations where the/a *customer* has been "primed" by a sales person so that they can be sold "something that will work" or a "solution" . sadly , this nefarious practice extends to areas other than computers ... and it has been going on for a very , very long time . to knowingly pass along bogus/false information is a fraudulent act of a person that is lacking in the "moral fortitude" department . to pass along bogus/false information born of ignorance (by the true definition of the word) nonetheless leaves a trail of victims in it's wake .
  17. you are correct about not being notified in all instances of SP2 after stuffing in SP1 . about a week back i did a full wipe/re-installation of vista(less) ... there was nothing alluding to the existence of SP2 .
  18. the OP's comments are a bit confusing ... however ... if i have this correct : the guy at "best buy" said that installing an anti-malware program other than the one that came with the machine will absolutely cause an infection (never mind the type) ? i suppose it could happen but only if one were to download/install a "bogus" or scam/slime/scumware version of some "anti" program that happened to be "loaded" with the specific malware program (or any other for that matter) . again , and this is if i understand things correctly ... it matters not who's program along the lines of "antimalware and/or antivirus that is installed . as long as the programs are decent , legitimate and up to date , there should be no problems . it is always a good policy to limit the number of AM and AV programs to one of each ... this will keep resource uses lower , minimize the possibilities of conflicts and help to keep things running smoothly .
  19. i believe that no "addition.txt" file was created this time around ... i looked around for it . the results : eset log.txt FRST.txt JRT.txt malwarebytes log.txt
  20. until someone else inputs on this thread ... i wonder if the ssd is going bad ? personally speaking , i would not use system mechanic .
  21. i used the avg remover tool . the requested log : Fixlog.txt
  22. this is a friend's machine , you wouldn't believe the crud that was installed in an attempt to clean things up . i have removed some of the junk/mal/scumware and conflicting/redundant "anti" programs . i could not dl FRST from this machine ... blocked/redirected . i have to dl on another machine and transfer the tool(s) over . thanks in advance . Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2014 Ran by Eunice (administrator) on EUNICE-PC on 22-08-2014 05:21:14 Running from C:\Users\Eunice\Desktop Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English (United States) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [soundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-21] (Analog Devices, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-21] (AVAST Software) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] => C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-2753105887-202964819-3472692132-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-11] (Adobe Systems Incorporated) HKU\S-1-5-21-2753105887-202964819-3472692132-1000\...\MountPoints2: {c2dc128f-091d-11e2-9271-001a6b7f90e4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Info.exe protect.ed 480 480 HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\smdmf\sysapcrt.dll ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope {34CF5EE1-1997-4B50-9290-72EBB10BECD6} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=u&ver=13531&tm=-15857&src=ds&p={searchTerms} SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={C9F3D6C4-4029-4329-82BA-6A5E88950B35}&mid=c1dce11b65d34dfd8b18c95e1d52f584-34a97be74bcdf454d0837f7d2fd283ffeea14af7〈=en&ds=ft013&coid=avgtbdisft&cmpid=&pr=sa&d=2014-02-18 15:17:40&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms} SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={C9F3D6C4-4029-4329-82BA-6A5E88950B35}&mid=c1dce11b65d34dfd8b18c95e1d52f584-34a97be74bcdf454d0837f7d2fd283ffeea14af7〈=en&ds=ft013&coid=avgtbdisft&cmpid=&pr=sa&d=2014-02-18 15:17:40&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=u&ver=13531&tm=-15857&src=ds&p={searchTerms} Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Tcpip\Parameters: [DhcpNameServer] 24.220.0.10 24.220.0.11 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Eunice\AppData\Roaming\Mozilla\Firefox\Profiles\d6l4v9hm.default FF Homepage: hxxp://search.conduit.com/?ctid=CT3291325&CUI=UN38063915896703205&UM=2&SearchSource=13 FF Keyword.URL: hxxp://trovi.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN18707353961068112&UM=&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF user.js: detected! => C:\Users\Eunice\AppData\Roaming\Mozilla\Firefox\Profiles\d6l4v9hm.default\user.js FF SearchPlugin: C:\Users\Eunice\AppData\Roaming\Mozilla\Firefox\Profiles\d6l4v9hm.default\searchplugins\conduit.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-09-28] FF HKLM\...\Firefox\Extensions: [lesstabs@lesstabs.com] - C:\Program Files\Mozilla Firefox\extensions\lesstabs@lesstabs.com FF HKCU\...\Firefox\Extensions: [{c74218e4-e1ee-470d-9d3f-b40d6defe033}] - C:\Program Files\LyricSing\133.xpi Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Eunice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-16] CHR Extension: (Google Drive) - C:\Users\Eunice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-16] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Eunice\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-14] CHR Extension: (YouTube) - C:\Users\Eunice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-16] CHR Extension: (Google Search) - C:\Users\Eunice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-16] CHR Extension: (Google Wallet) - C:\Users\Eunice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14] CHR Extension: (Gmail) - C:\Users\Eunice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-16] CHR HKLM\...\Chrome\Extension: [npffmjkglbnioaoncpfmdbmehnbcldfh] - C:\Program Files\LyricSing\133.crx [2013-08-16] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-21] (AVAST Software) S4 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company) S4 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-21] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-21] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-21] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-21] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-21] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-21] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-21] () S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [62216 2013-06-01] (FTDI Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation) R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [47616 2006-12-19] (RICOH Company, Ltd.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-08-19] () S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] U2 TMAgent; ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-22 05:21 - 2014-08-22 05:21 - 00012614 _____ () C:\Users\Eunice\Desktop\FRST.txt 2014-08-22 05:21 - 2014-08-22 05:21 - 00000000 ____D () C:\FRST 2014-08-22 05:18 - 2014-08-22 04:51 - 01094144 _____ (Farbar) C:\Users\Eunice\Desktop\FRST.exe 2014-08-22 05:01 - 2013-07-10 05:57 - 00204312 _____ (Trend Micro Inc.) C:\Windows\TmNSCIns.dll 2014-08-22 05:01 - 2012-05-02 14:27 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll 2014-08-22 03:34 - 2014-08-22 03:34 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\AVAST Software 2014-08-21 21:36 - 2014-08-22 04:55 - 00000795 _____ () C:\Windows\setupact.log 2014-08-21 21:36 - 2014-08-21 21:36 - 00001873 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-08-21 21:36 - 2014-08-21 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-08-21 21:36 - 2014-08-21 21:36 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-21 21:34 - 2014-08-21 21:35 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-08-21 21:34 - 2014-08-21 21:34 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-08-21 21:34 - 2014-08-21 21:34 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-08-21 21:32 - 2014-08-21 21:32 - 00000000 ____D () C:\Program Files\AVAST Software 2014-08-21 21:29 - 2014-08-21 21:32 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-08-21 21:26 - 2014-08-21 21:26 - 04862664 _____ (AVAST Software) C:\Users\Guest\Desktop\avast_free_antivirus_setup_online.exe 2014-08-21 21:16 - 2014-08-22 05:04 - 00752112 _____ () C:\Windows\PFRO.log 2014-08-21 21:16 - 2014-08-21 21:16 - 00049952 _____ () C:\Users\Eunice\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-21 21:13 - 2014-08-21 21:13 - 00001060 _____ () C:\Users\Guest\Desktop\stuff.txt 2014-08-21 20:46 - 2014-08-22 05:05 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-21 20:45 - 2014-08-21 20:45 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-21 20:45 - 2014-08-21 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-08-21 20:45 - 2014-08-21 20:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-08-21 20:45 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-21 20:45 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-21 20:45 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-21 20:44 - 2014-08-21 20:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Guest\Desktop\mbam-setup-2.0.2.1012.exe 2014-08-21 20:44 - 2014-08-21 20:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Macromedia 2014-08-21 19:57 - 2014-08-21 21:16 - 00000000 ____D () C:\SUPERDelete 2014-08-21 19:56 - 2014-08-22 03:56 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task af44188d-5eba-439b-9568-77d11f6274c9.job 2014-08-21 19:56 - 2014-08-21 21:16 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95252d12-7698-4ea2-a304-6bf92bf3dd30.job 2014-08-21 19:56 - 2014-08-21 19:56 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\SUPERAntiSpyware.com 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2014-08-21 19:55 - 2014-08-21 21:18 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2014-08-21 19:55 - 2014-08-21 19:55 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-08-21 19:38 - 2014-08-21 19:38 - 00001057 _____ () C:\Users\Eunice\Desktop\Revo Uninstaller.lnk 2014-08-21 19:38 - 2014-08-21 19:38 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-08-21 19:34 - 2014-08-21 19:36 - 00000000 ____D () C:\CCREGBACKUPS 2014-08-21 19:27 - 2014-08-21 19:27 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-21 19:25 - 2014-08-21 19:25 - 18840560 _____ (SUPERAntiSpyware) C:\Users\Guest\Desktop\SUPERAntiSpyware.exe 2014-08-21 19:24 - 2014-08-21 19:24 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla 2014-08-21 19:24 - 2014-08-21 19:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla 2014-08-21 19:23 - 2014-08-21 19:23 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-21 19:23 - 2014-08-21 19:23 - 00000846 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-08-21 19:23 - 2014-08-21 19:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-08-19 16:32 - 2014-08-19 16:32 - 00230896 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-19 14:32 - 2014-08-19 15:01 - 00000000 ____D () C:\ProgramData\Max Secure 2014-08-19 14:09 - 2014-08-19 14:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\GetRightToGo 2014-08-19 14:09 - 2014-08-19 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Max Secure Software 2014-08-19 14:08 - 2014-08-19 14:08 - 00361666 _____ (RegNow.com) C:\Users\Guest\Downloads\Download_MaxSDDMnew.exe 2014-08-16 12:23 - 2014-08-16 12:25 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\dvdcss 2014-08-16 12:19 - 2014-08-19 16:15 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc 2014-08-16 12:17 - 2014-08-16 12:17 - 00000859 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-08-16 12:17 - 2014-08-16 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-08-16 12:15 - 2014-08-16 12:15 - 00000000 ____D () C:\Program Files\VideoLAN 2014-08-16 12:10 - 2014-08-16 12:11 - 79580504 _____ () C:\Users\Guest\Downloads\vlcmediaplayer-setup.exe 2014-08-16 12:00 - 2014-08-16 12:00 - 00004608 _____ () C:\Users\Guest\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-08-15 20:52 - 2014-08-16 05:44 - 00000000 ____D () C:\ProgramData\TEMP 2014-08-15 20:52 - 2014-08-15 20:52 - 00000000 ____D () C:\Users\Guest\Documents\All Media Converter Output 2014-08-15 20:52 - 2014-08-15 20:52 - 00000000 ____D () C:\ProgramData\Licenses 2014-08-15 20:39 - 2014-08-15 20:40 - 02015552 _____ (DriverBoost) C:\Users\Guest\Downloads\DriverBoostPro_Setup.exe 2014-08-15 06:42 - 2014-08-15 06:42 - 00096684 _____ () C:\ProgramData\1408102743.bdinstall.bin 2014-08-15 06:39 - 2014-08-15 06:39 - 00037408 _____ () C:\ProgramData\1408102737.bdinstall.bin 2014-08-15 06:15 - 2014-08-15 06:15 - 00251230 _____ () C:\ProgramData\1408099991.bdinstall.bin 2014-08-15 06:05 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys 2014-08-14 20:03 - 2014-08-14 20:03 - 00000000 ____D () C:\Users\Guest\AppData\Local\TuneUp Software 2014-08-14 19:52 - 2014-08-14 19:52 - 00000000 ____D () C:\Users\Eunice\AppData\Local\TuneUp Software 2014-08-14 19:43 - 2014-08-14 20:04 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-08-14 19:43 - 2014-08-14 19:53 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-08-14 19:42 - 2014-08-14 19:43 - 28369720 _____ (TuneUp Software) C:\Users\Guest\Downloads\TuneUpUtilities2014_en-US.exe 2014-08-14 16:41 - 2014-08-14 16:41 - 00000000 ____D () C:\Users\Guest\AppData\Local\Eastman Kodak Company 2014-08-14 15:18 - 2014-06-26 17:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-14 15:18 - 2014-06-26 17:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-14 15:18 - 2014-06-26 17:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-14 15:17 - 2014-06-05 23:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 15:16 - 2014-08-14 15:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Guest\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-13 20:47 - 2014-08-13 20:47 - 00000000 ____D () C:\ProgramData\WindowsSearch 2014-08-13 20:39 - 2014-08-13 20:51 - 00002053 _____ () C:\ProgramData\1407980316.7952.bin 2014-08-13 20:39 - 2014-08-13 20:51 - 00000189 _____ () C:\ProgramData\1407980316.5184.bin 2014-08-13 20:38 - 2014-08-13 20:39 - 00040562 _____ () C:\ProgramData\1407980316.7932.bin 2014-08-13 20:38 - 2014-08-13 20:38 - 00000000 ____D () C:\ProgramData\smdmf 2014-08-13 20:02 - 2014-08-13 20:03 - 00000339 _____ () C:\ProgramData\1407978116.6700.bin 2014-08-13 20:02 - 2014-08-13 20:02 - 00002052 _____ () C:\ProgramData\1407978116.928.bin 2014-08-13 20:01 - 2014-08-15 06:00 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\QuickScan 2014-08-13 20:01 - 2014-08-13 20:09 - 00040393 _____ () C:\ProgramData\1407978116.6864.bin 2014-08-13 20:01 - 2014-08-13 20:01 - 00000000 ____D () C:\Program Files\Settings Manager 2014-08-13 20:00 - 2014-08-13 20:02 - 13954264 _____ () C:\Users\Eunice\Desktop\allmediaconverter_installer_st_oo.exe 2014-08-13 19:58 - 2014-08-16 06:35 - 00029513 _____ () C:\Users\Guest\AppData\Roaming\setup.exe 2014-08-13 19:48 - 2014-08-13 19:48 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-08-13 19:48 - 2014-08-13 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-13 19:45 - 2014-08-22 04:50 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-13 19:45 - 2014-08-21 21:16 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-13 19:44 - 2014-08-13 19:48 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-08-13 19:42 - 2014-08-13 19:42 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe 2014-08-13 19:35 - 2014-08-13 20:22 - 00209432 _____ () C:\Windows\RegBootClean.exe 2014-08-13 15:44 - 2014-07-07 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 15:44 - 2014-06-13 19:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-13 15:44 - 2014-06-13 19:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-08-13 15:44 - 2014-06-02 05:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 15:44 - 2014-06-02 05:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 15:44 - 2014-06-02 05:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 15:44 - 2014-06-02 05:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-08-13 15:44 - 2014-06-02 03:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 15:43 - 2014-07-24 23:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-13 15:43 - 2014-07-24 21:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-13 15:43 - 2014-07-24 13:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 15:43 - 2014-07-24 12:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 15:43 - 2014-07-24 12:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 15:43 - 2014-07-24 12:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 15:43 - 2014-07-24 12:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 15:43 - 2014-07-24 12:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 15:43 - 2014-07-24 12:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-08-13 15:43 - 2014-07-24 12:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 15:43 - 2014-07-24 12:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 15:43 - 2014-07-24 12:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-08-13 15:43 - 2014-07-24 12:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 15:43 - 2014-07-24 12:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-13 15:43 - 2014-07-24 12:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-13 15:43 - 2014-07-24 12:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 15:43 - 2014-07-24 12:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 15:43 - 2014-07-24 12:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 15:43 - 2014-07-24 12:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 15:43 - 2014-07-24 12:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-08-13 15:43 - 2014-07-24 12:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-08-13 15:43 - 2014-07-24 12:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-08-13 15:43 - 2014-07-24 12:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 14:29 - 2014-08-13 14:29 - 00000000 _____ () C:\Users\Guest\AppData\Local\QSwitch.txt 2014-08-13 14:29 - 2014-08-13 14:29 - 00000000 _____ () C:\Users\Guest\AppData\Local\DSwitch.txt 2014-08-13 14:29 - 2014-08-13 14:29 - 00000000 _____ () C:\Users\Guest\AppData\Local\AtStart.txt 2014-08-13 14:27 - 2014-08-13 14:27 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\NCH Software 2014-08-13 14:26 - 2014-08-19 15:55 - 00049952 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-13 14:26 - 2014-08-15 20:49 - 00000944 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-08-13 14:26 - 2014-08-13 14:26 - 00000949 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-13 14:25 - 2014-08-13 14:25 - 00000915 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2014-08-13 14:25 - 2014-08-13 14:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore 2014-08-13 14:21 - 2014-08-14 20:03 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\TuneUp Software 2014-08-13 14:21 - 2014-08-13 14:26 - 00000000 ____D () C:\Users\Guest 2014-08-13 14:21 - 2014-08-13 14:21 - 00000020 ___SH () C:\Users\Guest\ntuser.ini 2014-08-13 14:21 - 2013-08-22 09:12 - 00004964 _____ () C:\Users\Guest\AppData\Local\installer.log 2014-08-13 14:21 - 2013-08-21 16:16 - 00800824 _____ (Microsoft Corporation) C:\Users\Guest\AppData\Roaming\DPInst.exe 2014-08-13 14:21 - 2013-08-21 16:16 - 00106496 _____ (Microsoft Corporation) C:\Users\Guest\AppData\Roaming\gacutil.exe 2014-08-13 14:21 - 2013-08-21 16:16 - 00036352 _____ (Microsoft Corporation) C:\Users\Guest\AppData\Roaming\PnPutil.exe 2014-08-13 14:21 - 2013-08-21 16:16 - 00000181 _____ () C:\Users\Guest\AppData\Roaming\gacutil.exe.config 2014-08-13 14:21 - 2013-08-21 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\KODAK AiO Home Center337893012 2014-08-13 14:21 - 2013-06-01 15:45 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia 2014-08-13 14:21 - 2012-10-25 13:03 - 00000000 ____D () C:\Users\Guest\AppData\Local\Eastman_Kodak_Company 2014-08-13 14:21 - 2012-10-25 12:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Temp 2014-08-13 14:21 - 2012-10-25 12:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\KODAK AiO Home Center98805086 2014-08-13 14:21 - 2012-09-28 17:40 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\hpqLog 2014-08-13 14:21 - 2008-01-20 21:43 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-13 14:21 - 2008-01-20 21:43 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-22 05:21 - 2014-08-22 05:21 - 00012614 _____ () C:\Users\Eunice\Desktop\FRST.txt 2014-08-22 05:21 - 2014-08-22 05:21 - 00000000 ____D () C:\FRST 2014-08-22 05:09 - 2008-01-20 20:39 - 01571988 _____ () C:\Windows\WindowsUpdate.log 2014-08-22 05:05 - 2014-08-21 20:46 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-22 05:05 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-22 05:05 - 2006-11-02 07:47 - 00004880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-22 05:05 - 2006-11-02 07:47 - 00004880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-22 05:04 - 2014-08-21 21:16 - 00752112 _____ () C:\Windows\PFRO.log 2014-08-22 05:03 - 2012-09-27 22:35 - 00000012 _____ () C:\Windows\bthservsdp.dat 2014-08-22 05:03 - 2006-11-02 08:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-22 05:02 - 2013-09-29 14:02 - 00000000 ____D () C:\ProgramData\Trend Micro 2014-08-22 05:00 - 2013-09-29 13:33 - 00000000 ____D () C:\Users\Eunice\AppData\Local\Trend Micro 2014-08-22 04:56 - 2006-11-02 05:33 - 00759542 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-22 04:55 - 2014-08-21 21:36 - 00000795 _____ () C:\Windows\setupact.log 2014-08-22 04:51 - 2014-08-22 05:18 - 01094144 _____ (Farbar) C:\Users\Eunice\Desktop\FRST.exe 2014-08-22 04:50 - 2014-08-13 19:45 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-22 04:29 - 2012-10-22 10:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-22 04:19 - 2013-09-30 19:52 - 00000306 _____ () C:\Windows\Tasks\PrintProjects Communicator.job 2014-08-22 03:56 - 2014-08-21 19:56 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task af44188d-5eba-439b-9568-77d11f6274c9.job 2014-08-22 03:39 - 2014-02-25 00:45 - 00001945 _____ () C:\Windows\epplauncher.mif 2014-08-22 03:34 - 2014-08-22 03:34 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\AVAST Software 2014-08-21 21:36 - 2014-08-21 21:36 - 00001873 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-08-21 21:36 - 2014-08-21 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-08-21 21:36 - 2014-08-21 21:36 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-21 21:35 - 2014-08-21 21:34 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-08-21 21:34 - 2014-08-21 21:34 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-08-21 21:34 - 2014-08-21 21:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-08-21 21:34 - 2014-08-21 21:34 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-08-21 21:32 - 2014-08-21 21:32 - 00000000 ____D () C:\Program Files\AVAST Software 2014-08-21 21:32 - 2014-08-21 21:29 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-08-21 21:26 - 2014-08-21 21:26 - 04862664 _____ (AVAST Software) C:\Users\Guest\Desktop\avast_free_antivirus_setup_online.exe 2014-08-21 21:18 - 2014-08-21 19:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2014-08-21 21:16 - 2014-08-21 21:16 - 00049952 _____ () C:\Users\Eunice\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-21 21:16 - 2014-08-21 19:57 - 00000000 ____D () C:\SUPERDelete 2014-08-21 21:16 - 2014-08-21 19:56 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95252d12-7698-4ea2-a304-6bf92bf3dd30.job 2014-08-21 21:16 - 2014-08-13 19:45 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-21 21:13 - 2014-08-21 21:13 - 00001060 _____ () C:\Users\Guest\Desktop\stuff.txt 2014-08-21 20:45 - 2014-08-21 20:45 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-21 20:45 - 2014-08-21 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-08-21 20:45 - 2014-08-21 20:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-08-21 20:44 - 2014-08-21 20:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Guest\Desktop\mbam-setup-2.0.2.1012.exe 2014-08-21 20:44 - 2014-08-21 20:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Macromedia 2014-08-21 19:56 - 2014-08-21 19:56 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\SUPERAntiSpyware.com 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2014-08-21 19:55 - 2014-08-21 19:55 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-08-21 19:38 - 2014-08-21 19:38 - 00001057 _____ () C:\Users\Eunice\Desktop\Revo Uninstaller.lnk 2014-08-21 19:38 - 2014-08-21 19:38 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-08-21 19:36 - 2014-08-21 19:34 - 00000000 ____D () C:\CCREGBACKUPS 2014-08-21 19:27 - 2014-08-21 19:27 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-21 19:25 - 2014-08-21 19:25 - 18840560 _____ (SUPERAntiSpyware) C:\Users\Guest\Desktop\SUPERAntiSpyware.exe 2014-08-21 19:24 - 2014-08-21 19:24 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla 2014-08-21 19:24 - 2014-08-21 19:24 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla 2014-08-21 19:23 - 2014-08-21 19:23 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-21 19:23 - 2014-08-21 19:23 - 00000846 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-08-21 19:23 - 2014-08-21 19:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-08-21 19:23 - 2013-07-13 18:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-08-19 17:27 - 2013-08-21 16:15 - 00000000 ____D () C:\ProgramData\PrintProjects 2014-08-19 16:32 - 2014-08-19 16:32 - 00230896 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-19 16:22 - 2012-09-27 23:29 - 00000000 ____D () C:\Windows\Panther 2014-08-19 16:15 - 2014-08-16 12:19 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc 2014-08-19 15:55 - 2014-08-13 14:26 - 00049952 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-19 15:01 - 2014-08-19 14:32 - 00000000 ____D () C:\ProgramData\Max Secure 2014-08-19 14:10 - 2014-08-19 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\GetRightToGo 2014-08-19 14:09 - 2014-08-19 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Max Secure Software 2014-08-19 14:08 - 2014-08-19 14:08 - 00361666 _____ (RegNow.com) C:\Users\Guest\Downloads\Download_MaxSDDMnew.exe 2014-08-19 12:09 - 2013-08-16 15:25 - 00013464 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-08-19 11:55 - 2012-09-29 04:31 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\vlc 2014-08-16 12:25 - 2014-08-16 12:23 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\dvdcss 2014-08-16 12:17 - 2014-08-16 12:17 - 00000859 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-08-16 12:17 - 2014-08-16 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-08-16 12:15 - 2014-08-16 12:15 - 00000000 ____D () C:\Program Files\VideoLAN 2014-08-16 12:11 - 2014-08-16 12:10 - 79580504 _____ () C:\Users\Guest\Downloads\vlcmediaplayer-setup.exe 2014-08-16 12:11 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Resources 2014-08-16 12:00 - 2014-08-16 12:00 - 00004608 _____ () C:\Users\Guest\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-08-16 06:35 - 2014-08-13 19:58 - 00029513 _____ () C:\Users\Guest\AppData\Roaming\setup.exe 2014-08-16 05:57 - 2012-10-23 11:16 - 00026624 _____ () C:\Users\Eunice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-08-16 05:44 - 2014-08-15 20:52 - 00000000 ____D () C:\ProgramData\TEMP 2014-08-16 04:36 - 2013-08-14 18:51 - 00000000 ____D () C:\Program Files\NCH Software 2014-08-16 04:35 - 2013-08-14 18:51 - 00000000 ____D () C:\ProgramData\NCH Software 2014-08-15 20:52 - 2014-08-15 20:52 - 00000000 ____D () C:\Users\Guest\Documents\All Media Converter Output 2014-08-15 20:52 - 2014-08-15 20:52 - 00000000 ____D () C:\ProgramData\Licenses 2014-08-15 20:49 - 2014-08-13 14:26 - 00000944 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-08-15 20:40 - 2014-08-15 20:39 - 02015552 _____ (DriverBoost) C:\Users\Guest\Downloads\DriverBoostPro_Setup.exe 2014-08-15 06:42 - 2014-08-15 06:42 - 00096684 _____ () C:\ProgramData\1408102743.bdinstall.bin 2014-08-15 06:39 - 2014-08-15 06:39 - 00037408 _____ () C:\ProgramData\1408102737.bdinstall.bin 2014-08-15 06:15 - 2014-08-15 06:15 - 00251230 _____ () C:\ProgramData\1408099991.bdinstall.bin 2014-08-15 06:06 - 2012-09-28 23:36 - 00000000 ____D () C:\Users\Eunice 2014-08-15 06:00 - 2014-08-13 20:01 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\QuickScan 2014-08-14 20:52 - 2012-10-23 10:54 - 00000000 ____D () C:\ProgramData\Kodak 2014-08-14 20:04 - 2014-08-14 19:43 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-08-14 20:03 - 2014-08-14 20:03 - 00000000 ____D () C:\Users\Guest\AppData\Local\TuneUp Software 2014-08-14 20:03 - 2014-08-13 14:21 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\TuneUp Software 2014-08-14 20:03 - 2013-08-16 13:00 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader 2014-08-14 19:53 - 2014-08-14 19:43 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-08-14 19:52 - 2014-08-14 19:52 - 00000000 ____D () C:\Users\Eunice\AppData\Local\TuneUp Software 2014-08-14 19:52 - 2012-10-22 11:11 - 00000000 ____D () C:\Users\Eunice\AppData\Roaming\TuneUp Software 2014-08-14 19:43 - 2014-08-14 19:42 - 28369720 _____ (TuneUp Software) C:\Users\Guest\Downloads\TuneUpUtilities2014_en-US.exe 2014-08-14 16:41 - 2014-08-14 16:41 - 00000000 ____D () C:\Users\Guest\AppData\Local\Eastman Kodak Company 2014-08-14 16:36 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-08-14 16:27 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\rescache 2014-08-14 15:42 - 2013-08-16 03:38 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 15:25 - 2006-11-02 05:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-08-14 15:21 - 2013-08-21 10:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-14 15:19 - 2014-08-14 15:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Guest\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-14 15:09 - 2014-03-30 20:14 - 00000000 ____D () C:\Windows\Minidump 2014-08-13 20:51 - 2014-08-13 20:39 - 00002053 _____ () C:\ProgramData\1407980316.7952.bin 2014-08-13 20:51 - 2014-08-13 20:39 - 00000189 _____ () C:\ProgramData\1407980316.5184.bin 2014-08-13 20:47 - 2014-08-13 20:47 - 00000000 ____D () C:\ProgramData\WindowsSearch 2014-08-13 20:39 - 2014-08-13 20:38 - 00040562 _____ () C:\ProgramData\1407980316.7932.bin 2014-08-13 20:38 - 2014-08-13 20:38 - 00000000 ____D () C:\ProgramData\smdmf 2014-08-13 20:37 - 2006-11-02 06:18 - 00000000 ___RD () C:\Users\Public 2014-08-13 20:22 - 2014-08-13 19:35 - 00209432 _____ () C:\Windows\RegBootClean.exe 2014-08-13 20:09 - 2014-08-13 20:01 - 00040393 _____ () C:\ProgramData\1407978116.6864.bin 2014-08-13 20:03 - 2014-08-13 20:02 - 00000339 _____ () C:\ProgramData\1407978116.6700.bin 2014-08-13 20:02 - 2014-08-13 20:02 - 00002052 _____ () C:\ProgramData\1407978116.928.bin 2014-08-13 20:02 - 2014-08-13 20:00 - 13954264 _____ () C:\Users\Eunice\Desktop\allmediaconverter_installer_st_oo.exe 2014-08-13 20:01 - 2014-08-13 20:01 - 00000000 ____D () C:\Program Files\Settings Manager 2014-08-13 19:48 - 2014-08-13 19:48 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-08-13 19:48 - 2014-08-13 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-13 19:48 - 2014-08-13 19:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-08-13 19:47 - 2013-08-16 14:50 - 00000000 ____D () C:\Program Files\Google 2014-08-13 19:42 - 2014-08-13 19:42 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe 2014-08-13 14:29 - 2014-08-13 14:29 - 00000000 _____ () C:\Users\Guest\AppData\Local\QSwitch.txt 2014-08-13 14:29 - 2014-08-13 14:29 - 00000000 _____ () C:\Users\Guest\AppData\Local\DSwitch.txt 2014-08-13 14:29 - 2014-08-13 14:29 - 00000000 _____ () C:\Users\Guest\AppData\Local\AtStart.txt 2014-08-13 14:27 - 2014-08-13 14:27 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\NCH Software 2014-08-13 14:26 - 2014-08-13 14:26 - 00000949 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-13 14:26 - 2014-08-13 14:21 - 00000000 ____D () C:\Users\Guest 2014-08-13 14:25 - 2014-08-13 14:25 - 00000915 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2014-08-13 14:25 - 2014-08-13 14:25 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore 2014-08-13 14:21 - 2014-08-13 14:21 - 00000020 ___SH () C:\Users\Guest\ntuser.ini 2014-07-29 10:29 - 2013-02-23 16:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-24 23:26 - 2014-08-13 15:43 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-07-24 21:53 - 2014-08-13 15:43 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-24 13:07 - 2014-08-13 15:43 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-24 12:58 - 2014-08-13 15:43 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-24 12:57 - 2014-08-13 15:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-24 12:52 - 2014-08-13 15:43 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-24 12:51 - 2014-08-13 15:43 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-24 12:51 - 2014-08-13 15:43 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-24 12:50 - 2014-08-13 15:43 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-07-24 12:50 - 2014-08-13 15:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-24 12:49 - 2014-08-13 15:43 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-24 12:49 - 2014-08-13 15:43 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-07-24 12:49 - 2014-08-13 15:43 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-24 12:49 - 2014-08-13 15:43 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-24 12:49 - 2014-08-13 15:43 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-24 12:48 - 2014-08-13 15:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-24 12:48 - 2014-08-13 15:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-24 12:48 - 2014-08-13 15:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-24 12:48 - 2014-08-13 15:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-24 12:48 - 2014-08-13 15:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-07-24 12:48 - 2014-08-13 15:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-07-24 12:48 - 2014-08-13 15:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-07-24 12:47 - 2014-08-13 15:43 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-24 03:05 - 2013-02-23 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight Some content of TEMP: ==================== C:\Users\Eunice\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Eunice\AppData\Local\Temp\SDShelEx-win32.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-22 05:11 ==================== End Of Log ============================ -------------------------------------------------------------------------------------------------------------------------------------------------------- Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-08-2014 Ran by Eunice at 2014-08-22 05:21:58 Running from C:\Users\Eunice\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software) C4USelfUpdater (Version: 1.00.0000 - Your Company Name) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) center (Version: 7.7.2.0 - Eastman Kodak Company) Hidden essentials (Version: 7.7.2.0 - Eastman Kodak Company) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden H&R Block Deluxe + Efile + State 2012 (HKLM\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.05.7803 - HRB Technology, LLC.) H&R Block Deluxe + Efile + State 2013 (HKLM\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.6502 - HRB Technology, LLC.) H&R Block Minnesota 2012 (HKLM\...\{E19DE9C7-C80D-4439-9E55-028D84BD3E61}) (Version: 1.12.4701 - HRB Technology, LLC.) H&R Block Minnesota 2013 (HKLM\...\{E48C9382-EDCD-45A7-A177-B55DCE785390}) (Version: 1.13.5001 - HRB Technology, LLC.) HourGuard Time Sheet (HKLM\...\HourGuard) (Version: 1.46 - NCH Software) HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company) Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden PrintMaster Gold 3.00 (HKLM\...\PrintMaster Gold 3.00) (Version: - ) PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.12272 - RocketLife Inc.) QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2C06_hpZ1379z) (Version: - ) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN) Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24) (HKLM\...\4C8545EEB6143B6AD3858B5D1E0AEE76040B1435) (Version: 04/10/2012 2.08.24 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24) (HKLM\...\6849F67BACD4DA5A5B9D46803E6850D0BE8B3826) (Version: 04/10/2012 2.08.24 - FTDI) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 20-06-2014 14:10:11 Windows Update 25-06-2014 17:13:40 Windows Update 28-06-2014 22:39:27 Windows Update 02-07-2014 17:00:03 Windows Update 06-07-2014 20:12:03 Windows Update 09-07-2014 20:39:01 Windows Update 13-07-2014 18:53:50 Windows Update 15-07-2014 17:53:25 Windows Update 19-07-2014 20:44:02 Windows Update 23-07-2014 06:28:39 Windows Update 24-07-2014 08:00:13 Windows Update 28-07-2014 21:36:29 Windows Update 08-08-2014 00:46:19 Windows Update 14-08-2014 19:50:43 Windows Update 15-08-2014 00:45:01 Installed TuneUp Utilities 2014 15-08-2014 10:51:03 Windows Update 15-08-2014 11:06:11 Device Driver Package Install: BITDEFENDER S.R.L. System devices 16-08-2014 01:42:04 Installed DriverBoost. 16-08-2014 09:29:59 Windows Update 19-08-2014 17:13:04 Windows Update 19-08-2014 20:05:26 Installed Spyware Detector 22-08-2014 00:39:10 Revo Uninstaller's restore point - TuneUp Utilities 2014 22-08-2014 00:40:16 Removed TuneUp Utilities 2014 22-08-2014 00:41:36 Removed TuneUp Utilities 2014 (en-US) 22-08-2014 00:44:32 Revo Uninstaller's restore point - PremierOpinion 22-08-2014 00:47:49 Revo Uninstaller's restore point - DriverUpdate 22-08-2014 00:48:04 Removed DriverUpdate 22-08-2014 00:50:37 Revo Uninstaller's restore point - Free PDF Tablet 22-08-2014 00:52:00 Revo Uninstaller's restore point - Adobe AIR 22-08-2014 02:32:02 avast! antivirus system restore point 22-08-2014 08:37:01 Revo Uninstaller's restore point - Microsoft Security Essentials 22-08-2014 08:48:10 Revo Uninstaller's restore point - All Media Converter version 5.2.3 22-08-2014 08:49:34 Revo Uninstaller's restore point - All Media Converter version 5.2.3 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () Task: {22A04BF9-5F51-4E1B-8B83-03A0BD1F35CD} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files\Browsersafeguard\uninstall.browsersafeguard.exe <==== ATTENTION Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {3CD34698-5202-4D9A-AD51-E3D044E305DB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-21] (AVAST Software) Task: {3DC7965C-AC60-4DB9-A384-F85A7185688F} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe <==== ATTENTION Task: {4B4B5D9C-6C65-43AA-8F50-BC0747BE1892} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {78C3346C-C9F1-4762-BDF4-327591A6A1DB} - System32\Tasks\PrintProjects Communicator => C:\ProgramData\PrintProjects\Communicator.exe [2013-09-30] () Task: {AA42EF2E-93F0-4A93-B9BC-90358056C3AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-13] (Google Inc.) Task: {AA7A2522-53E0-4899-A452-6E8AA04E175D} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files\PC Performer\PCPerformer.exe <==== ATTENTION Task: {B77D2ADC-4769-4D20-9B7F-BE11A7DB54FA} - System32\Tasks\PC Performer_UPDATES => C:\Program Files\PC Performer\PCPerformer.exe <==== ATTENTION Task: {BD638C6F-DFCA-435F-9F16-0D55969D9246} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {C224019E-9EC2-4145-AA95-0B2A66F4B591} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated) Task: {C881A42A-6D8D-435B-866A-A7E986BC78A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-13] (Google Inc.) Task: {D1008593-63A4-4EE8-87BD-9C950B636CB4} - System32\Tasks\SUPERAntiSpyware Scheduled Task af44188d-5eba-439b-9568-77d11f6274c9 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {E030F14F-8B02-412F-9A50-A2909C61C29D} - System32\Tasks\PC Performer => C:\Program Files\PC Performer\PCPerformer.exe <==== ATTENTION Task: {E65C92F7-DAE0-411F-B9A3-A35F221D06F8} - System32\Tasks\SUPERAntiSpyware Scheduled Task 95252d12-7698-4ea2-a304-6bf92bf3dd30 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PrintProjects Communicator.job => C:\ProgramData\PrintProjects\Communicator.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95252d12-7698-4ea2-a304-6bf92bf3dd30.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task af44188d-5eba-439b-9568-77d11f6274c9.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Loaded Modules (whitelisted) ============= 2014-08-21 21:34 - 2014-08-21 21:34 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-08-21 21:34 - 2014-08-21 21:34 - 02800128 _____ () C:\Program Files\AVAST Software\Avast\defs\14082100\algo.dll 2008-06-03 03:35 - 2008-06-03 03:35 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2014-08-21 21:34 - 2014-08-21 21:34 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-08-21 19:23 - 2014-07-17 00:42 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:D46340DD ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide ==================== Faulty Device Manager Devices ============= Name: Fingerprint Sensor Description: Fingerprint Sensor Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/22/2014 05:05:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/22/2014 05:02:59 AM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (08/22/2014 04:59:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application coreServiceShell.exe, version 3.0.0.1249, time stamp 0x51e43e4c, faulting module DLTI.dll_unloaded, version 0.0.0.0, time stamp 0x5297002c, exception code 0xc0000005, fault offset 0x11719f41, process id 0x8a8, application start time 0xcoreServiceShell.exe0. Error: (08/22/2014 03:49:33 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e89100e5-a0b8-4f11-a98d-8b5c812d7b24} Error: (08/22/2014 03:48:09 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e89100e5-a0b8-4f11-a98d-8b5c812d7b24} Error: (08/22/2014 03:36:57 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e89100e5-a0b8-4f11-a98d-8b5c812d7b24} Error: (08/22/2014 03:18:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2014 09:31:58 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {dc745ca8-f229-4d19-b354-b0b1ee3e0694} Error: (08/21/2014 09:16:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2014 07:52:00 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {ad90110c-e9ff-4722-9b67-8d8823e2cfc0} System errors: ============= Error: (08/22/2014 04:59:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Trend Micro Solution Platform1 Error: (08/21/2014 10:52:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Trend Micro Solution Platform2 Error: (08/21/2014 10:38:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Trend Micro Solution Platform1 Error: (08/21/2014 07:16:36 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: ) Description: %%8604.5.0216.0%%834%%8380x80004005Unspecified error 3 Error: (08/21/2014 07:14:36 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} Error: (08/20/2014 07:43:42 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000SysMain Error: (08/20/2014 07:43:11 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: ) Description: %%8604.5.0216.0%%834%%8380x80004005Unspecified error 3 Error: (08/19/2014 06:23:34 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: ) Description: %%8604.5.0216.0%%834%%8380x80004005Unspecified error 3 Error: (08/19/2014 06:10:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000ShellHWDetection Error: (08/19/2014 06:06:44 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 5:28:31 PM on 8/19/2014 was unexpected. Microsoft Office Sessions: ========================= Error: (08/22/2014 05:05:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/22/2014 05:02:59 AM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (08/22/2014 04:59:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: coreServiceShell.exe3.0.0.124951e43e4cDLTI.dll_unloaded0.0.0.05297002cc000000511719f418a801cfbde1981021c9 Error: (08/22/2014 03:49:33 AM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005 Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e89100e5-a0b8-4f11-a98d-8b5c812d7b24} Error: (08/22/2014 03:48:09 AM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005 Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e89100e5-a0b8-4f11-a98d-8b5c812d7b24} Error: (08/22/2014 03:36:57 AM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005 Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e89100e5-a0b8-4f11-a98d-8b5c812d7b24} Error: (08/22/2014 03:18:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2014 09:31:58 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005 Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {dc745ca8-f229-4d19-b354-b0b1ee3e0694} Error: (08/21/2014 09:16:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2014 07:52:00 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005 Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {ad90110c-e9ff-4722-9b67-8d8823e2cfc0} CodeIntegrity Errors: =================================== Date: 2014-08-22 05:21:51.587 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:51.431 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:51.275 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:51.119 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:50.823 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:50.667 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:50.511 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:50.308 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:32.992 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-22 05:21:32.820 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU T7500 @ 2.20GHz Percentage of memory in use: 50% Total physical RAM: 2014.52 MB Available physical RAM: 992.36 MB Total Pagefile: 4270.06 MB Available Pagefile: 3156.1 MB Total Virtual: 2047.88 MB Available Virtual: 1907.23 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:298.09 GB) (Free:218.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: E548371F) Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.