Jump to content

Recommended Posts

Noticed since upgrade of Malwarebytes to Premium. The laptop is running really slow especially on loading desktop & startup. Plus Google chrome appears to keep crashing - getting Aw Snap message - reload always works.

 

Having similar problem with husbands laptop running Windows 7 & Avast, since upgrading to the premium.

 

So am fairly certain its some problem with Malwarebytes premium.

 

Have tried putting Delaying Malwarebytes Protection on Startup by 90 seconds on my laptop which seems to improve things a bit? However since doing this have noticed Malwarebytes icon is no longer in System taskbar. When I click on desktop icon it indicates that Realtime protection is enabled. But if its not showing in system taskbar am I receiving Realtime protection?

 

Have just done a Malwarebytes scan which was totally clear.

 

Am currently running Windows Vista & also have Avast on system.

Any advice would be really welcome.

Link to post
Share on other sites

FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2015
Ran by Patricia (administrator) on PAT-PC on 12-02-2015 23:11:29
Running from C:\Users\Patricia\Desktop
Loaded Profiles: Pat & Patricia (Available profiles: Pat & Dave & Patricia & Guest)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILGE.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILGE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483420 2008-11-18] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [WD Drive Unlocker] => C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-01-27] (Apple Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-07-04] (Google Inc.)
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Run: [Google Update] => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-30] (Google Inc.)
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MountPoints2: {225807c9-e77f-11e0-bda7-0023ae2e7f5f} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MountPoints2: {2258083a-e77f-11e0-bda7-0023ae2e7f5f} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MountPoints2: {44d29be0-9939-11e4-a590-0023ae2e7f5f} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MountPoints2: {bc5fe618-a4b3-11e1-b07b-0023ae2e7f5f} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MountPoints2: {f5249c97-84bd-11e1-b029-0023ae2e7f5f} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MountPoints2: {f5249caa-84bd-11e1-b029-0023ae2e7f5f} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MountPoints2: {fb436b0c-a4b6-11e1-81cd-806e6f6e6963} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2532494780-3708508292-916854352-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILGE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2532494780-3708508292-916854352-1000 -> {090C3A3A-C46F-4AF9-B5D8-B9D9A88B110E} URL = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000028&src=crm&q={searchTerms}&locale=&apn_ptnrs=U4&apn_dtid=OSJ000
SearchScopes: HKU\S-1-5-21-2532494780-3708508292-916854352-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=421&sr=0&q={searchTerms}
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2532494780-3708508292-916854352-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-2532494780-3708508292-916854352-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2532494780-3708508292-916854352-1002 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-2532494780-3708508292-916854352-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/Photosynth,version=2.0 -> C:\Program Files\Photosynth\npPhotosynthMozilla.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.2.72 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.2.72 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.2.72 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2532494780-3708508292-916854352-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2532494780-3708508292-916854352-1000: @talk.google.com/O1DPlugin -> C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2532494780-3708508292-916854352-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2532494780-3708508292-916854352-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2532494780-3708508292-916854352-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-07-03]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-02-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-17]
 
Chrome: 
=======
CHR Profile: C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-17]
CHR Extension: (Google Wallet) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-02-20]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [81920 2008-11-17] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe [241746 2008-11-18] (IDT, Inc.)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-10-09] (Vodafone) [File not signed]
R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-10-23] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-26] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-12 23:11 - 2015-02-12 23:11 - 00021017 _____ () C:\Users\Patricia\Desktop\FRST.txt
2015-02-12 23:06 - 2015-02-12 23:06 - 01682416 _____ (Malwarebytes Corporation) C:\Users\Patricia\Downloads\mbam-check-2.1.1.1001.exe
2015-02-12 23:05 - 2015-02-12 23:05 - 01125376 _____ (Farbar) C:\Users\Patricia\Desktop\FRST.exe
2015-02-12 22:55 - 2015-02-12 22:55 - 00000894 _____ () C:\Users\Pat\Desktop\mbam-check-2.1.1.1001 - Shortcut.lnk
2015-02-12 22:54 - 2015-02-12 22:54 - 00055015 _____ () C:\Users\Patricia\Documents\CheckResults.txt
2015-02-12 22:47 - 2015-02-12 22:57 - 00055015 _____ () C:\Users\Patricia\Desktop\CheckResults.txt
2015-02-12 22:44 - 2015-02-12 22:44 - 01682416 _____ (Malwarebytes Corporation) C:\Users\Pat\Downloads\mbam-check-2.1.1.1001.exe
2015-02-12 22:39 - 2015-02-12 23:11 - 00000000 ____D () C:\FRST
2015-02-12 22:39 - 2015-02-12 22:39 - 01125376 _____ (Farbar) C:\Users\Pat\Downloads\FRST (3).exe
2015-02-12 22:38 - 2015-02-12 22:39 - 01125376 _____ (Farbar) C:\Users\Pat\Downloads\FRST (2).exe
2015-02-12 11:13 - 2014-11-26 02:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 11:11 - 2015-01-09 00:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 11:10 - 2015-01-13 01:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 11:06 - 2015-01-15 04:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 11:04 - 2014-12-08 01:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 10:57 - 2015-01-14 01:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 10:57 - 2015-01-14 01:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-11 10:57 - 2015-01-14 01:47 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 10:57 - 2015-01-14 01:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 10:57 - 2015-01-14 01:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 10:57 - 2015-01-14 01:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 10:57 - 2015-01-14 01:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 10:57 - 2015-01-14 01:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 10:57 - 2015-01-14 01:41 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 10:57 - 2015-01-14 01:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 10:57 - 2015-01-14 01:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 10:57 - 2015-01-14 01:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-11 10:57 - 2015-01-14 01:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 10:57 - 2015-01-14 01:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 10:57 - 2015-01-14 01:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 10:57 - 2015-01-14 01:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 10:57 - 2015-01-14 01:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 10:57 - 2015-01-14 01:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 10:57 - 2015-01-14 01:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 10:57 - 2015-01-14 01:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-11 10:57 - 2015-01-14 01:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-11 10:57 - 2015-01-14 01:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-09 11:59 - 2015-02-09 11:59 - 00000826 _____ () C:\DelFix.txt
2015-02-09 11:33 - 2015-02-09 11:36 - 00196149 _____ () C:\Users\Patricia\Downloads\delfix_10.8 (1).exe
2015-02-08 21:06 - 2015-02-08 21:23 - 00000000 ____D () C:\Users\Patricia\AppData\Local\Microsoft Games
2015-02-08 19:15 - 2015-02-12 13:03 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat
2015-02-08 17:43 - 2015-02-08 17:43 - 02112512 _____ () C:\Users\Pat\Downloads\AdwCleaner (1).exe
2015-02-08 11:33 - 2015-02-08 11:34 - 01124352 _____ (Farbar) C:\Users\Pat\Downloads\FRST (1).exe
2015-02-08 00:36 - 2015-02-08 00:36 - 00022184 _____ () C:\Users\Pat\Downloads\Addition.txt
2015-02-08 00:35 - 2015-02-12 22:44 - 00031948 _____ () C:\Users\Pat\Downloads\FRST.txt
2015-02-08 00:34 - 2015-02-08 00:34 - 01124352 _____ (Farbar) C:\Users\Pat\Downloads\FRST.exe
2015-02-05 19:03 - 2015-02-05 19:03 - 00001624 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-05 19:03 - 2015-02-05 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-05 19:01 - 2015-02-05 19:03 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-02-05 19:01 - 2015-02-05 19:03 - 00000000 ____D () C:\Program Files\iTunes
2015-02-05 19:01 - 2015-02-05 19:01 - 00000000 ____D () C:\Program Files\iPod
2015-01-29 19:13 - 2015-01-29 19:14 - 02194432 _____ () C:\Users\Pat\Downloads\adwcleaner_4.109.exe
2015-01-28 01:40 - 2015-01-28 01:40 - 05325208 _____ (Piriform Ltd) C:\Users\Pat\Downloads\ccsetup502.exe
2015-01-25 10:54 - 2015-01-25 10:55 - 04287921 _____ () C:\Users\Pat\Downloads\100picturesforyou (2).zip
2015-01-22 17:21 - 2015-01-22 17:21 - 04287921 _____ () C:\Users\Pat\Downloads\100picturesforyou.zip
2015-01-22 17:21 - 2015-01-22 17:21 - 04287921 _____ () C:\Users\Pat\Downloads\100picturesforyou (1).zip
2015-01-21 02:01 - 2014-10-23 11:30 - 50569804 _____ () C:\Users\Pat\Desktop\Isla clapping hands.MOV
2015-01-20 12:39 - 2014-12-19 00:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-20 12:19 - 2014-12-06 03:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-20 12:19 - 2014-12-06 03:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-20 12:19 - 2014-12-06 03:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-20 12:19 - 2014-12-06 03:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-12 23:05 - 2013-08-30 08:21 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532494780-3708508292-916854352-1000UA.job
2015-02-12 23:01 - 2014-04-25 21:44 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-12 23:01 - 2011-07-04 17:00 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-12 23:00 - 2012-05-19 08:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-12 22:52 - 2014-04-20 18:52 - 00000917 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {6AC83EC9-CF8C-424B-995E-08AA3CAE134B}.job
2015-02-12 22:52 - 2014-04-20 18:52 - 00000731 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6AC83EC9-CF8C-424B-995E-08AA3CAE134B}.job
2015-02-12 22:50 - 2011-07-04 17:00 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 22:35 - 2008-01-21 01:35 - 01318971 _____ () C:\Windows\WindowsUpdate.log
2015-02-12 18:59 - 2006-11-02 12:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-12 18:59 - 2006-11-02 12:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-12 14:47 - 2011-07-05 22:08 - 00002569 _____ () C:\Users\Pat\Desktop\Microsoft Office Word 2003.lnk
2015-02-12 12:59 - 2006-11-02 13:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-12 11:58 - 2006-11-02 12:47 - 00320288 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 11:54 - 2006-11-02 13:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-12 11:46 - 2013-07-28 11:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 11:17 - 2006-11-02 10:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-12 11:05 - 2013-08-30 08:21 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532494780-3708508292-916854352-1000Core.job
2015-02-11 18:58 - 2011-07-10 20:03 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Smilebox
2015-02-09 11:28 - 2011-07-05 22:31 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-02-09 11:28 - 2011-07-05 22:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-08 21:05 - 2006-11-02 12:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-08 18:28 - 2014-04-25 21:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-08 18:28 - 2013-11-15 14:08 - 05728416 _____ () C:\Windows\PFRO.log
2015-02-08 12:16 - 2014-04-25 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-08 12:16 - 2012-01-07 17:24 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-06 18:04 - 2006-11-02 10:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 22:58 - 2013-09-17 20:38 - 00001931 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-05 19:01 - 2012-01-30 17:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-05 19:00 - 2012-05-19 08:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 19:00 - 2011-07-01 22:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 18:05 - 2013-08-16 22:40 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Mozilla
2015-01-29 19:28 - 2011-06-27 12:06 - 00000000 ____D () C:\Users\Pat
2015-01-29 11:26 - 2012-05-18 12:01 - 00000000 ____D () C:\Users\Patricia\AppData\Local\Google
2015-01-28 01:40 - 2012-05-18 14:50 - 00000764 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-28 01:40 - 2012-05-18 14:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-25 16:17 - 2011-07-05 22:08 - 00002567 _____ () C:\Users\Pat\Desktop\Microsoft Office Excel 2003.lnk
2015-01-25 15:00 - 2011-07-05 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-01-21 16:39 - 2015-01-11 00:19 - 00029118 _____ () C:\Windows\DPINST.LOG
2015-01-21 16:38 - 2015-01-11 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-01-21 16:37 - 2015-01-11 00:19 - 00000000 ____D () C:\Program Files\Western Digital
2015-01-21 16:37 - 2015-01-11 00:19 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-01-21 16:37 - 2015-01-11 00:11 - 00000000 ____D () C:\ProgramData\Western Digital
2015-01-21 16:27 - 2015-01-11 00:32 - 00000000 ____D () C:\ProgramData\Package Cache
 
==================== Files in the root of some directories =======
 
2014-04-07 10:12 - 2014-04-07 10:12 - 0000055 _____ () C:\Users\Patricia\AppData\Roaming\mbam.context.scan
2012-05-23 09:55 - 2014-11-13 12:18 - 0006080 _____ () C:\Users\Patricia\AppData\Local\d3d9caps.dat
2008-08-20 15:45 - 2008-08-20 15:45 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml
2008-09-22 13:21 - 2008-09-22 13:21 - 0127092 ____R () C:\ProgramData\DeviceManager.xml.rc4
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-12 13:09
 
==================== End Of Log ============================
 
FRST Addition log
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2015
Ran by Patricia at 2015-02-12 23:12:07
Running from C:\Users\Patricia\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
Amazon Kindle (HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Multimedia Email (HKLM\...\{DD54CF66-090B-43E7-97C1-110EF526474D}) (Version:  - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVS Video Converter 8 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 8.3.2.533 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
Dropbox (HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
Easy Phone Tunes (HKLM\...\{03ED925F-9E5E-4532-998D-7F8840FE5A74}) (Version: 137 - Easy Phone Tunes)
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Manuals (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Free Easy Burner V 5.1 (HKLM\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft)
Get Yahoo! Messenger (HKLM\...\Get Yahoo! Messenger) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google SketchUp 8 (HKLM\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6124.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}) (Version: 12.1.0.71 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.63.3.3 - Marvell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2532494780-3708508292-916854352-1002\...\MyFreeCodec) (Version:  - )
Photosynth 2.0110.0317.1042 (HKLM\...\{B08AC850-5B07-41F1-9DB1-56CF72003BDA}) (Version: 3.3.3.3 - Microsoft)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.1 - Dell)
QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 9.2.17 - Dell Inc.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version:  - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20113 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Serif PagePlus 9.0 (HKLM\...\{BCA541B4-00B4-4D20-B38D-6623BF2F68BF}) (Version: 9.00 - Serif)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smilebox (HKU\S-1-5-21-2532494780-3708508292-916854352-1000\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
Software Updater (HKLM\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.5.11690 - Vodafone)
WD Drive Utilities (HKLM\...\{F9784E1D-4455-4BFF-A97A-1B1355A4FFDB}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM\...\{79966948-BECF-4CB1-A79F-E76C830A17D2}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD Security (HKLM\...\{0AC340BC-4A62-4D1F-86DB-35C1C3CB66CF}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{9D86C21F-11DD-4FBD-97CE-AE6BE34D271C}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{1383A31C-26AC-4d88-91F1-EEAD77D81FA6}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\MP3Writer.dll ()
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{382C9F93-9BA4-4FC6-88DC-AD52F5812FF8}\localserver32 -> C:\Users\Pat\AppData\Roaming\Smilebox\OzDesktopImporter.exe (Octazen Solutions)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Pat\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\MP3Encoder.dll ()
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Pat\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{C42B23DF-334C-4AD0-9AB4-91FF53D04239}\localserver32 -> C:\Users\Pat\AppData\Roaming\Smilebox\OzDesktopImporter.exe (Octazen Solutions)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1000_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1002_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2532494780-3708508292-916854352-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pat\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
10-01-2015 11:59:08 Scheduled Checkpoint
10-01-2015 19:11:52 Windows Backup
11-01-2015 00:24:47 Installed WD Security
19-01-2015 21:14:01 Windows Update
20-01-2015 12:18:24 Windows Update
21-01-2015 16:27:00 WD SmartWare Installer
23-01-2015 14:33:18 Scheduled Checkpoint
25-01-2015 14:59:01 Installed Software Updater
27-01-2015 11:34:54 Windows Update
29-01-2015 20:26:37 Scheduled Checkpoint
05-02-2015 17:53:06 Windows Update
10-02-2015 11:47:20 Windows Update
12-02-2015 11:01:04 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 10:23 - 2006-09-18 21:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1BCB786E-9A11-4B8A-91D1-5068D97096AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {226F8FFD-84FE-4DCB-882D-A547187E3A2C} - System32\Tasks\EPSON XP-215 217 Series Invitation {6AC83EC9-CF8C-424B-995E-08AA3CAE134B} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {4810D204-98D7-466E-80DA-D51FADBAF9D4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {613D58C0-20A5-470D-A6E0-9839C9710F1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {734F45E6-B18A-4EE5-9ABC-B967E3CC0C22} - System32\Tasks\EPSON XP-215 217 Series Update {6AC83EC9-CF8C-424B-995E-08AA3CAE134B} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {740358E3-F8C8-41EF-AFD9-1B2C85E59725} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {943D4923-C6C5-4AE4-B7C7-8E1C4B67C5B9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2532494780-3708508292-916854352-1000UA => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-30] (Google Inc.)
Task: {9EDEE3CE-985A-46E4-B2C3-AF7FB112C60A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2532494780-3708508292-916854352-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {A5484A87-5E04-4EF9-948C-26AFD1B98897} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {BE385223-65BF-4BCF-A319-8A1928661EEB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2532494780-3708508292-916854352-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {DAA9D7E7-B77F-4A56-93FC-DC73EB295613} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2532494780-3708508292-916854352-1000Core => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-30] (Google Inc.)
Task: {F83ABB0E-9626-486C-BE36-02DBB90B627A} - System32\Tasks\{2F7B4B56-AA0D-4FDD-9097-608A85E88719} => pcalua.exe -a "C:\Users\Pat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ITYGCZ68\avira_antivir_personal_en[1].exe" -d C:\Users\Pat\Desktop
Task: {FDF8A04E-DC9E-49D7-A976-F40143208BA7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-26] (AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6AC83EC9-CF8C-424B-995E-08AA3CAE134B}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {6AC83EC9-CF8C-424B-995E-08AA3CAE134B}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLGE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532494780-3708508292-916854352-1000Core.job => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532494780-3708508292-916854352-1000UA.job => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-12 22:36 - 2015-02-12 22:36 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021201\algo.dll
2014-04-17 14:34 - 2014-11-26 16:44 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-05 22:58 - 2015-02-04 09:02 - 09170760 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll
2014-04-18 10:15 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Pat\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-18 10:15 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Pat\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-02-05 22:58 - 2015-02-04 09:02 - 14965064 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
2014-11-13 12:55 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-11-13 12:55 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2532494780-3708508292-916854352-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pat\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
HKU\S-1-5-21-2532494780-3708508292-916854352-1002\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.254
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2532494780-3708508292-916854352-500 - Administrator - Disabled)
Dave (S-1-5-21-2532494780-3708508292-916854352-1001 - Limited - Enabled) => C:\Users\Dave
Guest (S-1-5-21-2532494780-3708508292-916854352-501 - Limited - Disabled) => C:\Users\Guest
Pat (S-1-5-21-2532494780-3708508292-916854352-1000 - Limited - Enabled) => C:\Users\Pat
Patricia (S-1-5-21-2532494780-3708508292-916854352-1002 - Administrator - Enabled) => C:\Users\Patricia
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/12/2015 10:35:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9129272
 
Error: (02/12/2015 10:35:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9129272
 
Error: (02/12/2015 10:35:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/12/2015 10:35:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9128118
 
Error: (02/12/2015 10:35:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9128118
 
Error: (02/12/2015 10:35:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/12/2015 10:35:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126511
 
Error: (02/12/2015 10:35:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126511
 
Error: (02/12/2015 10:35:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/12/2015 08:03:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5943
 
 
System errors:
=============
Error: (02/12/2015 10:39:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer AUDREY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{72315BB8-29F0-42D4-9A50-6BE25EFE.
The master browser is stopping or an election is being forced.
 
Error: (02/12/2015 01:02:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (02/12/2015 01:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (02/12/2015 01:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: USB RNDIS Adapter%%1058
 
Error: (02/12/2015 01:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058
 
Error: (02/12/2015 00:59:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:58:04 on 12/02/2015 was unexpected.
 
Error: (02/12/2015 00:01:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86
 
Error: (02/12/2015 11:59:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (02/12/2015 11:59:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: USB RNDIS Adapter%%1058
 
Error: (02/12/2015 11:59:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058
 
 
Microsoft Office Sessions:
=========================
Error: (02/12/2015 10:35:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9129272
 
Error: (02/12/2015 10:35:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9129272
 
Error: (02/12/2015 10:35:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/12/2015 10:35:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9128118
 
Error: (02/12/2015 10:35:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9128118
 
Error: (02/12/2015 10:35:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/12/2015 10:35:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126511
 
Error: (02/12/2015 10:35:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126511
 
Error: (02/12/2015 10:35:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/12/2015 08:03:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5943
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-12 23:11:38.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:11:37.997
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:11:37.712
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:11:37.395
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:10:10.299
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:10:09.908
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:10:09.288
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:10:08.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:06:11.700
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 23:06:11.383
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 71%
Total physical RAM: 3033.63 MB
Available physical RAM: 857.39 MB
Total Pagefile: 6305.52 MB
Available Pagefile: 3304.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.88 GB) (Free:80.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: B8FDB839)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
Have attached Mbam check file as requested

 

CheckResults.txt

Link to post
Share on other sites

  • Root Admin

I'm not seeing obvious signs of an infection but there are some issues that appear to be damage to the system that may have been from an infection.

Perhaps do a a clean removal and reinstall with MBAM may help.

Please uninstall your current version of MBAM and reinstall the latest version. MBAM Clean Removal Process 2x

Beyond that if the issue continues I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.