My Windows 7 Dell Studio 1640 XPS laptop has been sooo slow lately. Seems like process in the background. I ran a Spybot Search & Destroy and found toolbar.do, I think it was. I downloaded Malware Bytes and removed that, but laptop is still soooo slow. I think something else is still going on.
I started a topic back in October, but couldn't back to it because I ended up moving across the country and every time I ran the aswMBR scan, my computer would blue screen over and over. I'm settled now and finally got the scans to run without blue screening. I apologize for delay.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by Tracy (administrator) on TRACY-PC on 06-01-2015 14:48:04
Running from C:\Users\Tracy\Downloads
Loaded Profile: Tracy (Available profiles: Tracy)
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
( ) C:\Windows\System32\lxeacoms.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1552168 2008-09-25] (Synaptics, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [2041112 2008-09-26] (Dell Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-04] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1613603796-1990743980-727887599-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1613603796-1990743980-727887599-1000\...\Run: [GoogleChromeAutoLaunch_01CA19FABFA3145EF0091BC706EED4AD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1613603796-1990743980-727887599-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1613603796-1990743980-727887599-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-1613603796-1990743980-727887599-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Lexmark Toolbar -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Lexmark Printable Web -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKU\S-1-5-21-1613603796-1990743980-727887599-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1613603796-1990743980-727887599-1000 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1613603796-1990743980-727887599-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Tracy\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-09-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-06]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.yahoo.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (mention) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdbnpodkgflemjpckmcdgabbmefpfnb [2013-03-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Sprout Social) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\biailfjhlmalakjackgpekkbmljelldc [2013-08-22]
CHR Extension: (Alexa Traffic Rank) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2012-09-06]
CHR Extension: (Circloscope Free (Inactives+)) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcfgcecigkknnimiljlbcjmnbeeodhl [2012-09-06]
CHR Extension: (SEO SERP Workbench) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-07-08]
CHR Extension: (Replies and more for Google+) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea [2012-09-06]
CHR Extension: (Yast - The World's Easiest Time Tracker) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokleigpmoameleoajncmkmajedgfgbk [2012-09-06]
CHR Extension: (Avast Online Security) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-04]
CHR Extension: (Pin It Button) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-11-24]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-03-04]
CHR Extension: (Discussions button for Google Search™) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjiggoeheaondbmhmilpmbdkpgcjmdn [2014-03-20]
CHR Extension: (Unfriend Finder) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijknldiopccnikfclcmmjnponjkicbc [2013-02-14]
CHR Extension: (Seo Serp Manager) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jncpgpllflmbaaofhdmfamncdipmedjo [2014-07-08]
CHR Extension: (SEO Tools) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\joocnajjlllncaiimobhdlcacaijcjpl [2014-07-08]
CHR Extension: (Social Statistics for Google Plus) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjjhofkehhgakpglgghlkccimpbgplfi [2012-09-06]
CHR Extension: (Harvest) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\laddjnahcdblbgdpbfmlllllmcimepem [2013-01-04]
CHR Extension: (Evernote Web) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-01-04]
CHR Extension: (Circloscope) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mechgkelogghhgmpmbpofjijifdppppl [2014-10-15]
CHR Extension: (Google Wallet) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2012-09-06]
CHR Extension: (Google Reader) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm [2012-09-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-03] (AVAST Software)
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [33960 2009-07-29] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1054888 2009-07-29] ( )
R2 lxea_device; C:\Windows\SysWOW64\lxeacoms.exe [602792 2009-07-29] ( )
R3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-05-19] (Microsoft)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-03] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-03] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-04] (Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 14:48 - 2015-01-06 14:48 - 00017732 _____ () C:\Users\Tracy\Downloads\FRST.txt
2015-01-06 14:47 - 2015-01-06 14:48 - 00000000 ____D () C:\FRST
2015-01-06 14:47 - 2015-01-06 14:47 - 02123776 _____ (Farbar) C:\Users\Tracy\Downloads\FRST64.exe
2015-01-06 14:32 - 2015-01-06 14:32 - 00000000 ____H () C:\ProgramData\cm-lock
2015-01-06 10:03 - 2015-01-06 10:03 - 00090291 _____ () C:\Users\Tracy\Downloads\Free_Google+_Page_Report_on_Hupy_and_Abraham,_S.C._(11_06_2014-01_05_2015_PST).pptx
2015-01-06 09:24 - 2015-01-06 09:24 - 00065536 _____ () C:\Users\Tracy\Downloads\FLVPlayer-Chrome (1).exe
2015-01-03 19:13 - 2015-01-03 19:13 - 00595056 _____ () C:\Users\Tracy\Downloads\Installation.exe
2015-01-03 19:12 - 2015-01-03 19:13 - 00066528 _____ () C:\Users\Tracy\Downloads\FLVPlayer-Chrome.exe
2015-01-02 11:53 - 2015-01-02 11:53 - 00058780 _____ () C:\Users\Tracy\Desktop\HP Installation Error - Windows 7.hta
2015-01-02 11:29 - 2009-09-30 20:19 - 00000418 ____N () C:\Windows\hpwmdl28.dat.temp
2015-01-02 11:23 - 2015-01-02 11:23 - 05197824 _____ () C:\Users\Tracy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi
2014-12-31 11:15 - 2014-12-31 11:15 - 02008965 _____ () C:\Users\Tracy\Downloads\happy_new_year_2015_312182.zip
2014-12-29 11:34 - 2014-12-29 11:40 - 47809240 _____ () C:\Users\Tracy\Downloads\Coach Mike Ditka on Gridiron Greats.mp4
2014-12-29 11:31 - 2014-12-29 11:32 - 30986863 _____ () C:\Users\Tracy\Downloads\Mike Ditka Gridiron Greats Fundraising Challenge.mp4
2014-12-23 10:57 - 2014-12-23 10:57 - 00089785 _____ () C:\Users\Tracy\Downloads\Free_Google+_Page_Report_on_Wynn_at_Law,_LLC_(10_23_2014-12_22_2014_PST) (1).pptx
2014-12-23 10:52 - 2014-12-23 10:52 - 00089790 _____ () C:\Users\Tracy\Downloads\Free_Google+_Page_Report_on_Wynn_at_Law,_LLC_(10_23_2014-12_22_2014_PST).pptx
2014-12-23 10:11 - 2014-12-23 10:11 - 00002585 _____ () C:\Users\Tracy\Downloads\wynnatlaw-com_20141223T171121Z_TopSearchQueries_20141123-20141223.csv
2014-12-23 10:10 - 2014-12-23 10:10 - 00000417 _____ () C:\Users\Tracy\Downloads\wynnatlaw-com_20141223T171056Z_TopSearchQueriesTimeseries_20141123-20141223.csv
2014-12-18 12:55 - 2015-01-04 12:57 - 00000000 ____D () C:\Users\Tracy\AppData\Local\AnyMeeting
2014-12-18 12:36 - 2014-12-18 12:37 - 30431616 _____ (Microsoft Corporation) C:\Users\Tracy\Downloads\AnyMeetingInstaller_v3.1.0.exe
2014-12-14 18:35 - 2014-12-14 19:06 - 03224139 _____ () C:\Users\Tracy\Documents\TShirt_Full-FrontChest.psd
2014-12-14 18:29 - 2014-12-14 18:29 - 00224838 _____ () C:\Users\Tracy\Downloads\_T-Shirts-Womens-Left_Chest.zip
2014-12-14 18:21 - 2014-12-14 18:21 - 05207198 _____ () C:\Users\Tracy\Documents\TShirt_Full-Frontd.psd
2014-12-14 18:19 - 2014-12-14 19:01 - 04205250 _____ () C:\Users\Tracy\Documents\TShirt_Full-Backc.psd
2014-12-14 18:16 - 2014-12-14 18:16 - 05297104 _____ () C:\Users\Tracy\Documents\TShirt_Full-Frontc.psd
2014-12-14 18:03 - 2014-12-14 18:03 - 05311352 _____ () C:\Users\Tracy\Documents\TShirt_Full-Frontb.psd
2014-12-14 17:39 - 2014-12-14 17:39 - 04419832 _____ () C:\Users\Tracy\Documents\TShirt_Full-Front.psd
2014-12-14 15:13 - 2014-12-14 18:15 - 04585233 _____ () C:\Users\Tracy\Documents\TShirt_Full-Back.psd
2014-12-14 15:13 - 2014-12-14 15:13 - 01954905 _____ () C:\Users\Tracy\Documents\TShirt_Full.psd
2014-12-14 14:32 - 2014-12-14 14:32 - 00180541 _____ () C:\Users\Tracy\Downloads\_T-Shirts-Womens (1).zip
2014-12-14 14:31 - 2014-12-14 14:31 - 00180541 _____ () C:\Users\Tracy\Downloads\_T-Shirts-Womens.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 14:48 - 2012-09-06 07:36 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 14:47 - 2014-11-19 17:14 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2015-01-06 14:45 - 2012-09-12 13:52 - 00011104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 14:45 - 2012-09-12 13:52 - 00011104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-06 14:43 - 2012-09-12 14:48 - 01050016 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 14:40 - 2014-04-13 09:35 - 00000000 ____D () C:\ProgramData\Apple
2015-01-06 14:33 - 2012-09-06 07:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-06 14:31 - 2012-09-06 07:36 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 14:31 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 14:31 - 2009-07-13 21:51 - 32524761 _____ () C:\Windows\setupact.log
2015-01-06 14:30 - 2012-09-12 14:21 - 00194346 _____ () C:\Windows\PFRO.log
2015-01-06 14:29 - 2014-11-19 16:59 - 00009799 _____ () C:\ProgramData\hpzinstall.log
2015-01-06 14:28 - 2014-11-19 16:57 - 00000000 ____D () C:\ProgramData\HP
2015-01-06 14:26 - 2014-11-19 16:47 - 00000000 ____D () C:\Program Files (x86)\Hp
2015-01-06 14:00 - 2012-09-18 16:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 10:17 - 2012-09-06 11:47 - 00000000 ____D () C:\Users\Tracy\Documents\Hupy
2015-01-06 09:25 - 2012-09-06 14:06 - 00000000 ____D () C:\Users\Tracy\AppData\Local\Adobe
2015-01-06 09:21 - 2012-09-12 15:26 - 00119736 _____ () C:\Users\Tracy\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-05 23:32 - 2009-07-13 21:45 - 05087552 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-05 22:28 - 2012-10-03 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2015-01-05 22:28 - 2012-10-03 09:27 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2015-01-05 18:00 - 2014-04-19 19:41 - 00000466 _____ () C:\Windows\Tasks\ParetoLogic Registration.job
2015-01-04 12:59 - 2014-09-05 08:34 - 00000000 ____D () C:\Windows\pss
2015-01-04 12:58 - 2012-12-29 16:11 - 00000000 ___RD () C:\Users\Tracy\Dropbox
2015-01-04 12:58 - 2012-12-29 16:07 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Dropbox
2015-01-04 00:07 - 2014-10-15 08:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 15:42 - 2014-04-14 11:03 - 00000000 ____D () C:\Users\Tracy\Documents\Wayne
2015-01-02 11:41 - 2006-11-02 05:34 - 00000254 _____ () C:\Windows\win.ini
2015-01-02 11:29 - 2014-11-19 16:59 - 00207581 _____ () C:\Windows\hpwins28.dat
2014-12-29 20:32 - 2009-07-13 22:13 - 00844518 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-17 13:17 - 2012-09-15 12:09 - 00000000 ____D () C:\Users\Tracy\Documents\Speaking
2014-12-17 10:35 - 2012-09-15 12:10 - 00000000 ____D () C:\Users\Tracy\Documents\Themes
2014-12-17 10:31 - 2012-09-15 12:04 - 00000000 ____D () C:\Users\Tracy\Documents\Marketing Resources
2014-12-14 08:31 - 2013-01-24 08:46 - 00001017 _____ () C:\Users\Tracy\Desktop\Dropbox.lnk
2014-12-14 08:31 - 2012-12-29 16:08 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-14 08:21 - 2009-07-13 22:08 - 00032594 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-12 00:05 - 2012-09-06 07:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 21:55 - 2012-09-06 08:18 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\FileZilla
2014-12-10 09:00 - 2012-09-18 16:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 09:00 - 2012-09-18 16:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 09:00 - 2012-09-18 16:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 13:19 - 2014-10-15 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-09 13:19 - 2014-10-15 08:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
Some content of TEMP:
====================
C:\Users\Tracy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjkjosd.dll
C:\Users\Tracy\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 14:15
==================== End Of Log ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by Tracy at 2015-01-06 14:49:54
Running from C:\Users\Tracy\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Any Video Converter 5.7.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
ATI Catalyst Install Manager (HKLM\...\{64FBA03C-575C-D688-1C80-A5773CE471F9}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AVerMedia HC82 Express-Card Hybrid Analog (HKLM-x32\...\InstallShield_{1F295031-E793-4308-A384-5553977DFD13}) (Version: 2.00.0001 - AVerMedia)
AVerMedia HC82 Express-Card Hybrid Analog (x32 Version: 2.00.0001 - AVerMedia) Hidden
AVerMedia MCE Encoder x64 3.0.1.0 (HKLM-x32\...\AVerMedia MCE Encoder x64) (Version: 3.0.1.0 - AVerMedia Technologies, Inc.)
Belarc Advisor 8.2 (HKLM-x32\...\Belarc Advisor) (Version: 8.2.7.16 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{9AF0B106-56F1-461B-A270-95BC1682E282}) (Version: 11.07.01 - Broadcom Corporation)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
ccc-core-static (x32 Version: 2009.0625.1812.30825 - ATI) Hidden
Citrix Online Launcher (HKLM-x32\...\{75C7BFBC-5FA8-47C9-9E6C-AD1954F63A53}) (Version: 1.0.109 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 11.2.12.0 - Synaptics)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.33 - Creative Technology Ltd)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
doPDF (Version: 8.0.907 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{a137ef5e-56f5-4cca-89f8-80df47fc4521}) (Version: 8.0.906.0 - Softland)
Dropbox (HKU\S-1-5-21-1613603796-1990743980-727887599-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Talk (remove only) (HKU\S-1-5-21-1613603796-1990743980-727887599-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.7.0.1172 (HKU\S-1-5-21-1613603796-1990743980-727887599-1000\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6267.0 - IDT)
Integrated Webcam Driver (1.03.02.0919) (HKLM\...\Creative OA001) (Version: - )
Intel® PROSet/Wireless WiFi Driver (HKLM\...\{AFE36C05-B442-4DEA-9BFB-2D72C8A1E153}) (Version: 12.00.2000 - Intel® Corporation)
ITECIR (HKLM-x32\...\{F6BB6248-C507-46FE-8A35-1B16F35E0441}) (Version: 1.9 - ITE)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Lexmark Printable Web (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version: - Lexmark International, Inc.)
Lexmark Toolbar (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.3.37.0 - )
Lexmark Tools for Office (HKLM-x32\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.29.0.0 - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Accounting 2009 (HKLM-x32\...\Microsoft Office Accounting 2009) (Version: 4.0.3610.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 Equifax Addin (HKLM-x32\...\{C6C148EC-55FB-4FDF-AD4F-ECEA579D040D}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 Fixed Asset Manager (HKLM-x32\...\{53276F5A-85AB-4BEF-BAA2-2490975DC006}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 PayPal Addin (HKLM-x32\...\{DC0C35E4-CD3D-4F12-95BB-7C74D9467BD7}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 Tax Integration Add-in (HKLM-x32\...\{D9AE6BE1-5847-4962-86B0-2A290B7E6C43}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting ADP Payroll Addin (HKLM-x32\...\{5FA793A6-0071-42C1-9355-8F69A428C44F}) (Version: 0.0.0.0 - ADP)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1613603796-1990743980-727887599-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Modem Diagnostics Tool (HKLM\...\{1C89932F-1D9D-4776-AD7A-9156FF792539}) (Version: 1.0.22.0 - Dell)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyFonts Order M4439045 (HKLM-x32\...\{F564454D-DEBE-0CCE-93C3-FD8DEB975100}) (Version: 1.0 - MyFonts.com, Inc.)
NetWaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.46 - BVRP Software, Inc)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{72FA3932-13F2-4AC2-9859-80DFB3E32D27}) (Version: 8.0.907 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{56C7F352-A03D-447C-98C2-7185F6067CC1}) (Version: 8.0.907 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{8B94B029-DF00-4314-BE5F-96AAA44D0B5A}) (Version: 8.0.907 - Softland)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.13 - Dell Inc.)
RICOH Media Driver ver.2.07.01.00 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.00 - RICOH)
RICOH R5C83x/84x Media Driver Ver.3.53.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.53.02 - RICOH)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
SERPAttacks (HKLM-x32\...\SERPAttacks_is1) (Version: - Jayson Yanuaria)
Skins (x32 Version: 2009.0625.1812.30825 - ATI) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WIDCOMM Bluetooth Software 6.1.0.4402 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.4402 - Dell)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zip Repair Pro (HKLM-x32\...\Zip Repair Pro_is1) (Version: 5.1.0.1431 - GetData Pty Ltd)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1172\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tracy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tracy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tracy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tracy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1613603796-1990743980-727887599-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tracy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
16-10-2014 15:04:20 Scheduled Checkpoint
24-10-2014 10:36:09 Scheduled Checkpoint
25-10-2014 02:33:51 Windows Update
30-10-2014 06:46:18 Installed Java 7 Update 71
01-11-2014 00:05:18 Windows Update
08-11-2014 01:33:12 Windows Update
15-11-2014 07:33:31 Windows Update
19-11-2014 16:46:15 Installed HP Support Solutions Framework
21-11-2014 02:20:53 Windows Update
26-11-2014 05:37:50 Windows Update
29-11-2014 10:47:12 Windows Update
07-12-2014 01:23:15 Scheduled Checkpoint
07-12-2014 02:45:16 Windows Update
12-12-2014 05:25:04 Windows Update
18-12-2014 02:35:19 Windows Update
18-12-2014 12:54:11 Installed AnyMeeting
23-12-2014 03:16:29 Windows Update
26-12-2014 14:33:45 Windows Update
02-01-2015 11:23:53 Installed HP Support Solutions Framework
05-01-2015 22:10:47 Restore Operation
05-01-2015 22:24:13 Removed AnyMeeting
05-01-2015 22:37:14 Removed HP Support Solutions Framework
05-01-2015 22:40:08 Removed HP Update.
06-01-2015 14:36:42 Removed Apple Application Support
06-01-2015 14:40:21 Removed Apple Mobile Device Support
06-01-2015 14:41:35 Removed Apple Software Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 05:34 - 2014-12-09 13:23 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {56AA5446-415B-4FD5-B697-401A1EB98CFE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-03] (AVAST Software)
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {762A2259-5860-4272-91AE-4780BD0A7015} - System32\Tasks\AdobeAAMUpdater-1.0-Tracy-PC-Tracy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-07-31] (Adobe Systems Incorporated)
Task: {7D890074-8864-4BF4-9097-B22DABFCAC7C} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-05-19] ()
Task: {ADF18BF1-2DB4-4915-A073-AACC79A49FAC} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {D38B714F-8E91-4F57-9D9C-B293B0774EAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {DE8B9393-6922-4C0F-AA25-DF767971C11C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {EE3F064A-4B93-4547-925E-6D05227A55E8} - System32\Tasks\{32A10F24-0A49-4E81-B532-7ABA7F26BD0F} => pcalua.exe -a C:\Users\Tracy\Downloads\HiJackThis.exe -d C:\Users\Tracy\Downloads
Task: {F5792F9A-4948-4731-9077-2B01A7EAB0D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll
==================== Loaded Modules (whitelisted) =============
2012-09-12 18:36 - 2009-04-17 03:53 - 00053760 _____ () C:\Windows\System32\LXEAPMON.DLL
2012-09-12 18:35 - 2009-01-13 06:15 - 04485120 _____ () C:\Windows\System32\LXEAOEM.DLL
2014-05-19 14:48 - 2014-05-19 14:48 - 00017920 _____ () C:\Windows\System32\novamn8.dll
2012-09-12 18:40 - 2009-06-19 02:01 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2014-05-01 12:29 - 2014-05-01 12:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-21 07:20 - 2014-05-21 07:20 - 00130933 _____ () C:\Windows\TEMP\2a9a7188-2f9b-4c02-a7f4-5421caf99ace\AgileDotNetRT64.dll
2014-05-21 07:21 - 2014-05-21 07:21 - 00130933 _____ () C:\Windows\TEMP\2baca5df-110d-4425-83de-0e951af60763\AgileDotNetRT64.dll
2008-06-05 14:00 - 2008-06-05 14:00 - 00167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2009-05-05 10:56 - 2009-05-05 10:56 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-09-12 14:09 - 2012-09-12 14:09 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-10-03 06:57 - 2014-10-03 06:57 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-06 13:22 - 2015-01-06 13:22 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010601\algo.dll
2014-10-16 02:15 - 2014-10-16 02:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 09:41 - 2014-05-24 09:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 09:41 - 2014-05-24 09:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-10-03 06:57 - 2014-10-03 06:57 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-12 00:05 - 2014-12-05 18:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 00:05 - 2014-12-05 18:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 00:05 - 2014-12-05 18:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 00:05 - 2014-12-05 18:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tracy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AnyMeeting.lnk => C:\Windows\pss\AnyMeeting.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tracy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe"
MSCONFIG\startupreg: googletalk => C:\Users\Tracy\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Lexmark S300-S400 Series => "C:\Program Files (x86)\Lexmark S300-S400 Series\fm3032.exe" /s
MSCONFIG\startupreg: lxeamon.exe => "C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-1613603796-1990743980-727887599-500 - Administrator - Disabled)
Guest (S-1-5-21-1613603796-1990743980-727887599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1613603796-1990743980-727887599-1005 - Limited - Enabled)
Tracy (S-1-5-21-1613603796-1990743980-727887599-1000 - Administrator - Enabled) => C:\Users\Tracy
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/06/2015 02:40:12 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Tracy-PC)
Description: Application or service 'Apple Mobile Device' could not be restarted.
Error: (01/06/2015 02:32:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2015 02:29:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hpzscr40.exe, version: 13.0.445.0, time stamp: 0x4a7346a0
Faulting module name: hpzscr40.exe, version: 13.0.445.0, time stamp: 0x4a7346a0
Exception code: 0xc0000417
Fault offset: 0x0000000000100bf4
Faulting process id: 0xebc
Faulting application start time: 0xhpzscr40.exe0
Faulting application path: hpzscr40.exe1
Faulting module path: hpzscr40.exe2
Report Id: hpzscr40.exe3
Error: (01/06/2015 11:52:30 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error: (01/06/2015 09:16:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2015 11:33:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2015 10:33:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2015 10:21:26 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x8007045b.
Error: (01/05/2015 10:19:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2015 10:00:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/06/2015 02:40:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%1053
Error: (01/06/2015 02:40:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
Error: (01/06/2015 02:39:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (01/06/2015 02:31:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053
Error: (01/06/2015 02:31:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.
Error: (01/06/2015 09:17:15 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (01/06/2015 09:14:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053
Error: (01/06/2015 09:14:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.
Error: (01/05/2015 11:32:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053
Error: (01/05/2015 11:32:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.
Microsoft Office Sessions:
=========================
Error: (07/24/2014 10:17:58 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1377 seconds with 240 seconds of active time. This session ended with a crash.
Error: (05/19/2014 07:15:51 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 206 seconds with 180 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2012-09-08 14:51:07.143
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-09-08 14:51:07.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-09-08 14:51:07.018
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-09-08 14:51:06.940
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-09-08 14:51:06.816
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU P8700 @ 2.53GHz
Percentage of memory in use: 45%
Total physical RAM: 5084.86 MB
Available physical RAM: 2760.2 MB
Total Pagefile: 10167.85 MB
Available Pagefile: 7562 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.75 GB) (Free:154.31 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 39913991)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR:
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2015-01-06 15:14:02
-----------------------------
15:14:02.643 OS Version: Windows x64 6.1.7600
15:14:02.643 Number of processors: 2 586 0x170A
15:14:02.643 ComputerName: TRACY-PC UserName: Tracy
15:14:05.825 Initialize success
15:14:05.825 VM: initialized successfully
15:14:05.825 VM: Intel CPU BiosDisabled
15:14:11.693 VM: supported disk I/O ataport.SYS
15:14:15.172 AVAST engine defs: 15010601
15:14:39.762 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:14:39.778 Disk 0 Vendor: WDC_WD5000BPVT-24HXZT3 03.01A03 Size: 476940MB BusType: 3
15:14:39.981 Disk 0 MBR read successfully
15:14:39.981 Disk 0 MBR scan
15:14:39.981 Disk 0 Windows 7 default MBR code
15:14:39.981 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
15:14:39.996 Disk 0 default boot code
15:14:40.012 Disk 0 scanning C:\Windows\system32\drivers
15:14:50.154 Service scanning
15:15:15.011 Modules scanning
15:15:15.011 Disk 0 trace - called modules:
15:15:15.058 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:15:15.058 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005842060]
15:15:15.073 3 CLASSPNP.SYS[fffff880018a343f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80052be060]
15:15:15.916 AVAST engine scan C:\Windows
15:15:18.708 AVAST engine scan C:\Windows\system32
15:17:44.392 AVAST engine scan C:\Windows\system32\drivers
15:17:56.718 AVAST engine scan C:\Users\Tracy
15:30:05.257 File: C:\Users\Tracy\AppData\Local\Temp\MSI4DE4.tmp-\srbu.dll **INFECTED** Win32:Malware-gen
16:20:10.249 File: C:\Users\Tracy\Downloads\FLVPlayer-Chrome.exe **INFECTED** Win32:Rootkit-gen [Rtk]
17:04:02.476 AVAST engine scan C:\ProgramData
17:07:58.323 Scan finished successfully
17:37:49.040 Disk 0 MBR has been saved successfully to "C:\Users\Tracy\Documents\farbar\MBR.dat"
17:37:49.103 The log file has been saved successfully to "C:\Users\Tracy\Documents\farbar\aswMBR.txt"
Thank you.