Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Google Chrome virus removal - please help
Message
<blockquote data-quote="lisacomputeruser" data-source="post: 325551" data-attributes="member: 30266"><p>FRST</p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014</p><p>Ran by Lisa (administrator) on LISA-PC on 31-12-2014 14:11:02</p><p>Running from C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50J3Y8XW</p><p>Loaded Profile: Lisa (Available profiles: Lisa)</p><p>Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 9 (Default browser: IE)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p>==================== Processes (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p>(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe</p><p>(Microsoft Corporation) C:\Windows\System32\wlanext.exe</p><p>(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe</p><p>(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe</p><p>(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe</p><p>(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe</p><p>(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe</p><p>(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxtray.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe</p><p>(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe</p><p>(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe</p><p>(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVA.EXE</p><p>(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVA.EXE</p><p>(Microsoft Corporation) C:\Windows\System32\regsvr32.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe</p><p>(Dropbox, Inc.) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe</p><p>(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE</p><p>(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe</p><p>(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe</p><p>(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe</p><p>(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe</p><p>(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe</p><p>(Design Science, Inc.) C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE</p><p>(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe</p><p>(Microsoft Corporation) C:\Windows\System32\taskmgr.exe</p><p>(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe</p><p>(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p>(Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe</p><p></p><p>==================== Registry (Whitelisted) ==================</p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p>HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)</p><p>HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)</p><p>HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp</p><p>HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel(R) Corporation)</p><p>HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)</p><p>HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)</p><p>HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-08] (SEIKO EPSON CORPORATION)</p><p>HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-08] (SEIKO EPSON CORPORATION)</p><p>HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)</p><p>Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE [241280 2013-06-17] (SEIKO EPSON CORPORATION)</p><p>HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE [241280 2013-06-17] (SEIKO EPSON CORPORATION)</p><p>HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE [241280 2013-06-17] (SEIKO EPSON CORPORATION)</p><p>HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [ckeyjrdaa] => regsvr32.exe /s "C:\Users\Lisa\AppData\Local\NPE\ckeyjrdaa.dll" <===== ATTENTION</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk</p><p>ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )</p><p>Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk</p><p>ShortcutTarget: Dropbox.lnk -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)</p><p>Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk</p><p>ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)</p><p>==================== Internet (Whitelisted) ====================</p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p>HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://xfinity.comcast.net/" target="_blank">http://xfinity.comcast.net/</a></p><p>HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = <a href="http://www.msn.com/?ocid=iehp" target="_blank">http://www.msn.com/?ocid=iehp</a></p><p>StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe</p><p>SearchScopes: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000 -> DefaultScope {706FC229-6B51-4BA3-BC25-E8D509407836} URL = <a href="http://search.whiteskyservices.com/?wstoken=3AF3DBE5-A021-4D7A-AECE-21D2DABCAA64&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms" target="_blank">http://search.whiteskyservices.com/?wstoken=3AF3DBE5-A021-4D7A-AECE-21D2DABCAA64&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000 -> {706FC229-6B51-4BA3-BC25-E8D509407836} URL = <a href="http://search.whiteskyservices.com/?wstoken=3AF3DBE5-A021-4D7A-AECE-21D2DABCAA64&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms" target="_blank">http://search.whiteskyservices.com/?wstoken=3AF3DBE5-A021-4D7A-AECE-21D2DABCAA64&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms</a>}</p><p>BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)</p><p>BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)</p><p>BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)</p><p>Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>Toolbar: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.20</p><p>FireFox:</p><p>========</p><p>FF Plugin: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\Glance27\npglance.dll (Glance Networks, Inc.)</p><p>FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p>FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn</p><p>FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-12-30]</p><p>FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF</p><p>FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-02-02]</p><p>Chrome: </p><p>=======</p><p>CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path</p><p>CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-30]</p><p>CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path</p><p>CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-30]</p><p>==================== Services (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]</p><p>S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()</p><p>R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-09-22] (Symantec Corporation)</p><p>==================== Drivers (Whitelisted) ====================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)</p><p>R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)</p><p>R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)</p><p>R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)</p><p>R3 glancedrv; C:\Windows\System32\DRIVERS\glancedrv.sys [36384 2009-05-13] (Glance Networks, Inc)</p><p>R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141230.001\IDSvia64.sys [637656 2014-11-17] (Symantec Corporation)</p><p>R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141230.054\ENG64.SYS [129752 2014-12-04] (Symantec Corporation)</p><p>R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141230.054\EX64.SYS [2137304 2014-12-04] (Symantec Corporation)</p><p>R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)</p><p>R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)</p><p>R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)</p><p>R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)</p><p>R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-10] (Symantec Corporation)</p><p>R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)</p><p>R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)</p><p>S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]</p><p>S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]</p><p>==================== NetSvcs (Whitelisted) ===================</p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p>==================== One Month Created Files and Folders ========</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-12-31 14:10 - 2014-12-31 14:11 - 00000000 ____D () C:\FRST</p><p>2014-12-26 09:24 - 2014-12-30 18:31 - 00000000 ___RD () C:\Users\Lisa\Dropbox</p><p>2014-12-26 09:24 - 2014-12-26 09:24 - 00001121 _____ () C:\Users\Lisa\Desktop\Dropbox.lnk</p><p>2014-12-26 09:22 - 2014-12-26 09:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox</p><p>2014-12-26 09:20 - 2014-12-30 18:31 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Dropbox</p><p>2014-12-02 17:09 - 2014-12-02 17:09 - 00008649 _____ () C:\Users\Lisa\Downloads\unknown</p><p>==================== One Month Modified Files and Folders =======</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-12-31 13:43 - 2009-07-13 23:45 - 00021056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2014-12-31 13:43 - 2009-07-13 23:45 - 00021056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2014-12-30 21:31 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp</p><p>2014-12-30 18:33 - 2013-03-06 20:07 - 01078483 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-12-30 18:33 - 2009-07-14 00:13 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI</p><p>2014-12-30 18:27 - 2010-11-20 22:47 - 00240158 _____ () C:\Windows\PFRO.log</p><p>2014-12-30 18:27 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2014-12-30 18:27 - 2009-07-13 23:51 - 00038313 _____ () C:\Windows\setupact.log</p><p>2014-12-28 12:05 - 2014-02-02 16:30 - 00000000 ____D () C:\Users\Lisa\AppData\Local\NPE</p><p>2014-12-26 09:24 - 2013-03-06 21:11 - 00000000 ____D () C:\Users\Lisa</p><p>2014-12-22 14:06 - 2013-03-26 07:27 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps</p><p>2014-12-21 13:44 - 2014-07-12 12:33 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe</p><p>2014-12-21 13:43 - 2013-03-09 20:18 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</p><p>2014-12-21 13:43 - 2013-03-09 20:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\Lisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprb0rmy.dll</p><p></p><p>==================== Bamital & volsnap Check =================</p><p>(There is no automatic fix for files that do not pass verification.)</p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p>LastRegBack: 2014-12-25 00:45</p><p>==================== End Of Log ============================</p><p> </p><p>Addition</p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014</p><p>Ran by Lisa at 2014-12-31 14:12:07</p><p>Running from C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50J3Y8XW</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p>==================== Security Center ========================</p><p>(If an entry is included in the fixlist, it will be removed.)</p><p>AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}</p><p>AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}</p><p>==================== Installed Programs ======================</p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p>Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)</p><p>Adobe Reader XI (11.0.02) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)</p><p>Dell Digital Delivery (HKLM-x32\...\{31045ECE-019D-4DDF-A5C8-5C51A3FE50EE}) (Version: 1.7.4501.0 - Dell Products, LP)</p><p>Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)</p><p>Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)</p><p>Dropbox (HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)</p><p>Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )</p><p>Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)</p><p>Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)</p><p>Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION)</p><p>Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)</p><p>Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)</p><p>Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )</p><p>EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)</p><p>EPSON WorkForce 645 Series Printer Uninstall (HKLM\...\EPSON WorkForce 645 Series) (Version: - SEIKO EPSON Corporation)</p><p>EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)</p><p>Glance 2.7 (HKLM-x32\...\Glance_is1) (Version: - Glance Networks, Inc.)</p><p>IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)</p><p>Intel PROSet Wireless (x32 Version: - ) Hidden</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)</p><p>Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)</p><p>Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)</p><p>Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)</p><p>Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)</p><p>Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)</p><p>Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)</p><p>Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)</p><p>Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)</p><p>Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)</p><p>TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{77FC17AA-AC17-44E6-B5E1-92E53A2A0B34}) (Version: 1.12.4.0 - Texas Instruments Inc.)</p><p>TI USB3 Host Driver (x32 Version: 1.12.4.0 - Texas Instruments Inc.) Hidden</p><p>==================== Custom CLSID (selected items): ==========================</p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)</p><p>==================== Restore Points =========================</p><p>05-11-2014 23:33:39 Scheduled Checkpoint</p><p>13-11-2014 01:17:03 Scheduled Checkpoint</p><p>21-11-2014 00:00:05 Scheduled Checkpoint</p><p>28-11-2014 00:13:57 Scheduled Checkpoint</p><p>05-12-2014 18:13:22 Scheduled Checkpoint</p><p>15-12-2014 22:39:59 Scheduled Checkpoint</p><p>23-12-2014 00:00:03 Scheduled Checkpoint</p><p>==================== Hosts content: ==========================</p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p>2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts</p><p>==================== Scheduled Tasks (whitelisted) =============</p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p>Task: {0919D7DD-5F22-464C-8D81-4B75DFF6C949} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)</p><p>Task: {4D8CC7DE-AFF7-461B-BD87-34284BDAD730} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)</p><p>Task: {5C46E733-3674-4885-B5DC-F1DB5029D86D} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)</p><p>==================== Loaded Modules (whitelisted) =============</p><p>2011-07-27 23:07 - 2011-07-27 23:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll</p><p>2013-03-06 21:34 - 2012-11-15 05:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll</p><p>2011-07-27 23:07 - 2011-07-27 23:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll</p><p>2014-12-28 12:05 - 2014-12-28 12:04 - 00251392 _____ () C:\Users\Lisa\AppData\Local\NPE\ckeyjrdaa.dll</p><p>2014-12-26 09:22 - 2014-12-16 17:22 - 00750080 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\libGLESv2.dll</p><p>2014-12-30 18:30 - 2014-12-30 18:30 - 00043008 _____ () c:\users\lisa\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprb0rmy.dll</p><p>2014-12-26 09:22 - 2014-12-16 17:22 - 00047616 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\libEGL.dll</p><p>2014-12-26 09:22 - 2014-12-16 17:22 - 00863744 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll</p><p>2014-12-26 09:22 - 2014-12-16 17:22 - 00200704 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll</p><p>2014-10-29 19:25 - 2014-10-29 19:25 - 00718152 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\libglesv2.dll</p><p>2014-10-29 19:25 - 2014-10-29 19:25 - 00126280 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\libegl.dll</p><p>2014-10-29 19:25 - 2014-10-29 19:25 - 08537928 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\pdf.dll</p><p>2014-10-29 19:25 - 2014-10-29 19:25 - 00353096 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\ppGoogleNaClPluginChrome.dll</p><p>2014-10-29 19:25 - 2014-10-29 19:25 - 01732936 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\ffmpegsumo.dll</p><p>2014-10-29 19:25 - 2014-10-29 19:25 - 14669128 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\PepperFlash\pepflashplayer.dll</p><p>==================== Alternate Data Streams (whitelisted) =========</p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p>==================== EXE Association (whitelisted) =============</p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>========================= Accounts: ==========================</p><p>Administrator (S-1-5-21-4075608652-2820252211-3948146971-500 - Administrator - Disabled)</p><p>Guest (S-1-5-21-4075608652-2820252211-3948146971-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-4075608652-2820252211-3948146971-1002 - Limited - Enabled)</p><p>Lisa (S-1-5-21-4075608652-2820252211-3948146971-1000 - Administrator - Enabled) => C:\Users\Lisa</p><p>==================== Faulty Device Manager Devices =============</p><p>Name: SM Bus Controller</p><p>Description: SM Bus Controller</p><p>Class Guid: </p><p>Manufacturer: </p><p>Service: </p><p>Problem: : The drivers for this device are not installed. (Code 28)</p><p>Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.</p><p>Name: AntiLog32</p><p>Description: AntiLog32</p><p>Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}</p><p>Manufacturer: </p><p>Service: AntiLog32</p><p>Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)</p><p>Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.</p><p>Devices stay in this state if they have been prepared for removal.</p><p>After you remove the device, this error disappears.Remove the device, and this error should be resolved.</p><p></p><p>==================== Event log errors: =========================</p><p>Application errors:</p><p>==================</p><p>Error: (12/31/2014 11:49:45 AM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program iexplore.exe version 9.0.8112.16464 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p>Process ID: 2aec</p><p>Start Time: 01d0248eecc5abd2</p><p>Termination Time: 12235</p><p>Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe</p><p>Report Id:</p><p>Error: (12/30/2014 09:30:38 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b</p><p>Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x00006b07</p><p>Faulting process id: 0xedf4</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p>Error: (12/30/2014 09:30:24 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b</p><p>Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x00006b07</p><p>Faulting process id: 0xd564</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p>Error: (12/30/2014 09:30:09 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b</p><p>Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x00006b07</p><p>Faulting process id: 0xc858</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p>Error: (12/30/2014 09:14:24 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b</p><p>Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x00006b07</p><p>Faulting process id: 0xa35c</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p>Error: (12/30/2014 06:28:06 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p>Error: (12/30/2014 06:10:46 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program WINWORD.EXE version 12.0.4518.1014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p>Process ID: 34be8</p><p>Start Time: 01d0246a5b718295</p><p>Termination Time: 1217</p><p>Application Path: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE</p><p>Report Id: d6d83130-9078-11e4-9dcf-4ceb421bcdbb</p><p>Error: (12/30/2014 06:08:10 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program WINWORD.EXE version 12.0.4518.1014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p>Process ID: 108e8</p><p>Start Time: 01d0246a5b718295</p><p>Termination Time: 18528</p><p>Application Path: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE</p><p>Report Id: 73e06c47-9078-11e4-9dcf-4ceb421bcdbb</p><p>Error: (12/30/2014 06:07:45 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b</p><p>Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x24448b30</p><p>Faulting process id: 0x131dc</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p>Error: (12/30/2014 04:45:32 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b</p><p>Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x00006b07</p><p>Faulting process id: 0x111d8</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>System errors:</p><p>=============</p><p>Error: (12/30/2014 06:30:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The Dell Digital Delivery Service service failed to start due to the following error: </p><p>%%1053</p><p>Error: (12/30/2014 06:30:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )</p><p>Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.</p><p>Error: (12/25/2014 02:29:25 PM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC)</p><p>Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC)</p><p>Error: (12/24/2014 11:40:21 PM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC)</p><p>Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC)</p><p>Error: (12/21/2014 01:55:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )</p><p>Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).</p><p>Error: (12/19/2014 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC)</p><p>Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC)</p><p>Error: (12/19/2014 11:14:38 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC)</p><p>Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC)</p><p>Error: (12/19/2014 11:10:23 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC)</p><p>Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC)</p><p>Error: (12/19/2014 11:10:09 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC)</p><p>Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC)</p><p>Error: (12/19/2014 11:09:59 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC)</p><p>Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC)</p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (08/21/2014 09:32:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 917451 seconds with 3780 seconds of active time. This session ended with a crash.</p><p>Error: (04/01/2014 03:15:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4758 seconds with 240 seconds of active time. This session ended with a crash.</p><p>Error: (12/10/2013 10:50:30 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1776454 seconds with 26280 seconds of active time. This session ended with a crash.</p><p></p><p>==================== Memory info ===========================</p><p>Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz</p><p>Percentage of memory in use: 65%</p><p>Total physical RAM: 4002.05 MB</p><p>Available physical RAM: 1371.9 MB</p><p>Total Pagefile: 8002.3 MB</p><p>Available Pagefile: 4587.61 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.83 MB</p><p>==================== Drives ================================</p><p>Drive c: () (Fixed) (Total:465.66 GB) (Free:412.32 GB) NTFS</p><p>==================== MBR & Partition Table ==================</p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5916B9CE)</p><p>Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)</p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="lisacomputeruser, post: 325551, member: 30266"] FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014 Ran by Lisa (administrator) on LISA-PC on 31-12-2014 14:11:02 Running from C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50J3Y8XW Loaded Profile: Lisa (Available profiles: Lisa) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 9 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVA.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVA.EXE (Microsoft Corporation) C:\Windows\System32\regsvr32.exe (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Dropbox, Inc.) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Design Science, Inc.) C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe (Google Inc.) C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\Gwxyxwei.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel(R) Corporation) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-08] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-08] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE [241280 2013-06-17] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE [241280 2013-06-17] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE [241280 2013-06-17] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Run: [ckeyjrdaa] => regsvr32.exe /s "C:\Users\Lisa\AppData\Local\NPE\ckeyjrdaa.dll" <===== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software ) Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://xfinity.comcast.net/[/url] HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [url]http://www.msn.com/?ocid=iehp[/url] StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000 -> DefaultScope {706FC229-6B51-4BA3-BC25-E8D509407836} URL = [url]http://search.whiteskyservices.com/?wstoken=3AF3DBE5-A021-4D7A-AECE-21D2DABCAA64&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms[/url]} SearchScopes: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000 -> {706FC229-6B51-4BA3-BC25-E8D509407836} URL = [url]http://search.whiteskyservices.com/?wstoken=3AF3DBE5-A021-4D7A-AECE-21D2DABCAA64&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms[/url]} BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\Glance27\npglance.dll (Glance Networks, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-12-30] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-02-02] Chrome: ======= CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-30] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-30] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] () R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-09-22] (Symantec Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation) R3 glancedrv; C:\Windows\System32\DRIVERS\glancedrv.sys [36384 2009-05-13] (Glance Networks, Inc) R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141230.001\IDSvia64.sys [637656 2014-11-17] (Symantec Corporation) R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141230.054\ENG64.SYS [129752 2014-12-04] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141230.054\EX64.SYS [2137304 2014-12-04] (Symantec Corporation) R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-10] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation) S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X] S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-31 14:10 - 2014-12-31 14:11 - 00000000 ____D () C:\FRST 2014-12-26 09:24 - 2014-12-30 18:31 - 00000000 ___RD () C:\Users\Lisa\Dropbox 2014-12-26 09:24 - 2014-12-26 09:24 - 00001121 _____ () C:\Users\Lisa\Desktop\Dropbox.lnk 2014-12-26 09:22 - 2014-12-26 09:22 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-12-26 09:20 - 2014-12-30 18:31 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Dropbox 2014-12-02 17:09 - 2014-12-02 17:09 - 00008649 _____ () C:\Users\Lisa\Downloads\unknown ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-31 13:43 - 2009-07-13 23:45 - 00021056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-31 13:43 - 2009-07-13 23:45 - 00021056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-30 21:31 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-12-30 18:33 - 2013-03-06 20:07 - 01078483 _____ () C:\Windows\WindowsUpdate.log 2014-12-30 18:33 - 2009-07-14 00:13 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-30 18:27 - 2010-11-20 22:47 - 00240158 _____ () C:\Windows\PFRO.log 2014-12-30 18:27 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-30 18:27 - 2009-07-13 23:51 - 00038313 _____ () C:\Windows\setupact.log 2014-12-28 12:05 - 2014-02-02 16:30 - 00000000 ____D () C:\Users\Lisa\AppData\Local\NPE 2014-12-26 09:24 - 2013-03-06 21:11 - 00000000 ____D () C:\Users\Lisa 2014-12-22 14:06 - 2013-03-26 07:27 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps 2014-12-21 13:44 - 2014-07-12 12:33 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe 2014-12-21 13:43 - 2013-03-09 20:18 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-21 13:43 - 2013-03-09 20:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Lisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprb0rmy.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-25 00:45 ==================== End Of Log ============================ Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014 Ran by Lisa at 2014-12-31 14:12:07 Running from C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50J3Y8XW Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.02) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated) Dell Digital Delivery (HKLM-x32\...\{31045ECE-019D-4DDF-A5C8-5C51A3FE50EE}) (Version: 1.7.4501.0 - Dell Products, LP) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.) Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc) Dropbox (HKU\S-1-5-21-4075608652-2820252211-3948146971-1000\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.) Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - ) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION) Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON WorkForce 645 Series Printer Uninstall (HKLM\...\EPSON WorkForce 645 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION) Glance 2.7 (HKLM-x32\...\Glance_is1) (Version: - Glance Networks, Inc.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT) Intel PROSet Wireless (x32 Version: - ) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation) Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation) Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell) Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc) Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.) TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{77FC17AA-AC17-44E6-B5E1-92E53A2A0B34}) (Version: 1.12.4.0 - Texas Instruments Inc.) TI USB3 Host Driver (x32 Version: 1.12.4.0 - Texas Instruments Inc.) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4075608652-2820252211-3948146971-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 05-11-2014 23:33:39 Scheduled Checkpoint 13-11-2014 01:17:03 Scheduled Checkpoint 21-11-2014 00:00:05 Scheduled Checkpoint 28-11-2014 00:13:57 Scheduled Checkpoint 05-12-2014 18:13:22 Scheduled Checkpoint 15-12-2014 22:39:59 Scheduled Checkpoint 23-12-2014 00:00:03 Scheduled Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0919D7DD-5F22-464C-8D81-4B75DFF6C949} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {4D8CC7DE-AFF7-461B-BD87-34284BDAD730} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation) Task: {5C46E733-3674-4885-B5DC-F1DB5029D86D} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) ==================== Loaded Modules (whitelisted) ============= 2011-07-27 23:07 - 2011-07-27 23:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2013-03-06 21:34 - 2012-11-15 05:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-07-27 23:07 - 2011-07-27 23:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2014-12-28 12:05 - 2014-12-28 12:04 - 00251392 _____ () C:\Users\Lisa\AppData\Local\NPE\ckeyjrdaa.dll 2014-12-26 09:22 - 2014-12-16 17:22 - 00750080 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2014-12-30 18:30 - 2014-12-30 18:30 - 00043008 _____ () c:\users\lisa\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprb0rmy.dll 2014-12-26 09:22 - 2014-12-16 17:22 - 00047616 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\libEGL.dll 2014-12-26 09:22 - 2014-12-16 17:22 - 00863744 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2014-12-26 09:22 - 2014-12-16 17:22 - 00200704 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2014-10-29 19:25 - 2014-10-29 19:25 - 00718152 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\libglesv2.dll 2014-10-29 19:25 - 2014-10-29 19:25 - 00126280 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\libegl.dll 2014-10-29 19:25 - 2014-10-29 19:25 - 08537928 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\pdf.dll 2014-10-29 19:25 - 2014-10-29 19:25 - 00353096 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-10-29 19:25 - 2014-10-29 19:25 - 01732936 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\ffmpegsumo.dll 2014-10-29 19:25 - 2014-10-29 19:25 - 14669128 ____N () C:\Users\Lisa\AppData\LocalLow\ID Vault\vuhdtawh\myblkmusy\36.0.1985.143\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-4075608652-2820252211-3948146971-500 - Administrator - Disabled) Guest (S-1-5-21-4075608652-2820252211-3948146971-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4075608652-2820252211-3948146971-1002 - Limited - Enabled) Lisa (S-1-5-21-4075608652-2820252211-3948146971-1000 - Administrator - Enabled) => C:\Users\Lisa ==================== Faulty Device Manager Devices ============= Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: AntiLog32 Description: AntiLog32 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: AntiLog32 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (12/31/2014 11:49:45 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 9.0.8112.16464 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2aec Start Time: 01d0248eecc5abd2 Termination Time: 12235 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: Error: (12/30/2014 09:30:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3 Exception code: 0xc0000005 Fault offset: 0x00006b07 Faulting process id: 0xedf4 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (12/30/2014 09:30:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3 Exception code: 0xc0000005 Fault offset: 0x00006b07 Faulting process id: 0xd564 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (12/30/2014 09:30:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3 Exception code: 0xc0000005 Fault offset: 0x00006b07 Faulting process id: 0xc858 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (12/30/2014 09:14:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3 Exception code: 0xc0000005 Fault offset: 0x00006b07 Faulting process id: 0xa35c Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (12/30/2014 06:28:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/30/2014 06:10:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WINWORD.EXE version 12.0.4518.1014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 34be8 Start Time: 01d0246a5b718295 Termination Time: 1217 Application Path: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE Report Id: d6d83130-9078-11e4-9dcf-4ceb421bcdbb Error: (12/30/2014 06:08:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WINWORD.EXE version 12.0.4518.1014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 108e8 Start Time: 01d0246a5b718295 Termination Time: 18528 Application Path: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE Report Id: 73e06c47-9078-11e4-9dcf-4ceb421bcdbb Error: (12/30/2014 06:07:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x24448b30 Faulting process id: 0x131dc Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (12/30/2014 04:45:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 9.0.8112.16464, time stamp: 0x50ec971b Faulting module name: d3d9.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7b3 Exception code: 0xc0000005 Fault offset: 0x00006b07 Faulting process id: 0x111d8 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 System errors: ============= Error: (12/30/2014 06:30:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Digital Delivery Service service failed to start due to the following error: %%1053 Error: (12/30/2014 06:30:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect. Error: (12/25/2014 02:29:25 PM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC) Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC) Error: (12/24/2014 11:40:21 PM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC) Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC) Error: (12/21/2014 01:55:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (12/19/2014 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC) Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC) Error: (12/19/2014 11:14:38 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC) Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC) Error: (12/19/2014 11:10:23 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC) Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC) Error: (12/19/2014 11:10:09 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC) Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC) Error: (12/19/2014 11:09:59 AM) (Source: DCOM) (EventID: 10016) (User: Lisa-PC) Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Lisa-PCLisaS-1-5-21-4075608652-2820252211-3948146971-1000LocalHost (Using LRPC) Microsoft Office Sessions: ========================= Error: (08/21/2014 09:32:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 917451 seconds with 3780 seconds of active time. This session ended with a crash. Error: (04/01/2014 03:15:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4758 seconds with 240 seconds of active time. This session ended with a crash. Error: (12/10/2013 10:50:30 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1776454 seconds with 26280 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Percentage of memory in use: 65% Total physical RAM: 4002.05 MB Available physical RAM: 1371.9 MB Total Pagefile: 8002.3 MB Available Pagefile: 4587.61 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:412.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5916B9CE) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top