Jump to content

Search the Community

Showing results for tags 'bad_pool_header'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 5 results

  1. I have had MWB installed on my computers for as long as I have ever had them, recently I got a new laptop and went to put MWB on it and I noticed that they gave the website a new look along with some new software. After I installed the new MWB on my laptop I decided to update my PC with it as well. About 2 or so days after updating to MWB 3.0 I turned on my PC and soon after it gave me a BSOD with the heading BAD_POOL_HEADER. After 3 days of fighting I gave up and reinstalled Windows 10. Two days ago I realized I had forgotten to install MWB so after going to the website and installing it within minutes it crashed and gave me the same error and after Windows rolled back to yesterdays snapshot I realized finally what caused it and decided to come here for some help.
  2. Over the last week, I've been in the process of wiping and reinstalling a Windows 10 Home installation that had been compromised by a computer service scam. After finally getting Windows 10 reinstalled, I wanted to install the latest version of MalwareBytes (for which I'd purchased a full license last January on this machine but was removed by the scammers). As soon as I installed MalwareBytes 3.0 on the machine and turned on the options for "Start Malwarebytes at Windows startup" and "Enable self-protection module" and restarted the machine, I started getting the BSOD with the description BAD_POOL_HEADER. Following the instructions in another thread, I am running Driver Verifier, but to be honest there were only 10 drivers that were non-microsoft: dump_atapi.sys dump_dumpata.sys dump_dumpfve.sys mbae64.sys mbamchameleon.sys ndis.sys netr28ux.sys nvhda64v.sys nvlddmkm.sys rt640x64.sys That said, we are 18 hrs into the prescribed 24 hour period, and we've not had one BSOD on this machine. One thing I did do that seemed to help a lot (although isn't 100%) was to turn off Windows Defender. Could it simply be that MWB and Windows Defender 10 just conflict with one another? NOTE: Just to be clear, this is a brand-new install of Windows 10 with all updates downloaded and installed, and a brand new install of MalwareBytes 3.0.5. No other software has been installed yet because I wanted to isolate this issue first.
  3. If you run across any issue while testing, please provide the following detail in order to best help us out: When starting desktop, get a bad pool header right on desktop. I uninstalled anti exploit and installed malwarebytes 3.0. Then I enabled anti exploit and this happened. BSOD BAD_POOL_HEADER Operating System Details: WINDOWS 10 PRO Turned on anti exploit Do you get the same result more than once if you follow the same steps? Yes A copy of the contents of C:\ProgramData\Malwarebytes\MBAMService\logs in a ZIP file (attach to post). MBAMSERVICE.zip
  4. Okay, so I was browsing around Google and found a thread from last year that explains how Malwarebytes' Malicious Website Protection was causing a BSOD "BAD_POOL_HEADER" connected to the network drivers. Well, after installing Windows 10, I am getting the same error. I have tested (To the best of my ability) and it is definitely Malwarebytes causing the issue (I just assume that it is the Malicious Website Protection though, because I just exited Malwarebytes when I tested a few times, I tested by opening up my Bittorrent client and downloading a few ISO files, whenever I do this Malwarebytes usually gives me warnings about malicious connections and such, but that doesn't happen, I just get a BSOD). Before you ask, I have fully updated my network drivers, and everything is up to date. My guess is that this could be some sort of Windows 10 incompatibility, I am blaming Malwarebytes though, because it does not happen unless I have Malwarebytes open. I would love some help, anything is appreciated. If I'm not the only one, PLEASE TELL ME!!!
  5. Hi, From my post here - https://forums.malwarebytes.org/index.php?/topic/164965-bsod-bad-pool-header/#entry940637 It was suggested by 1PW that I open a topic here as I may have a malware infection. As 1PW requested, below are my FRST.txt and Addition.txt files: FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-02-2015Ran by Gerrard (administrator) on GERRARD-PC on 18-02-2015 14:52:56Running from C:\Users\Gerrard\Desktop\FixLoaded Profiles: Gerrard & UpdatusUser (Available profiles: Gerrard & UpdatusUser)Platform: Microsoft Windows 7 Home Premium (X86) OS Language: English (United States)Internet Explorer Version 9 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Creative Labs) C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe(Creative Technology Ltd) C:\Windows\System32\CTSVCCDA.EXE(Teruten) C:\Windows\System32\FsUsbExService.Exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe(Dell Inc) C:\Program Files\Dell\QuickSet\quickset.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Windows\System32\wuauclt.exe(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\CSP\1.3.336.0\McCSPServiceHost.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [514832 2015-01-13] (McAfee, Inc.)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-04-28] (Synaptics, Inc.)HKLM\...\Run: [VolPanel] => C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe [180224 2006-11-27] (Creative Technology Ltd)HKLM\...\Run: [] => [X]HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [499352 2014-09-17] (McAfee, Inc.)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-20] (Adobe Systems Incorporated)HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-05-10] (Creative Technology Ltd.)HKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\Run: [DellSystemDetect] => C:\Users\Gerrard\AppData\Local\Apps\2.0\JWZ84O28.6XD\E7MAHV54.LHK\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-02-10] (Dell)HKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\MountPoints2: H - H:\DTVP_Launcher.exeHKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\MountPoints2: {6a01ec97-4178-11df-9f1d-001dd9e7fc28} - F:\DTVP_Launcher.exeHKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\MountPoints2: {d315f035-256f-11df-9eea-001dd9e7fc28} - "F:\WD SmartWare.exe" autoplay=trueLsa: [Authentication Packages] msv1_0 relog_apStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnkShortcutTarget: QuickSet.lnk -> C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe (Macrovision Corporation)ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-1696010641-1652278836-1394396144-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-1696010641-1652278836-1394396144-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehpSearchScopes: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001 -> DefaultScope {F7F9D434-F6AD-4093-AB6C-AD44187AB04A} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7ADRA_enSearchScopes: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001 -> {F7F9D434-F6AD-4093-AB6C-AD44187AB04A} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7ADRA_enBHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No FileDPF: {10000000-1000-1000-1000-100000000000} http://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 10.1.1.254Tcpip\..\Interfaces\{8967732C-A582-4E5B-8C1D-D84B49F8178D}: [NameServer] 172.21.122.12 202.27.113.10 FireFox:========FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin: @real.com/nppl3260;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\ExtFF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-14]FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-13] Chrome: =======CHR StartupUrls: Default -> "hxxp://www.google.co.nz/"CHR Profile: C:\Users\Gerrard\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gerrard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Gerrard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-03-07]CHR Extension: (Google Wallet) - C:\Users\Gerrard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Gerrard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-03-07]CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-12-14]CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2007-09-08] (Acronis)R2 Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [72704 2010-03-03] (Creative Labs) [File not signed]R2 Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [File not signed]R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [286672 2014-10-31] (McAfee, Inc.)R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-21] (Hewlett-Packard Co.) [File not signed]R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-21] (Hewlett-Packard Co.) [File not signed]R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-21] (Hewlett-Packard Co.) [File not signed]S3 IDriverT; C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [529216 2015-01-13] (McAfee, Inc.)R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [338160 2014-11-22] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [286672 2014-10-31] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [286672 2014-10-31] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471560 2015-01-07] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [286672 2014-10-31] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [286672 2014-10-31] (McAfee, Inc.)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [661088 2014-11-06] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [171368 2014-10-01] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [179608 2014-10-01] (McAfee, Inc.)R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-04] (Hewlett-Packard) [File not signed]R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-04] (Hewlett-Packard) [File not signed]R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-11-06] (Sonic Solutions) [File not signed]S2 RoxWatch9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-11-06] (Sonic Solutions) [File not signed]R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-05-07] (SigmaTel, Inc.)S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-15] (MicroVision Development, Inc.) [File not signed]S3 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [492600 2007-09-08] ()S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [108104 2010-12-02] (SlySoft, Inc.)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62840 2014-10-01] (McAfee, Inc.)R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-11-21] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-18] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [135880 2014-10-01] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [238312 2014-10-01] (McAfee, Inc.)S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [67824 2014-10-01] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371712 2014-10-01] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [575992 2014-10-01] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [352360 2014-09-19] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [81304 2014-09-19] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217232 2014-10-01] (McAfee, Inc.)R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80120.sys [472792 2015-01-09] (IBM Corp.)R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251640 2014-12-22] (IBM Corp.)S3 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [208856 2014-12-22] (IBM Corp.)R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332696 2014-12-22] (IBM Corp.)R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-05-07] (SigmaTel, Inc.)R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368736 2010-07-22] (Acronis)R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2010-07-22] (Acronis)R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [94920 2013-10-17] (High Criteria inc.)S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [X]U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 14:44 - 2015-02-18 14:53 - 00000000 ____D () C:\FRST2015-02-18 14:43 - 2015-02-18 14:52 - 00000000 ____D () C:\Users\Gerrard\Desktop\Fix2015-02-18 14:34 - 2015-02-18 14:35 - 00000000 ____D () C:\Users\Gerrard\Desktop\Dump2015-02-18 14:17 - 2015-02-18 14:17 - 04747264 _____ () C:\Users\Gerrard\Documents\Fuel.vsd2015-02-18 13:23 - 2015-02-18 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2015-02-17 13:58 - 2015-02-17 13:59 - 13946571 _____ () C:\Users\Gerrard\Downloads\SysinternalsSuite.zip2015-02-17 13:28 - 2015-02-17 13:29 - 06528454 _____ () C:\Users\Gerrard\Downloads\paint.net.4.0.5.install.zip2015-02-14 17:59 - 2015-02-14 17:59 - 00000000 ____D () C:\Users\Gerrard\Desktop\Paul2015-02-12 10:04 - 2015-02-14 16:58 - 00000464 _____ () C:\Users\Gerrard\Desktop\Social Calendar.txt2015-02-11 10:50 - 2015-02-11 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed2015-02-11 10:50 - 2015-02-11 10:50 - 00000000 ____D () C:\Program Files\WhoCrashed2015-02-11 10:49 - 2015-02-11 10:49 - 02727584 _____ (Resplendence Software Projects Sp. ) C:\Users\Gerrard\Downloads\whocrashedSetup.exe2015-02-11 10:32 - 2015-02-18 14:31 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-02-11 10:32 - 2015-02-11 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-02-11 10:32 - 2015-02-11 10:32 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-02-11 10:32 - 2015-02-11 10:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2015-02-11 10:32 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-02-11 10:32 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-02-11 10:32 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-02-11 10:20 - 2015-02-11 10:20 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Gerrard\Downloads\mbam-setup-2.0.4.1028.exe2015-02-11 10:19 - 2015-02-11 10:19 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Gerrard\Downloads\mbam-clean-2.1.1.1001.exe2015-02-10 16:01 - 2015-02-10 16:01 - 00000000 ____D () C:\Users\Gerrard\AppData\Roaming\Dell2015-02-10 16:00 - 2015-02-10 16:00 - 00000000 ____D () C:\ProgramData\PCDr2015-02-10 16:00 - 2015-02-10 16:00 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows2015-02-10 16:00 - 2015-02-10 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell2015-02-10 16:00 - 2015-02-10 16:00 - 00000000 ____D () C:\Program Files\Dell Support Center2015-02-10 15:58 - 2015-02-10 16:00 - 00000000 ____D () C:\Program Files\My Dell2015-02-10 15:54 - 2015-02-10 15:54 - 00000000 ____D () C:\Users\Gerrard\AppData\Roaming\PCDr2015-02-10 15:52 - 2015-02-10 15:52 - 00000000 ____D () C:\Users\Gerrard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell2015-02-10 15:52 - 2015-02-10 15:52 - 00000000 ____D () C:\Users\Gerrard\AppData\Local\Deployment2015-02-10 15:51 - 2015-02-10 15:51 - 00417064 _____ () C:\Users\Gerrard\Downloads\DellSystemDetect.exe2015-02-10 14:43 - 2015-02-11 16:19 - 00000735 _____ () C:\Users\Gerrard\Desktop\Include in Document.txt2015-02-09 15:33 - 2015-02-09 15:33 - 11666784 _____ (Microsoft Corporation) C:\Users\Gerrard\Downloads\visioviewer32bit.exe2015-02-09 15:10 - 2015-02-09 15:26 - 357615384 _____ (Microsoft Corporation) C:\Users\Gerrard\Downloads\Visio_2013.exe2015-02-09 11:25 - 2015-02-09 11:26 - 00011205 _____ () C:\Users\Gerrard\Downloads\ViewUsage.csv2015-02-04 15:24 - 2015-02-18 13:15 - 00163519 ____N () C:\Windows\Minidump\021815-28704-01.dmp2015-02-04 15:24 - 2015-02-17 13:43 - 00163519 ____N () C:\Windows\Minidump\021715-25989-01.dmp2015-02-04 15:24 - 2015-02-17 13:15 - 00163775 ____N () C:\Windows\Minidump\021715-25662-01.dmp2015-02-04 15:24 - 2015-02-11 10:35 - 00163519 ____N () C:\Windows\Minidump\021115-22354-01.dmp2015-02-04 15:24 - 2015-02-10 15:33 - 00163519 ____N () C:\Windows\Minidump\021015-22183-01.dmp2015-02-04 15:24 - 2015-02-10 15:06 - 00164591 ____N () C:\Windows\Minidump\021015-24273-01.dmp2015-02-04 15:24 - 2015-02-04 15:31 - 00163519 ____N () C:\Windows\Minidump\020415-22370-01.dmp2015-02-03 15:54 - 2015-02-03 15:55 - 07683360 _____ (Auslogics Labs Pty Ltd ) C:\Users\Gerrard\Downloads\driver-updater-setup.exe2015-02-03 08:38 - 2015-02-03 08:38 - 00000000 ____D () C:\Program Files\Mozilla Firefox2015-02-03 08:21 - 2010-03-04 17:04 - 00146304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys2015-02-03 08:21 - 2010-03-04 16:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys2015-02-03 08:20 - 2010-09-14 19:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll2015-02-03 08:04 - 2012-11-22 22:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2015-02-03 08:04 - 2012-08-03 06:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll2015-02-03 08:04 - 2011-03-11 18:44 - 00146304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2015-02-03 08:04 - 2011-03-11 18:44 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys2015-02-03 08:04 - 2011-03-11 18:44 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys2015-02-03 08:04 - 2011-03-11 18:43 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys2015-02-03 08:04 - 2011-03-11 18:43 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys2015-02-03 08:04 - 2011-03-11 18:43 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys2015-02-03 08:04 - 2011-03-11 18:39 - 01686016 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll2015-02-03 08:04 - 2011-03-11 18:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe2015-02-03 08:04 - 2011-03-11 17:08 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS2015-02-03 08:04 - 2011-02-19 18:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll2015-02-03 08:04 - 2010-12-21 18:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll2015-02-03 08:04 - 2010-12-21 18:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2015-02-03 08:04 - 2010-12-21 18:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll2015-02-03 08:04 - 2010-12-21 18:38 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll2015-02-03 08:04 - 2010-12-21 18:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll2015-02-03 08:04 - 2010-12-21 18:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll2015-02-03 08:04 - 2010-12-21 18:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2015-02-03 08:03 - 2014-09-15 13:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-02-03 08:03 - 2012-07-07 08:31 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys2015-02-03 08:03 - 2011-04-23 08:36 - 00026496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2015-02-03 08:03 - 2011-03-25 16:06 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2015-02-03 08:03 - 2011-03-25 16:06 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2015-02-03 08:03 - 2011-03-25 16:06 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2015-02-03 08:03 - 2011-03-25 16:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2015-02-03 08:03 - 2011-03-25 16:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2015-02-03 08:03 - 2011-03-25 16:06 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys2015-02-03 08:03 - 2011-03-25 16:06 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2015-02-03 08:03 - 2011-03-13 00:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll2015-02-03 08:03 - 2011-02-24 18:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll2015-02-03 08:03 - 2011-02-03 18:45 - 00219008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys2015-02-03 08:03 - 2010-11-02 17:46 - 00728448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2015-02-03 08:03 - 2010-11-02 17:23 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll2015-02-02 15:34 - 2015-02-02 15:34 - 00304352 _____ () C:\Users\Gerrard\Downloads\lotus 123 for vista_10924_i27253038_il345.exe2015-02-02 15:31 - 2015-02-02 15:31 - 01005878 _____ () C:\Users\Gerrard\Downloads\LOTUS123.ZIP2015-02-02 15:30 - 2015-02-02 15:30 - 01369036 _____ () C:\Users\Gerrard\Downloads\8086tiny_125.zip2015-01-29 16:21 - 2015-01-29 16:21 - 00000052 _____ () C:\Users\Gerrard\Documents\Tech Trends.txt2015-01-29 13:21 - 2015-01-29 13:21 - 04283816 _____ (Neowise Software ) C:\Users\Gerrard\Downloads\NeoDownloaderLiteSetup.exe2015-01-29 08:34 - 2015-01-29 08:34 - 00001100 _____ () C:\Users\Gerrard\Desktop\Working Stuff.lnk2015-01-29 08:34 - 2015-01-29 08:34 - 00001047 _____ () C:\Users\Gerrard\Desktop\Music Temp.lnk2015-01-29 07:57 - 2015-02-03 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132015-01-28 14:51 - 2015-01-28 14:52 - 00509264 _____ (Microsoft Corporation) C:\Users\Gerrard\Downloads\winsdk_web.exe2015-01-27 15:06 - 2015-02-18 13:15 - 00003828 _____ () C:\Windows\setupact.log2015-01-27 15:06 - 2015-01-27 15:06 - 00000000 _____ () C:\Windows\setuperr.log2015-01-23 15:27 - 2015-01-23 15:27 - 00226501 _____ () C:\Users\Gerrard\Downloads\Credit-Card.zip2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point32_01011.Wdf2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center2015-01-22 18:43 - 2012-07-26 16:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2015-01-22 18:43 - 2012-07-26 16:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys2015-01-22 18:43 - 2012-07-26 15:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll2015-01-22 18:43 - 2012-06-03 03:34 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf2015-01-22 18:41 - 2015-01-22 18:42 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center2015-01-21 13:14 - 2015-01-21 13:14 - 00008783 _____ () C:\Users\Gerrard\Documents\Frame Sizes.xlsx2015-01-21 08:39 - 2015-01-21 08:39 - 00436504 _____ (IBM Corp.) C:\Users\Gerrard\Downloads\RapportSetup.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 14:53 - 2012-07-25 05:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-02-18 14:53 - 2010-03-04 00:30 - 00000000 ____D () C:\Users\Gerrard\Email2015-02-18 13:54 - 2011-03-08 10:43 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-18 13:26 - 2009-07-14 17:34 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-18 13:26 - 2009-07-14 17:34 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-18 13:20 - 2010-03-02 07:21 - 01529977 _____ () C:\Windows\WindowsUpdate.log2015-02-18 13:15 - 2011-03-08 10:43 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-18 13:15 - 2010-03-14 04:18 - 00000000 ____D () C:\Windows\Minidump2015-02-18 13:15 - 2009-07-14 17:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-02-18 08:16 - 2014-12-19 14:49 - 00001384 _____ () C:\Users\Gerrard\Desktop\Horizon Systems.lnk2015-02-17 14:46 - 2014-11-15 14:04 - 00001542 _____ () C:\Users\Gerrard\Desktop\Farmlands.lnk2015-02-14 21:21 - 2009-07-14 15:37 - 00000000 ____D () C:\Windows\rescache2015-02-14 18:01 - 2010-03-02 08:32 - 00782838 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-11 10:34 - 2010-03-02 09:07 - 00082914 _____ () C:\Windows\PFRO.log2015-02-10 16:04 - 2012-09-30 07:26 - 00000000 ____D () C:\Temp2015-02-10 15:52 - 2010-04-07 07:13 - 00000000 ____D () C:\Users\Gerrard\AppData\Local\Apps\2.02015-02-10 15:48 - 2012-01-23 06:28 - 00000000 ____D () C:\Users\Gerrard\Documents\Manuals2015-02-10 07:45 - 2011-10-14 22:09 - 00000000 ____D () C:\Users\Gerrard\Documents\Working Stuff2015-02-09 21:39 - 2010-03-03 08:17 - 00000000 ____D () C:\ProgramData\Roxio2015-02-09 15:34 - 2012-04-27 00:49 - 00000000 ____D () C:\Program Files\MSECache2015-02-09 14:15 - 2010-03-04 00:06 - 00000000 ____D () C:\Users\Gerrard\Documents\Lana2015-02-05 10:53 - 2012-05-10 07:34 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2015-02-05 10:53 - 2011-05-17 20:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2015-02-04 09:34 - 2009-07-14 15:37 - 00000000 ____D () C:\Windows\Microsoft.NET2015-02-03 09:23 - 2010-03-04 00:12 - 00000000 ____D () C:\Users\Gerrard\Downloads\Downloads From Old Vista Drive2015-02-03 09:09 - 2009-07-14 17:33 - 00486344 _____ () C:\Windows\system32\FNTCACHE.DAT2015-02-03 08:51 - 2010-03-02 12:14 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-02-03 08:40 - 2010-03-02 09:34 - 00130088 _____ () C:\Users\Gerrard\AppData\Local\GDIPFONTCACHEV1.DAT2015-02-03 08:37 - 2009-07-14 15:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared2015-01-29 07:56 - 2014-05-15 06:30 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2015-01-29 07:56 - 2010-03-02 12:14 - 00000000 ____D () C:\Program Files\Microsoft Office2015-01-28 15:21 - 2009-07-14 17:52 - 00000000 ____D () C:\Program Files\MSBuild2015-01-27 15:41 - 2011-03-30 11:25 - 00007597 _____ () C:\Users\Gerrard\AppData\Local\resmon.resmoncfg2015-01-24 13:47 - 2012-10-14 11:07 - 00000000 ____D () C:\Users\Gerrard\AppData\Roaming\Audacity2015-01-23 08:36 - 2012-06-06 03:27 - 00000000 ____D () C:\Users\Gerrard\Documents\Visual Studio 20102015-01-21 08:44 - 2013-08-16 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection2015-01-20 14:40 - 2009-07-14 15:37 - 00000000 ____D () C:\Windows\registration2015-01-20 11:34 - 2013-10-12 07:18 - 00000000 ____D () C:\Users\Gerrard\AppData\Local\Citrix2015-01-20 11:34 - 2010-03-29 01:41 - 00000000 ____D () C:\Users\Gerrard\AppData\Roaming\Mozilla2015-01-20 11:28 - 2013-10-12 07:20 - 00000000 ____D () C:\Users\Gerrard\AppData\Roaming\Juniper Networks2015-01-20 08:45 - 2012-07-19 08:37 - 00000000 ____D () C:\ProgramData\Samsung2015-01-20 08:35 - 2015-01-14 11:05 - 00000000 ____D () C:\Users\Gerrard\Documents\SelfMV2015-01-20 08:06 - 2012-09-23 04:12 - 00000000 ____D () C:\Users\Gerrard\AppData\Roaming\Samsung2015-01-20 08:05 - 2012-09-30 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung2015-01-20 07:37 - 2010-03-02 09:08 - 00000000 ____D () C:\ProgramData\NVIDIA ==================== Files in the root of some directories ======= 2013-04-25 09:28 - 2013-04-25 09:28 - 0183640 _____ () C:\Users\Gerrard\AppData\Local\ars.cache2013-04-25 09:28 - 2013-04-25 09:28 - 0350314 _____ () C:\Users\Gerrard\AppData\Local\census.cache2011-10-12 05:29 - 2014-09-18 22:14 - 0020480 _____ () C:\Users\Gerrard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2013-04-25 09:07 - 2013-04-25 09:07 - 0000036 _____ () C:\Users\Gerrard\AppData\Local\housecall.guid.cache2011-03-30 11:25 - 2015-01-27 15:41 - 0007597 _____ () C:\Users\Gerrard\AppData\Local\resmon.resmoncfg2010-04-06 08:51 - 2010-04-07 01:33 - 0000040 ___SH () C:\ProgramData\.zreglib2010-03-03 04:56 - 2010-03-03 08:00 - 0000832 _____ () C:\ProgramData\hpzinstall.log Some content of TEMP:====================C:\Users\Gerrard\AppData\Local\Temp\MouseKeyboardCenterx86_1033.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-14 21:03 ==================== End Of Log ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-02-2015Ran by Gerrard at 2015-02-18 14:53:50Running from C:\Users\Gerrard\Desktop\FixBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden3GP to MP3 Converter (HKLM\...\3GP to MP3 Converter_is1) (Version: - Shiver)Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) HiddenAcronis True Image Home (HKLM\...\{E5343B27-55DF-40BD-9FCF-A643C1331E8A}) (Version: 11.0.8022 - Acronis)Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)Adobe Photoshop Elements 2.0 (HKLM\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) HiddenAmazon MP3 Downloader 1.0.9 (HKLM\...\Amazon MP3 Downloader) (Version: - )Amazon Music Importer (HKLM\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)Amazon Music Importer (Version: 2.1.0 - Amazon Services LLC) HiddenAnyDVD (HKLM\...\AnyDVD) (Version: 6.7.8.0 - SlySoft)AnyRail5EN (HKLM\...\{E87E2DE8-29B8-44B2-85EB-CB0209D0F044}) (Version: 5.5.5 - DRail Modelspoor Software)A-PDF Restrictions Remover 1.6 (HKLM\...\A-PDF Restrictions Remover_is1) (Version: - A-PDF Solution)Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)Audiograbber 1.83 SE (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber)Audiograbber MP3 Plugin (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)BufferChm (Version: 130.0.331.000 - Hewlett-Packard) HiddenC7200 (Version: 130.0.365.000 - Hewlett-Packard) HiddenC7200_Help (Version: 100.0.206.000 - Hewlett-Packard) HiddenCopy (Version: 130.0.428.000 - Hewlett-Packard) HiddenCreative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )D3DX10 (Version: 15.4.2368.0902 - Microsoft) HiddenData Lifeguard Diagnostic for Windows (HKLM\...\{75B61CF0-B8A8-46E2-8709-C4A79898AC1D}) (Version: 1.17 - Western Digital Corporation)Dell System Detect (HKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 9.1.18.6 - Synaptics)Destinations (Version: 130.0.0.0 - Hewlett-Packard) HiddenDeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) HiddenDigital Photography Winter Fun Pack (HKLM\...\{347D1603-FA83-4B2C-B504-8BC1FF59DB50}) (Version: 1.0.0 - <no manufacturer>)DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)DocProc (Version: 13.0.0.0 - Hewlett-Packard) HiddenDropbox (HKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)Fax (Version: 130.0.418.000 - Hewlett-Packard) HiddenFree RAR Extract Frog (HKLM\...\Free RAR Extract Frog) (Version: 2.10 - Philipp Winterberg)Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Update Helper (Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (Version: 1.3.26.9 - Google Inc.) HiddenGPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) HiddenHandbrake 0.9.4 (HKLM\...\Handbrake) (Version: 0.9.4 - )HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) HiddenHPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) HiddenHPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) HiddenHPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hiddenhpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) HiddenHPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) HiddenHPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) HiddeniTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.550 - Oracle)JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )McAfee Internet Security (HKLM\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 4.7 - Dell)Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)Microsoft AutoRoute v11.0 (HKLM\...\{8704D51E-25B7-4F23-81E7-AA4F54790220}) (Version: 11.00.18.1900 - Microsoft Corporation)Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)Microsoft Lync Basic 2013 (HKLM\...\Office15.LYNCENTRY) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)Microsoft Office Visio Professional 2007 (HKLM\...\VISPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft SharedView (HKLM\...\{190297F8-14EC-4ECA-BFAC-72843DBFB382}) (Version: 8.0.5725.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)Microsoft SQL Server System CLR Types (HKLM\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)Microsoft Visio Viewer 2013 (HKLM\...\{95150000-0052-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Visual Basic 2010 Express - ENU (HKLM\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)Mihov Picture Downloader 1.5 (remove only) (HKLM\...\Mihov Picture Downloader) (Version: - )Mp3tag v2.50 (HKLM\...\Mp3tag) (Version: v2.50 - Florian Heidenreich)MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)MyFreeCodec (HKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\MyFreeCodec) (Version: - )Network (Version: 130.0.572.000 - Hewlett-Packard) HiddenNokia PC Suite 4.88 (HKLM\...\{BCB8B85E-E28A-424F-AE81-A7553DAA32A4}) (Version: - )NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.6 - NVIDIA Corporation)NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)NVIDIA PhysX (HKLM\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenOutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)PS_AIO_02_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) HiddenPS_AIO_02_Software (Version: 130.0.365.000 - Hewlett-Packard) HiddenPS_AIO_02_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) HiddenQuickSet (HKLM\...\{7F0C4457-8E64-491B-8D7B-991504365D1E}) (Version: 8.0.11 - Dell Inc.)QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)Radio Downloader (HKLM\...\{DFC9529D-50DB-431F-BDFE-961AA30B17EE}) (Version: 0.24.2.0 - NerdoftheHerd.com)Rapport (Version: 3.5.1404.61 - Trusteer) HiddenRealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) HiddenRealPlayer (HKLM\...\RealPlayer 15.0) (Version: - RealNetworks)RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) HiddenRecuva (HKLM\...\Recuva) (Version: 1.37 - Piriform)RICOH R5U8xx Media Driver ver.3.62.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.62.02 - RICOH)Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)Roxio Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)Roxio MyDVD DE (HKLM\...\{D639085F-4B6E-4105-9F37-A0DBB023E2FB}) (Version: 9.0.117 - Roxio, Inc.)Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)Samsung Kies3 (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) HiddenSamsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) HiddenSAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)Scan (Version: 13.0.0.0 - Hewlett-Packard) HiddenService Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-012D-0000-0000-0000000FF1CE}_Office15.LYNCENTRY_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)Shared C Run-time for x86 (Version: 10.0.0 - McAfee) HiddenSigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) HiddenSonic Activation Module (Version: 1.0 - Sonic Solutions) HiddenSound Blaster Audigy ADVANCED MB (HKLM\...\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}) (Version: 1.0 - )Spotify (HKU\S-1-5-21-1696010641-1652278836-1394396144-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)Status (Version: 130.0.469.000 - Hewlett-Packard) HiddenTomTom HOME (HKLM\...\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}) (Version: 2.9.3 - TomTom)TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)Toolbox (Version: 130.0.648.000 - Hewlett-Packard) HiddenTotal Recorder 8.5 Standard Edition (HKLM\...\TotalRecorder) (Version: - )TrayApp (Version: 130.0.422.000 - Hewlett-Packard) HiddenTrusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)UnloadSupport (Version: 11.0.0 - Hewlett-Packard) HiddenUpdate for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) HiddenVisual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)WebReg (Version: 130.0.132.017 - Hewlett-Packard) HiddenWhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.7.5 - Shark007)Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001_Classes\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\localserver32 -> C:\Users\Gerrard\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe N (the data entry has 6 more characters).CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerrard\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No FileCustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Citrix\ICA Client\Wfica.ocx No FileCustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Citrix\ICA Client\Wfica.ocx No FileCustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.e (the data entry has 10 more characters).CustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No FileCustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No FileCustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No FileCustomCLSID: HKU\S-1-5-21-1696010641-1652278836-1394396144-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File ==================== Restore Points ========================= 22-01-2015 18:41:08 DCInstallRestorePoint29-01-2015 07:51:20 Installed Microsoft Lync Basic 201329-01-2015 07:52:15 LYNCENTRY29-01-2015 08:17:53 Installed Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs03-02-2015 08:19:58 Windows Update10-02-2015 07:47:40 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 15:04 - 2014-07-08 11:20 - 00001206 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 www.livejasmin.com127.0.0.1 creatives.livejasmin.com127.0.0.1 www.streamate.com127.0.0.1 www.partypoker.com127.0.0.1 cdn.nsimg.net127.0.0.1 banners.adultfriendfinder.com127.0.0.1 go.urlcash.net127.0.0.1 live-cams-1.livejasmin.com127.0.0.1 pu.plugrush.com127.0.0.1 syndication.exoclick.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {18F52E63-10BD-414F-A558-BEEF4E5A2557} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exeTask: {2026C154-93A2-480E-939B-D72F15346EA7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)Task: {5EE665B7-A55B-46BB-B183-AA6645F7777C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)Task: {6E0617FA-3EC2-4B5B-82A7-F60007BF758E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)Task: {75111F5F-341D-4885-9118-20DDE7E96FED} - System32\Tasks\{25350066-26A8-43C0-9F43-5C47417452D3} => pcalua.exe -a C:\Users\Gerrard\Downloads\winsdk_web.exe -d C:\Users\Gerrard\DownloadsTask: {A3720439-4A37-4B6A-8F22-2F4C5D391FB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)Task: {AC2109D0-DB85-4C58-B0FF-A6AA13A1355F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)Task: {C9BA531B-1C31-4BAB-9A46-9ECD6A8C170A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {D35A8E84-B470-4AF1-90B0-5E8C68C4B557} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)Task: {DFF10C04-60FA-41DD-8E8C-7DD19BFE8B25} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1696010641-1652278836-1394396144-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-11-09] (RealNetworks, Inc.)Task: {E6041930-4859-4FD0-85E1-F0CE2966845D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-11] (PC-Doctor, Inc.)Task: {EEF7FDBB-265F-4BA4-BACD-D1D9F037DC9A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1696010641-1652278836-1394396144-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-11-09] (RealNetworks, Inc.)Task: {F4DEB516-D948-4931-9272-2A270B4262E9} - System32\Tasks\{1BE77BF5-E0CC-4EDB-B44E-FEA2CF5C0F90} => Iexplore.exe http://ui.skype.com/ui/0/5.8.0.156.259/en/abandoninstall?page=tsMainTask: {F51FC3A8-6902-4808-BD29-AC68B6764CE5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-08-01 00:16 - 2014-08-01 00:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2014-08-01 00:16 - 2014-08-01 00:16 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll2015-01-05 22:08 - 2013-08-30 12:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll2010-03-03 08:19 - 2006-10-27 05:21 - 00056056 _____ () C:\Windows\system32\DLAAPI_W.DLL2007-02-21 02:01 - 2007-02-21 02:01 - 00105184 _____ () C:\Program Files\Dell\QuickSet\dadkeyb.dll2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll2010-03-03 04:44 - 2006-11-13 23:07 - 00066560 ____N () C:\Windows\system32\CmdRtr.dll2010-03-03 04:44 - 2006-11-21 02:29 - 00101376 ____N () C:\Windows\system32\APOMngr.dll2015-02-08 20:59 - 2015-02-04 22:02 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\libglesv2.dll2015-02-08 20:59 - 2015-02-04 22:02 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\libegl.dll2015-02-08 20:59 - 2015-02-04 22:02 - 09170760 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll2009-02-27 02:46 - 2009-02-27 02:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll2014-11-12 17:17 - 2014-11-12 17:17 - 01754296 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll2011-06-23 00:46 - 2011-06-23 00:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll2013-07-11 06:07 - 2013-07-11 06:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Gerrard\Nokia Backup:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Downloads\DVD Ripping:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\AnyDVDHD:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\AnyDVD_logs:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\Bluetooth Exchange Folder:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\Dell Webcam Center:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\Gerrard Burras - Happy Birthday Lana.wma:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\Lana:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\My Google Gadgets:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\My Greeting Card Templates:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\My Scans:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\My Shapes:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\OneNote Notebooks:Roxio EMC StreamAlternateDataStreams: C:\Users\Gerrard\Documents\TomTom:Roxio EMC Stream ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1696010641-1652278836-1394396144-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gerrard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 10.1.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartupMSCONFIG\startupfolder: C:^Users^Gerrard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.StartupMSCONFIG\startupfolder: C:^Users^Gerrard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.StartupMSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exeMSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: AnyDVD => C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exeMSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exeMSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWMSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exeMSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exeMSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupMSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startMSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe RunMSCONFIG\startupreg: Nokia Tray Application => C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exeMSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,StartMSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\MediaDirect\PCMService.exe"MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottimeMSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"MSCONFIG\startupreg: SigmatelSysTrayApp => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exeMSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osbootMSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe ==================== Accounts: ============================= Administrator (S-1-5-21-1696010641-1652278836-1394396144-500 - Administrator - Disabled)Gerrard (S-1-5-21-1696010641-1652278836-1394396144-1001 - Administrator - Enabled) => C:\Users\GerrardGuest (S-1-5-21-1696010641-1652278836-1394396144-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-1696010641-1652278836-1394396144-1002 - Limited - Enabled)UpdatusUser (S-1-5-21-1696010641-1652278836-1394396144-1005 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Photosmart C7200 seriesDescription: Photosmart C7200 seriesClass Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Manufacturer: HPService: StillCamProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart C7200 seriesDescription: Photosmart C7200 seriesClass Guid: {4d36e971-e325-11ce-bfc1-08002be10318}Manufacturer: HPService: Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (02/17/2015 08:45:48 AM) (Source: RasClient) (EventID: 20227) (User: )Description: CoId={8EFF032A-6526-4DBB-BB5D-74887E4C7FA2}: The user Gerrard-PC\Gerrard dialed a connection named CRT VPN which has failed. The error code returned on failure is 691. Error: (02/16/2015 04:21:26 PM) (Source: RasClient) (EventID: 20227) (User: )Description: CoId={18FBD945-363B-4A67-AE28-A4FC8E6D30C3}: The user Gerrard-PC\Gerrard dialed a connection named CRT VPN which has failed. The error code returned on failure is 0. Error: (02/16/2015 04:20:44 PM) (Source: RasClient) (EventID: 20227) (User: )Description: CoId={193E33CB-DBFE-4628-9116-6E96455D8E8D}: The user Gerrard-PC\Gerrard dialed a connection named CRT VPN which has failed. The error code returned on failure is 691. Error: (02/16/2015 01:03:54 PM) (Source: RasClient) (EventID: 20227) (User: )Description: CoId={52A21EB0-20CD-4CBE-8C02-B625124C0493}: The user Gerrard-PC\Gerrard dialed a connection named CRT VPN which has failed. The error code returned on failure is 0. Error: (02/16/2015 07:50:09 AM) (Source: Windows Backup) (EventID: 4103) (User: )Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (02/16/2015 07:47:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 120852087 Error: (02/16/2015 07:47:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 120852087 Error: (02/16/2015 07:47:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/14/2015 10:13:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 17145 Error: (02/14/2015 10:13:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 17145 System errors:=============Error: (02/18/2015 01:18:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect. Error: (02/18/2015 01:15:18 PM) (Source: BugCheck) (EventID: 1001) (User: )Description: 0x00000019 (0x00000020, 0x88fd0090, 0x88fd00a0, 0x0802000b)C:\Windows\Minidump\021815-28704-01.dmp021815-28704-01 Error: (02/18/2015 01:15:16 PM) (Source: EventLog) (EventID: 6008) (User: )Description: The previous system shutdown at 12:40:20 on ‎18/‎02/‎2015 was unexpected. Error: (02/18/2015 10:26:09 AM) (Source: Server) (EventID: 2505) (User: )Description: The server could not bind to the transport \Device\NetBT_Tcpip_{8967732C-A582-4E5B-8C1D-D84B49F8178D} because another computer on the network has the same name. The server could not start. Error: (02/18/2015 10:25:44 AM) (Source: Server) (EventID: 2505) (User: )Description: The server could not bind to the transport \Device\NetBT_Tcpip_{8967732C-A582-4E5B-8C1D-D84B49F8178D} because another computer on the network has the same name. The server could not start. Error: (02/17/2015 09:50:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (02/17/2015 09:50:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (02/17/2015 09:50:22 PM) (Source: PNRPSvc) (EventID: 102) (User: )Description: 0x80630801 Error: (02/17/2015 09:43:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (02/17/2015 09:43:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Microsoft Office Sessions:=========================Error: (01/13/2015 00:57:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3781 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/08/2013 09:16:20 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5589 seconds with 0 seconds of active time. This session ended with a crash. Error: (04/30/2013 08:15:48 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1351 seconds with 540 seconds of active time. This session ended with a crash. Error: (02/17/2013 03:37:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 35 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/17/2013 03:33:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/17/2013 03:32:49 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2840 seconds with 300 seconds of active time. This session ended with a crash. Error: (02/19/2011 06:10:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8305 seconds with 180 seconds of active time. This session ended with a crash. CodeIntegrity Errors:=================================== Date: 2012-12-15 03:32:07.367 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\McAfee\Temp\qxzA278\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2012-12-15 03:32:07.361 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\McAfee\Temp\qxzA278\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2012-12-15 03:32:07.358 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\McAfee\Temp\qxzA278\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2012-08-29 13:06:09.136 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2012-08-29 13:06:09.136 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2012-08-29 13:06:09.120 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU T7700 @ 2.40GHzPercentage of memory in use: 59%Total physical RAM: 3582.04 MBAvailable physical RAM: 1434.84 MBTotal Pagefile: 7162.36 MBAvailable Pagefile: 4553.71 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1893.98 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:250 GB) (Free:31.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: (Data) (Fixed) (Total:213.7 GB) (Free:27.58 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000080)Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)Partition 2: (Active) - (Size=250 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=215.7 GB) - (Type=OF Extended) ==================== End Of Log ============================ Any help would be much appreciated. Thanks! Gerrard.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.