Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Need to remove dllhost.exe*32 COM Surrogate
Message
<blockquote data-quote="boxwood_barn" data-source="post: 293992" data-attributes="member: 30325"><p>OK, great, downloading the Farbar Recovery Scan Tool. </p><p></p><p>The computer started running better after the last malwarebytes program was run!</p><p>Below are copies of the .txt reports</p><p></p><p>.............................................................</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014</p><p>Ran by Debbie (administrator) on DEBBIE-THINK on 07-11-2014 06:27:32</p><p>Running from C:\Users\Debbie\Downloads</p><p>Loaded Profiles: Debbie & (Available profiles: UpdatusUser & Debbie)</p><p>Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(Lenovo.) C:\Windows\System32\ibmpmsvc.exe</p><p>(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe</p><p>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe</p><p>(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe</p><p>(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe</p><p>(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe</p><p>(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe</p><p>(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe</p><p>(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe</p><p>(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe</p><p>(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe</p><p>(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe</p><p>(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(Lenovo.) C:\Windows\System32\TpShocks.exe</p><p>() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe</p><p>(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe</p><p>(Creative Home) C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\Planner\PLNRnote.exe</p><p>(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe</p><p>(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>() C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe</p><p>(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE</p><p>(Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe</p><p>() C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe</p><p>(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe</p><p>(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE</p><p>(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPUIManager.exe</p><p>(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)</p><p>HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)</p><p>HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-25] ()</p><p>HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)</p><p>HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)</p><p>HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)</p><p>HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor</p><p>HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)</p><p>HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)</p><p>HKLM-x32\...\Run: [Share-to-Web Namespace Daemon] => C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [69632 2002-06-20] (Hewlett-Packard)</p><p>HKLM-x32\...\Run: [CamMonitor] => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe [90112 2002-10-06] ()</p><p>HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-04-06] (Memeo Inc.)</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [AddressBookReminderApp] => C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\ReminderApp.exe</p><p>HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [73728 2011-11-03] ()</p><p>Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\Run: [LTT] => C:\Program Files\PC-Doctor\EnableToolbarW32.exe [23120 2011-06-27] (PC-Doctor, Inc.)</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\Run: [Google Update] => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-13] (Google Inc.)</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-01-05] (Google Inc.)</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\MountPoints2: {dfbcd279-3798-11e1-ac8f-806e6f6e6963} - Q:\LenovoQDrive.exe</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LTT] => C:\Program Files\PC-Doctor\EnableToolbarW32.exe [23120 2011-06-27] (PC-Doctor, Inc.)</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-13] (Google Inc.)</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-01-05] (Google Inc.)</p><p>HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dfbcd279-3798-11e1-ac8f-806e6f6e6963} - Q:\LenovoQDrive.exe</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk</p><p>ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk</p><p>ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\Planner\PLNRnote.exe (Creative Home)</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk</p><p>ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.ebay.com/" target="_blank">http://www.ebay.com/</a></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = <a href="http://www.lenovo.com/welcome/thinkpad" target="_blank">http://www.lenovo.com/welcome/thinkpad</a></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://lenovo.msn.com" target="_blank">http://lenovo.msn.com</a></p><p>SearchScopes: HKCU - {025686F7-F1B6-4916-8139-C48BF875878A} URL =</p><p>BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)</p><p>BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)</p><p>BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)</p><p>BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)</p><p>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)</p><p>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)</p><p>Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File</p><p>Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)</p><p>Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)</p><p>Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)</p><p>Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)</p><p>Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)</p><p>Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)</p><p>Tcpip\Parameters: [DhcpNameServer] 10.0.0.1</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\u85y9f04.default</p><p>FF Homepage: hxxp://<a href="http://www.ebay.com/" target="_blank">www.ebay.com/</a></p><p>FF Plugin: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)</p><p>FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)</p><p>FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p>FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Debbie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)</p><p>FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Debbie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)</p><p>FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin ProgramFiles/Appdata: C:\Users\Debbie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)</p><p>FF Plugin ProgramFiles/Appdata: C:\Users\Debbie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)</p><p>FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn</p><p>FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn [2014-11-06]</p><p>FF HKLM-x32\...\Firefox\Extensions: [<a href="mailto:VIP@verisign.com">VIP@verisign.com</a>] - C:\Program Files (x86)\Symantec\VIP Access Client</p><p>FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-01-05]</p><p></p><p>Chrome:</p><p>=======</p><p>CHR Plugin: (Remoting Viewer) - internal-remoting-viewer</p><p>CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll No File</p><p>CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll No File</p><p>CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File</p><p>CHR Plugin: (Norton Confidential) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll No File</p><p>CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File</p><p>CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File</p><p>CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)</p><p>CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)</p><p>CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File</p><p>CHR Profile: C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-04-15]</p><p>CHR Extension: (YouTube) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-09]</p><p>CHR Extension: (Google Search) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-09]</p><p>CHR Extension: (No Name) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-01-09]</p><p>CHR Extension: (No Name) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-11-05]</p><p>CHR Extension: (Google Wallet) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]</p><p>CHR Extension: (Gmail) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-09]</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)</p><p>R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)</p><p>S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()</p><p>R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)</p><p>R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)</p><p>R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)</p><p>R2 SeagateDashboardService; C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [8704 2011-11-03] (Memeo) [File not signed]</p><p>S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()</p><p>R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]</p><p>R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-06-30] (Symantec Corporation)</p><p>S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R1 A2DDA; C:\TEMP\BIN\a2ddax64.sys [26176 2014-11-05] (Emsisoft GmbH)</p><p>S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2012-09-23] (Oak Technology Inc.) [File not signed]</p><p>U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)</p><p>R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)</p><p>R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20141030.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)</p><p>R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)</p><p>S3 cleanhlp; C:\temp\bin\cleanhlp64.sys [57024 2014-11-05] (Emsisoft GmbH)</p><p>R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-10-05] (Symantec Corporation)</p><p>R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-10-05] (Symantec Corporation)</p><p>S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-11-04] ()</p><p>R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20141106.001\IDSvia64.sys [633560 2014-10-03] (Symantec Corporation)</p><p>R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)</p><p>R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-06] (Malwarebytes Corporation)</p><p>R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)</p><p>R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20141106.004\ENG64.SYS [129752 2014-11-03] (Symantec Corporation)</p><p>R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20141106.004\EX64.SYS [2137304 2014-11-03] (Symantec Corporation)</p><p>R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-10-29] (NVIDIA Corporation)</p><p>R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)</p><p>R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)</p><p>R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)</p><p>R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)</p><p>R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-04-16] (Symantec Corporation)</p><p>R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)</p><p>R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)</p><p>R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-11-07 06:27 - 2014-11-07 06:28 - 00025851 _____ () C:\Users\Debbie\Downloads\FRST.txt</p><p>2014-11-07 06:25 - 2014-11-07 06:25 - 02114560 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe</p><p>2014-11-07 06:24 - 2014-11-07 06:24 - 01055936 _____ (Adobe) C:\Users\Debbie\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe</p><p>2014-11-06 16:14 - 2014-11-06 17:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)</p><p>2014-11-06 16:06 - 2014-11-06 16:06 - 14439144 _____ (Malwarebytes Corp.) C:\Users\Debbie\Desktop\mbar-1.08.0.1001.exe</p><p>2014-11-06 15:56 - 2014-11-06 15:57 - 04163057 _____ () C:\Users\Debbie\Downloads\tdsskiller.zip</p><p>2014-11-06 10:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll</p><p>2014-11-06 10:48 - 2014-11-06 11:33 - 00000000 ____D () C:\AdwCleaner</p><p>2014-11-06 10:10 - 2014-11-07 06:27 - 00000000 ____D () C:\FRST</p><p>2014-11-06 09:29 - 2014-11-06 09:29 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Debbie\Downloads\iExplore64.exe</p><p>2014-11-06 08:10 - 2014-11-06 08:10 - 00004040 _____ () C:\{EE69BDE6-A30B-453D-9CC1-19FFCEFE2A6C}</p><p>2014-11-05 16:30 - 2014-11-05 16:30 - 00004064 _____ () C:\{4C9539A3-34E4-4DEA-97F4-5CEFEEFA81A4}</p><p>2014-11-05 16:26 - 2014-11-05 16:26 - 00004064 _____ () C:\{4EC32F26-91ED-4D98-80DA-9557AA8D7B3A}</p><p>2014-11-05 16:24 - 2014-11-05 16:24 - 00003024 _____ () C:\{A1D8FC99-96F4-493E-A4F0-2948B4B1E251}</p><p>2014-11-05 15:27 - 2014-11-05 15:28 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{32CC40D1-2024-4C6A-AF3D-032CE3EF0801}</p><p>2014-11-05 13:07 - 2014-11-05 13:07 - 00000763 _____ () C:\Users\Debbie\Desktop\Start Emsisoft Emergency Kit.lnk</p><p>2014-11-05 13:03 - 2014-11-05 13:04 - 155294504 _____ () C:\Users\Debbie\Downloads\EmsisoftEmergencyKit.exe</p><p>2014-11-05 11:33 - 2014-11-05 23:39 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys</p><p>2014-11-05 11:32 - 2014-11-05 11:33 - 00000000 ____D () C:\ProgramData\RogueKiller</p><p>2014-11-05 11:29 - 2014-11-05 11:31 - 17526360 _____ () C:\Users\Debbie\Downloads\RogueKillerX64(1).exe</p><p>2014-11-04 23:35 - 2014-11-04 23:35 - 17526360 _____ () C:\Users\Debbie\Downloads\RogueKillerX64.exe</p><p>2014-11-04 23:14 - 2014-11-04 23:14 - 00001446 _____ () C:\Windows\system32\.crusader</p><p>2014-11-04 17:57 - 2014-11-04 23:21 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys</p><p>2014-11-04 17:56 - 2014-11-04 23:14 - 00000000 ____D () C:\ProgramData\HitmanPro</p><p>2014-11-04 17:55 - 2014-11-04 17:55 - 11222744 _____ (SurfRight B.V.) C:\Users\Debbie\Downloads\HitmanPro_x64.exe</p><p>2014-11-04 16:30 - 2014-11-04 16:30 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Debbie\Downloads\iExplore.exe</p><p>2014-11-04 16:05 - 2014-11-04 16:05 - 00003416 ____N () C:\bootsqm.dat</p><p>2014-11-04 15:56 - 2014-11-04 15:56 - 00000000 __SHD () C:\found.000</p><p>2014-11-04 14:24 - 2014-11-04 14:37 - 00000000 ___SD () C:\ComboFix</p><p>2014-11-04 14:24 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe</p><p>2014-11-04 14:24 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe</p><p>2014-11-04 14:24 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe</p><p>2014-11-04 14:24 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe</p><p>2014-11-04 14:24 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe</p><p>2014-11-04 14:24 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe</p><p>2014-11-04 14:24 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe</p><p>2014-11-04 14:24 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe</p><p>2014-11-04 14:22 - 2014-11-04 14:24 - 00000000 ____D () C:\Qoobox</p><p>2014-11-04 14:20 - 2014-11-04 14:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox</p><p>2014-11-04 14:19 - 2014-11-04 14:24 - 00000000 ___SD () C:\32788R22FWJFW</p><p>2014-11-04 14:19 - 2014-11-04 14:19 - 00000000 ____D () C:\Windows\erdnt</p><p>2014-11-04 11:33 - 2014-11-04 11:33 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Seagate</p><p>2014-11-04 11:32 - 2014-11-04 11:32 - 00001292 _____ () C:\Users\Public\Desktop\Seagate Dashboard.lnk</p><p>2014-11-04 11:32 - 2014-11-04 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard</p><p>2014-11-04 11:28 - 2014-11-04 11:28 - 00000000 ____D () C:\Program Files (x86)\Seagate</p><p>2014-11-04 11:26 - 2014-11-04 11:33 - 00001126 _____ () C:\Users\Debbie\Documents\GoFlexHomeInstaller.11-04-2014.log</p><p>2014-11-03 08:31 - 2014-11-03 08:31 - 00033504 _____ () C:\{CE0D2AD2-4F44-4686-B7FA-7510CEFA73D0}</p><p>2014-11-02 09:27 - 2014-11-03 09:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2A0C2989.sys</p><p>2014-11-01 08:49 - 2014-11-01 08:49 - 00036472 _____ () C:\{82BAF8F5-CC6B-4165-9A02-DE73B94E6CB6}</p><p>2014-10-30 19:38 - 2014-11-06 21:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-10-30 19:38 - 2014-11-06 16:12 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2014-10-30 19:38 - 2014-10-30 19:38 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2014-10-30 19:38 - 2014-10-30 19:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-10-30 19:38 - 2014-10-01 10:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys</p><p>2014-10-30 19:38 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys</p><p>2014-10-29 08:07 - 2014-10-29 08:07 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log</p><p>2014-10-29 07:49 - 2014-10-29 07:49 - 00000000 ____D () C:\Windows\system32\MRT</p><p>2014-10-29 07:49 - 2014-10-03 09:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2014-10-28 22:08 - 2014-11-03 09:58 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\LSC</p><p>2014-10-28 09:49 - 2014-10-28 09:50 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{F1CCEC0A-17E7-4C7A-972B-1D55F8864B5F}</p><p>2014-10-28 09:49 - 2014-10-28 09:49 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{8B3C8E8A-0CAE-43BC-816C-8BA62B4C2122}</p><p>2014-10-27 16:00 - 2014-10-27 16:00 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{02D21EC6-09F2-4B56-96D4-1DE0EE5B7998}</p><p>2014-10-26 21:28 - 2014-10-26 21:28 - 00001962 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk</p><p>2014-10-26 08:12 - 2014-10-26 08:12 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{B8FA8C99-6081-4C2E-8C50-169E012E2A96}</p><p>2014-10-26 08:12 - 2014-10-26 08:12 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{6810991B-7F80-432A-ABD4-50BD72E8218F}</p><p>2014-10-21 06:53 - 2014-10-21 06:54 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{BB2BBC41-36EE-4294-832B-0CF0CC3054CB}</p><p>2014-10-16 10:22 - 2014-10-16 10:22 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{C626203E-87B1-4657-B6FB-69D0BC0AAF92}</p><p>2014-10-16 06:42 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2014-10-16 06:42 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2014-10-16 06:42 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2014-10-16 06:42 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2014-10-16 06:42 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2014-10-16 06:42 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2014-10-16 06:42 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2014-10-16 06:42 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2014-10-16 06:42 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2014-10-16 06:42 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2014-10-16 06:42 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2014-10-16 06:42 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe</p><p>2014-10-16 06:42 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe</p><p>2014-10-16 06:42 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe</p><p>2014-10-16 06:42 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2014-10-16 06:42 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll</p><p>2014-10-16 06:42 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2014-10-16 06:42 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2014-10-16 06:42 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll</p><p>2014-10-16 06:42 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2014-10-16 06:42 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2014-10-16 06:42 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2014-10-16 06:42 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2014-10-16 06:42 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL</p><p>2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL</p><p>2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL</p><p>2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL</p><p>2014-10-16 06:42 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL</p><p>2014-10-16 06:42 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL</p><p>2014-10-16 06:42 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL</p><p>2014-10-16 06:42 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL</p><p>2014-10-16 06:42 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL</p><p>2014-10-16 06:42 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL</p><p>2014-10-16 06:42 - 2014-07-08 17:38 - 00419992 _____ () C:\Windows\system32\locale.nls</p><p>2014-10-16 06:42 - 2014-07-08 17:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls</p><p>2014-10-16 06:42 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll</p><p>2014-10-16 06:42 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll</p><p>2014-10-16 06:42 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll</p><p>2014-10-16 06:42 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll</p><p>2014-10-16 06:42 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll</p><p>2014-10-16 06:42 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll</p><p>2014-10-16 06:41 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll</p><p>2014-10-16 06:41 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll</p><p>2014-10-16 06:41 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll</p><p>2014-10-16 06:41 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll</p><p>2014-10-16 06:41 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll</p><p>2014-10-16 06:41 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll</p><p>2014-10-16 06:41 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll</p><p>2014-10-16 06:41 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll</p><p>2014-10-16 06:41 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll</p><p>2014-10-16 06:41 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe</p><p>2014-10-16 06:41 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll</p><p>2014-10-16 06:41 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll</p><p>2014-10-16 06:41 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll</p><p>2014-10-16 06:41 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys</p><p>2014-10-16 06:41 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys</p><p>2014-10-10 11:12 - 2014-10-10 11:12 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{B8868936-3B4C-4482-BDB7-662024D9E451}</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-11-07 06:25 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI</p><p>2014-11-07 06:24 - 2012-11-24 16:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2014-11-07 06:22 - 2012-05-29 15:32 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA.job</p><p>2014-11-07 06:22 - 2012-01-05 07:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-11-07 06:22 - 2011-06-09 22:43 - 00000000 ____D () C:\Users\Debbie\Documents\Outlook Files</p><p>2014-11-07 06:22 - 2009-07-13 23:51 - 00132796 _____ () C:\Windows\setupact.log</p><p>2014-11-07 06:21 - 2012-01-05 07:34 - 02010621 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-11-06 23:45 - 2011-01-16 18:14 - 00000000 ____D () C:\Users\Debbie\Documents\eBay</p><p>2014-11-06 17:27 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2014-11-06 17:27 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2014-11-06 17:23 - 2013-05-22 12:16 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk</p><p>2014-11-06 17:18 - 2012-01-09 10:30 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher</p><p>2014-11-06 17:16 - 2012-01-05 07:54 - 00000000 ____D () C:\ProgramData\PCDr</p><p>2014-11-06 17:13 - 2013-06-02 20:55 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job</p><p>2014-11-06 17:13 - 2012-01-05 07:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2014-11-06 17:12 - 2012-01-05 07:41 - 00000000 ____D () C:\ProgramData\NVIDIA</p><p>2014-11-06 17:12 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2014-11-06 17:09 - 2012-11-20 18:30 - 00000000 ____D () C:\Users\Debbie\AppData\Local\CrashDumps</p><p>2014-11-06 11:38 - 2010-11-20 22:47 - 00814640 _____ () C:\Windows\PFRO.log</p><p>2014-11-06 09:09 - 2012-01-09 10:30 - 00003502 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest</p><p>2014-11-06 09:09 - 2012-01-09 10:30 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job</p><p>2014-11-06 07:34 - 2012-05-29 15:32 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core.job</p><p>2014-11-05 14:31 - 2011-07-16 15:30 - 00000000 ____D () C:\temp</p><p>2014-11-05 12:58 - 2012-01-05 07:59 - 00000000 ____D () C:\ProgramData\Norton</p><p>2014-11-04 16:05 - 2012-12-10 14:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service</p><p>2014-10-30 19:38 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories</p><p>2014-10-29 08:45 - 2009-07-14 00:08 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT</p><p>2014-10-29 08:13 - 2014-01-27 22:16 - 00000000 ____D () C:\ProgramData\Oracle</p><p>2014-10-29 08:07 - 2013-07-19 08:13 - 00000000 ____D () C:\Program Files (x86)\Java</p><p>2014-10-29 07:51 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries</p><p>2014-10-28 07:57 - 2012-11-01 08:47 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Mozilla</p><p>2014-10-26 21:28 - 2012-01-05 07:49 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo</p><p>2014-10-26 21:28 - 2012-01-05 07:49 - 00000000 ____D () C:\Windows\Downloaded Installations</p><p>2014-10-26 21:28 - 2012-01-05 07:34 - 00000000 ____D () C:\Program Files\Lenovo</p><p>2014-10-26 21:26 - 2012-01-05 07:13 - 00000000 ____D () C:\ProgramData\Lenovo</p><p>2014-10-22 06:29 - 2012-05-29 15:32 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA</p><p>2014-10-22 06:29 - 2012-05-29 15:32 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core</p><p>2014-10-20 16:41 - 2012-01-09 10:30 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job</p><p>2014-10-20 07:27 - 2012-01-05 07:53 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA</p><p>2014-10-20 07:27 - 2012-01-05 07:53 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore</p><p>2014-10-19 07:40 - 2012-01-09 10:30 - 00004242 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask</p><p>2014-10-17 13:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache</p><p>2014-10-17 12:27 - 2009-07-13 23:45 - 00514344 _____ () C:\Windows\system32\FNTCACHE.DAT</p><p>2014-10-17 08:05 - 2012-09-12 08:07 - 00000000 ____D () C:\ProgramData\Microsoft Help</p><p></p><p>Files to move or delete:</p><p>====================</p><p>C:\Users\Debbie\8jku02ww.exe</p><p>C:\Users\Debbie\8mu414ww.exe</p><p>C:\Users\Debbie\hpothb07.dat</p><p>C:\Users\Debbie\lttsetup_60580224x86.exe</p><p></p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\Debbie\AppData\Local\Temp\avguidx.dll</p><p>C:\Users\Debbie\AppData\Local\Temp\dllnt_dump.dll</p><p>C:\Users\Debbie\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\LaunchPrivacyStatement.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\MachineIdCreator.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\nvStInst.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\oi_{0FB32886-A2E3-4A15-BFDB-3F6C5CBDDF56}.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\Quarantine.exe</p><p>C:\Users\Debbie\AppData\Local\Temp\setup.exe</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2014-10-26 10:11</p><p></p><p>=================== End Of Log ============================</p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014</p><p>Ran by Debbie at 2014-11-07 06:29:14</p><p>Running from C:\Users\Debbie\Downloads</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}</p><p>FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)</p><p>Adobe Photoshop Elements 2.0 (HKLM-x32\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)</p><p>Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)</p><p>Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden</p><p>Canon Camera WIA Driver (x32 Version: 5.3 - Canon) Hidden</p><p>Canon Camera WIA Driver (x32 Version: 5.4 - Canon) Hidden</p><p>Canon Camera WIA Driver (x32 Version: 5.5 - Canon) Hidden</p><p>Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.0.9 - )</p><p>Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.3.0.8 - )</p><p>Canon EOS 20D WIA Driver (HKLM-x32\...\InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}) (Version: 5.4 - Canon)</p><p>Canon EOS-1D Mark II WIA Driver (HKLM-x32\...\InstallShield_{C537C86E-22C0-41CF-8A8E-3B23E986C3D9}) (Version: 5.3 - Canon)</p><p>Canon EOS-1Ds Mark II WIA Driver (HKLM-x32\...\InstallShield_{652C4ADF-0A29-4B02-9211-EE61675847DE}) (Version: 5.5 - Canon)</p><p>Canon G.726 WMP-Decoder (HKLM-x32\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - )</p><p>Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 2.4.0.14 - )</p><p>Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.5.0.8 - )</p><p>Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.0.8 - )</p><p>Canon Utilities EOS Capture 1.2 (HKLM-x32\...\InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808}) (Version: 1.2 - Canon)</p><p>Canon Utilities EOS Viewer Utility 1.2 (HKLM-x32\...\InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373}) (Version: 1.2.1 - Canon)</p><p>Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - )</p><p>Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.8.0.74 - )</p><p>Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)</p><p>Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)</p><p>Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)</p><p>Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)</p><p>Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)</p><p>Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden</p><p>Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)</p><p>Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)</p><p>Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden</p><p>EOS Capture 1.2 (x32 Version: 1.2 - Canon) Hidden</p><p>EOS Viewer Utility 1.2.1 (x32 Version: 1.2.1 - Canon) Hidden</p><p>Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)</p><p>Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)</p><p>Google Talk Plugin (HKLM-x32\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google)</p><p>Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)</p><p>Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden</p><p>Hallmark Card Studio Select (HKLM-x32\...\{A6E08FBC-FC99-4CEE-B645-83A42107BE89}) (Version: 14.0.0.34 - Creative Home)</p><p>HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)</p><p>HP Photo and Imaging 2.0 - Photosmart Cameras (HKLM-x32\...\{15C46A4B-1AB5-4C25-91B6-59151E199D13}) (Version: 2.0.0000 - {&Tahoma8}Hewlett-Packard)</p><p>Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)</p><p>Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2538 - Intel Corporation)</p><p>iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)</p><p>Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)</p><p>Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden</p><p>Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - )</p><p>Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)</p><p>Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden</p><p>Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)</p><p>Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden</p><p>Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )</p><p>Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)</p><p>Lenovo SimpleTap (HKLM\...\{39969C3E-B297-41E5-9A7B-E252B504B21B}) (Version: 2.1.0003.00 - Lenovo Group Limited)</p><p>Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited)</p><p>Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )</p><p>Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)</p><p>Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)</p><p>Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)</p><p>Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)</p><p>Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 3.00.006.0 - Lenovo)</p><p>Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)</p><p>Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7916 - Memeo Inc.)</p><p>Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden</p><p>Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)</p><p>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)</p><p>Microsoft Publisher 2002 (HKLM-x32\...\{91190409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)</p><p>Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)</p><p>MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)</p><p>Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)</p><p>NVIDIA 3D Vision Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation)</p><p>NVIDIA Graphics Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)</p><p>NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)</p><p>On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )</p><p>picture-shark 1.0 (HKLM-x32\...\%ProgramName%) (Version: - )</p><p>RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)</p><p>Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )</p><p>RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)</p><p>Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1548 - Memeo Inc.)</p><p>Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)</p><p>ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )</p><p>ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.63 - )</p><p>ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.8.0 - )</p><p>ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)</p><p>ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.8 - REALTEK Semiconductor Corp.)</p><p>ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)</p><p>ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)</p><p>ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.07 - Lenovo)</p><p>VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.140 - VeriSign)</p><p>Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)</p><p>Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)</p><p>Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)</p><p>Windows Driver Package - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)</p><p>Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)</p><p>Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)</p><p>Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics)</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)</p><p>Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)</p><p>Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )</p><p>Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File</p><p>CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File</p><p>CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File</p><p></p><p>==================== Restore Points =========================</p><p></p><p>04-11-2014 19:24:30 ComboFix created restore point</p><p>05-11-2014 04:05:43 Checkpoint by HitmanPro</p><p>05-11-2014 04:10:45 Checkpoint by HitmanPro</p><p>06-11-2014 22:04:05 Malwarebytes Anti-Rootkit Restore Point</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p></p><p>Task: {03444A34-5E38-48FE-9E68-A8D9D7D46CC4} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)</p><p>Task: {0FBAC15B-7CE6-46EB-973F-21F69E8848F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)</p><p>Task: {133F19D6-B344-4009-9E49-8C2CDC24F419} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-01] (Symantec Corporation)</p><p>Task: {154DC038-22DB-4AC4-9745-39D15BC49EA9} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"</p><p>Task: {1972BFD8-FFFC-48CD-BC95-013E8F190C57} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)</p><p>Task: {3053DBF8-95F0-4749-AF97-435095E9C992} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()</p><p>Task: {3C0E2FB4-DFDA-46B8-9003-8B712889EFA6} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()</p><p>Task: {450E5C8E-496E-409B-93C7-3D4CF944E458} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-02-21] ()</p><p>Task: {482B379F-5724-4CEB-A35D-E311E1C5C09F} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)</p><p>Task: {7010AF58-E380-4353-8F43-7A04DE11CF84} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo)</p><p>Task: {804965AF-533B-49E0-B355-F3B70205314B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)</p><p>Task: {89BA7F9B-2950-4F33-9E18-438C8A9CDCDB} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()</p><p>Task: {8C42FFA2-D4C9-4E68-8F46-EE2791FCDBC8} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{BEE0BD8E-937D-46CA-AC2A-190111D526DD}.exe</p><p>Task: {A5B48964-8335-4EE5-A4F4-70172466DDB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)</p><p>Task: {A83CC65E-1ABB-432D-BA44-D4C5B059E2F1} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited)</p><p>Task: {ABDE0901-D2D0-412F-B9DD-81F09E57C9E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo)</p><p>Task: {CE23D284-6A67-4FF3-A3EC-F334358B38D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)</p><p>Task: {CE54D44D-2A06-4BA2-ACC9-4B33BD57958C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)</p><p>Task: {E538675E-CF36-45D2-B195-02FD64D3E8F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)</p><p>Task: {E73BA2E0-F92F-4427-A7CE-00C0305C445B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)</p><p>Task: {F89F68D9-54F5-418F-9977-973988C3447E} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)</p><p>Task: {FB87CBBA-8E62-46B4-B27E-7424A65D7CE2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)</p><p>Task: {FD487064-0D57-4CE9-9F9B-FB52B54DF267} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-09-03] ()</p><p>Task: {FE9F339B-E01F-4310-BCF5-E85DBC78AB6F} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo)</p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{BEE0BD8E-937D-46CA-AC2A-190111D526DD}.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core.job => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA.job => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe</p><p>Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2014-04-14 23:08 - 2013-10-28 19:53 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll</p><p>2012-01-05 07:44 - 2011-08-31 13:03 - 00045568 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL</p><p>2012-01-05 07:18 - 2011-05-19 07:04 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll</p><p>2012-01-05 07:37 - 2010-10-25 23:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe</p><p>2012-01-05 07:40 - 2011-03-06 06:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll</p><p>2002-06-20 14:36 - 2002-06-20 14:36 - 00077824 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe</p><p>2011-04-06 10:22 - 2011-04-06 10:22 - 00325344 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe</p><p>2009-05-28 01:09 - 2009-05-28 01:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe</p><p>2014-03-14 16:47 - 2014-03-14 16:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll</p><p>2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll</p><p>2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>2002-06-20 14:36 - 2002-06-20 14:36 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll</p><p>2011-11-03 13:09 - 2011-11-03 13:09 - 00102912 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll</p><p>2011-11-03 13:10 - 2011-11-03 13:10 - 00025600 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll</p><p>2011-11-03 13:10 - 2011-11-03 13:10 - 00015360 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.TroubleshootingPlugin.dll</p><p>2011-11-03 13:10 - 2011-11-03 13:10 - 00014848 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.VideoTutorialsPlugin.dll</p><p>2010-04-20 12:22 - 2010-04-20 12:22 - 00241664 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll</p><p>2010-04-20 12:22 - 2010-04-20 12:22 - 00971776 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll</p><p>2011-04-06 10:22 - 2011-04-06 10:22 - 02896608 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll</p><p>2011-04-06 10:22 - 2011-04-06 10:22 - 00027360 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll</p><p>2010-03-22 17:59 - 2010-03-22 17:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL</p><p>2010-03-22 17:57 - 2010-03-22 17:57 - 00178176 _____ () C:\Program Files (x86)\Common Files\Memeo\ProfMan.dll</p><p>2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf</p><p>2014-11-04 14:20 - 2014-11-04 14:21 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"</p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p></p><p>========================= Accounts: ==========================</p><p></p><p>Administrator (S-1-5-21-446325687-4255057720-627188916-500 - Administrator - Disabled)</p><p>Debbie (S-1-5-21-446325687-4255057720-627188916-1001 - Administrator - Enabled) => C:\Users\Debbie</p><p>Guest (S-1-5-21-446325687-4255057720-627188916-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-446325687-4255057720-627188916-1003 - Limited - Enabled)</p><p>UpdatusUser (S-1-5-21-446325687-4255057720-627188916-1000 - Limited - Enabled) => C:\Users\UpdatusUser</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 23408013</p><p></p><p>Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 23408013</p><p></p><p>Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (11/06/2014 05:13:36 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (11/06/2014 05:08:54 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00094765</p><p>Faulting process id: 0x43a8</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/06/2014 04:17:01 PM) (Source: PC-Doctor) (EventID: 1) (User: )</p><p>Description: (18724) Asapi: (16:17:01:7610)(18724) ASAPI-Global - Fatal -- 262 Engine has shut down!</p><p></p><p>Error: (11/06/2014 03:26:43 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00094765</p><p>Faulting process id: 0x2e60</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/06/2014 03:25:42 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00095c91</p><p>Faulting process id: 0x1d40</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/06/2014 02:23:29 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00095c91</p><p>Faulting process id: 0x2db8</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p>Error: (11/06/2014 01:52:41 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7</p><p>Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22</p><p>Exception code: 0xc00000fd</p><p>Fault offset: 0x00094765</p><p>Faulting process id: 0x3df8</p><p>Faulting application start time: 0xiexplore.exe0</p><p>Faulting application path: iexplore.exe1</p><p>Faulting module path: iexplore.exe2</p><p>Report Id: iexplore.exe3</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (11/06/2014 05:21:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The NVIDIA Update Service Daemon service failed to start due to the following error:</p><p>%%1069</p><p></p><p>Error: (11/06/2014 05:21:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )</p><p>Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:</p><p>%%1330</p><p></p><p>To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).</p><p></p><p>Error: (11/06/2014 05:19:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )</p><p>Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service hung on starting.</p><p></p><p>Error: (11/06/2014 05:13:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load:</p><p>AFS</p><p></p><p>Error: (11/06/2014 05:13:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The vToolbarUpdater18.1.9 service failed to start due to the following error:</p><p>%%2</p><p></p><p>Error: (11/06/2014 02:58:41 PM) (Source: NetBT) (EventID: 4321) (User: )</p><p>Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.0.0.15.</p><p>The computer with the IP address 10.0.0.10 did not allow the name to be claimed by</p><p>this computer.</p><p></p><p>Error: (11/06/2014 02:58:39 PM) (Source: NetBT) (EventID: 4321) (User: )</p><p>Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.0.0.15.</p><p>The computer with the IP address 10.0.0.10 did not allow the name to be claimed by</p><p>this computer.</p><p></p><p>Error: (11/06/2014 02:22:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)</p><p>Description: The following fatal alert was generated: 43. The internal error state is 252.</p><p></p><p>Error: (11/06/2014 02:22:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)</p><p>Description: The following fatal alert was generated: 43. The internal error state is 252.</p><p></p><p>Error: (11/06/2014 01:29:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The NVIDIA Update Service Daemon service failed to start due to the following error:</p><p>%%1069</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 23408013</p><p></p><p>Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 23408013</p><p></p><p>Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (11/06/2014 05:13:36 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (11/06/2014 05:08:54 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd0009476543a801cffa0e146fc450C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll7e95f1e8-6601-11e4-9628-f0def1ba22d1</p><p></p><p>Error: (11/06/2014 04:17:01 PM) (Source: PC-Doctor) (EventID: 1) (User: )</p><p>Description: (18724) Asapi: (16:17:01:7610)(18724) ASAPI-Global - Fatal -- 262 Engine has shut down!</p><p></p><p>Error: (11/06/2014 03:26:43 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd000947652e6001cff9ff4f5c3ff4C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll381c9c54-65f3-11e4-9628-f0def1ba22d1</p><p></p><p>Error: (11/06/2014 03:25:42 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c911d4001cff9ffb10c17cfC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll13d6e0de-65f3-11e4-9628-f0def1ba22d1</p><p></p><p>Error: (11/06/2014 02:23:29 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c912db801cff9f64f2e56d0C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll62e680e5-65ea-11e4-9628-f0def1ba22d1</p><p></p><p>Error: (11/06/2014 01:52:41 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd000947653df801cff9f2b4d3c107C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll152c514c-65e6-11e4-9628-f0def1ba22d1</p><p></p><p></p><p>==================== Memory info ===========================</p><p></p><p>Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz</p><p>Percentage of memory in use: 53%</p><p>Total physical RAM: 6027.23 MB</p><p>Available physical RAM: 2799.93 MB</p><p>Total Pagefile: 12052.65 MB</p><p>Available Pagefile: 9082.66 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.85 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (Windows7_OS) (Fixed) (Total:281 GB) (Free:114.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p>Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.45 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 298.1 GB) (Disk ID: E2A1E811)</p><p>Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="boxwood_barn, post: 293992, member: 30325"] OK, great, downloading the Farbar Recovery Scan Tool. The computer started running better after the last malwarebytes program was run! Below are copies of the .txt reports ............................................................. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014 Ran by Debbie (administrator) on DEBBIE-THINK on 07-11-2014 06:27:32 Running from C:\Users\Debbie\Downloads Loaded Profiles: Debbie & (Available profiles: UpdatusUser & Debbie) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe (Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo.) C:\Windows\System32\TpShocks.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Creative Home) C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\Planner\PLNRnote.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPUIManager.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated) HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-25] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited) HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo) HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [Share-to-Web Namespace Daemon] => C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [69632 2002-06-20] (Hewlett-Packard) HKLM-x32\...\Run: [CamMonitor] => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe [90112 2002-10-06] () HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-04-06] (Memeo Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [AddressBookReminderApp] => C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\ReminderApp.exe HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [73728 2011-11-03] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-446325687-4255057720-627188916-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\Run: [LTT] => C:\Program Files\PC-Doctor\EnableToolbarW32.exe [23120 2011-06-27] (PC-Doctor, Inc.) HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\Run: [Google Update] => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-13] (Google Inc.) HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-01-05] (Google Inc.) HKU\S-1-5-21-446325687-4255057720-627188916-1001\...\MountPoints2: {dfbcd279-3798-11e1-ac8f-806e6f6e6963} - Q:\LenovoQDrive.exe HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LTT] => C:\Program Files\PC-Doctor\EnableToolbarW32.exe [23120 2011-06-27] (PC-Doctor, Inc.) HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-13] (Google Inc.) HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-01-05] (Google Inc.) HKU\S-1-5-21-446325687-4255057720-627188916-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dfbcd279-3798-11e1-ac8f-806e6f6e6963} - Q:\LenovoQDrive.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio Select\Planner\PLNRnote.exe (Creative Home) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.ebay.com/[/url] HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [url]http://www.lenovo.com/welcome/thinkpad[/url] HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://lenovo.msn.com[/url] SearchScopes: HKCU - {025686F7-F1B6-4916-8139-C48BF875878A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 FireFox: ======== FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\u85y9f04.default FF Homepage: hxxp://[url="http://www.ebay.com/"]www.ebay.com/[/url] FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Debbie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Debbie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Debbie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Debbie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn [2014-11-06] FF HKLM-x32\...\Firefox\Extensions: [[email]VIP@verisign.com[/email]] - C:\Program Files (x86)\Symantec\VIP Access Client FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-01-05] Chrome: ======= CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File CHR Plugin: (Norton Confidential) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File CHR Profile: C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-04-15] CHR Extension: (YouTube) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-09] CHR Extension: (Google Search) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-09] CHR Extension: (No Name) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-01-09] CHR Extension: (No Name) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-11-05] CHR Extension: (Google Wallet) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28] CHR Extension: (Gmail) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-09] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation) R2 SeagateDashboardService; C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [8704 2011-11-03] (Memeo) [File not signed] S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] () R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed] R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-06-30] (Symantec Corporation) S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 A2DDA; C:\TEMP\BIN\a2ddax64.sys [26176 2014-11-05] (Emsisoft GmbH) S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2012-09-23] (Oak Technology Inc.) [File not signed] U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies) R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20141030.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation) R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation) S3 cleanhlp; C:\temp\bin\cleanhlp64.sys [57024 2014-11-05] (Emsisoft GmbH) R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-10-05] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-10-05] (Symantec Corporation) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-11-04] () R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20141106.001\IDSvia64.sys [633560 2014-10-03] (Symantec Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-06] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20141106.004\ENG64.SYS [129752 2014-11-03] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20141106.004\EX64.SYS [2137304 2014-11-03] (Symantec Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-10-29] (NVIDIA Corporation) R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation) R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation) R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation) R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-04-16] (Symantec Corporation) R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation) R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation) R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 06:27 - 2014-11-07 06:28 - 00025851 _____ () C:\Users\Debbie\Downloads\FRST.txt 2014-11-07 06:25 - 2014-11-07 06:25 - 02114560 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe 2014-11-07 06:24 - 2014-11-07 06:24 - 01055936 _____ (Adobe) C:\Users\Debbie\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe 2014-11-06 16:14 - 2014-11-06 17:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-11-06 16:06 - 2014-11-06 16:06 - 14439144 _____ (Malwarebytes Corp.) C:\Users\Debbie\Desktop\mbar-1.08.0.1001.exe 2014-11-06 15:56 - 2014-11-06 15:57 - 04163057 _____ () C:\Users\Debbie\Downloads\tdsskiller.zip 2014-11-06 10:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-11-06 10:48 - 2014-11-06 11:33 - 00000000 ____D () C:\AdwCleaner 2014-11-06 10:10 - 2014-11-07 06:27 - 00000000 ____D () C:\FRST 2014-11-06 09:29 - 2014-11-06 09:29 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Debbie\Downloads\iExplore64.exe 2014-11-06 08:10 - 2014-11-06 08:10 - 00004040 _____ () C:\{EE69BDE6-A30B-453D-9CC1-19FFCEFE2A6C} 2014-11-05 16:30 - 2014-11-05 16:30 - 00004064 _____ () C:\{4C9539A3-34E4-4DEA-97F4-5CEFEEFA81A4} 2014-11-05 16:26 - 2014-11-05 16:26 - 00004064 _____ () C:\{4EC32F26-91ED-4D98-80DA-9557AA8D7B3A} 2014-11-05 16:24 - 2014-11-05 16:24 - 00003024 _____ () C:\{A1D8FC99-96F4-493E-A4F0-2948B4B1E251} 2014-11-05 15:27 - 2014-11-05 15:28 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{32CC40D1-2024-4C6A-AF3D-032CE3EF0801} 2014-11-05 13:07 - 2014-11-05 13:07 - 00000763 _____ () C:\Users\Debbie\Desktop\Start Emsisoft Emergency Kit.lnk 2014-11-05 13:03 - 2014-11-05 13:04 - 155294504 _____ () C:\Users\Debbie\Downloads\EmsisoftEmergencyKit.exe 2014-11-05 11:33 - 2014-11-05 23:39 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-11-05 11:32 - 2014-11-05 11:33 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-11-05 11:29 - 2014-11-05 11:31 - 17526360 _____ () C:\Users\Debbie\Downloads\RogueKillerX64(1).exe 2014-11-04 23:35 - 2014-11-04 23:35 - 17526360 _____ () C:\Users\Debbie\Downloads\RogueKillerX64.exe 2014-11-04 23:14 - 2014-11-04 23:14 - 00001446 _____ () C:\Windows\system32\.crusader 2014-11-04 17:57 - 2014-11-04 23:21 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys 2014-11-04 17:56 - 2014-11-04 23:14 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-11-04 17:55 - 2014-11-04 17:55 - 11222744 _____ (SurfRight B.V.) C:\Users\Debbie\Downloads\HitmanPro_x64.exe 2014-11-04 16:30 - 2014-11-04 16:30 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Debbie\Downloads\iExplore.exe 2014-11-04 16:05 - 2014-11-04 16:05 - 00003416 ____N () C:\bootsqm.dat 2014-11-04 15:56 - 2014-11-04 15:56 - 00000000 __SHD () C:\found.000 2014-11-04 14:24 - 2014-11-04 14:37 - 00000000 ___SD () C:\ComboFix 2014-11-04 14:24 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-04 14:24 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-04 14:24 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-04 14:24 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-04 14:24 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-04 14:24 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-04 14:24 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-04 14:24 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-04 14:22 - 2014-11-04 14:24 - 00000000 ____D () C:\Qoobox 2014-11-04 14:20 - 2014-11-04 14:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-04 14:19 - 2014-11-04 14:24 - 00000000 ___SD () C:\32788R22FWJFW 2014-11-04 14:19 - 2014-11-04 14:19 - 00000000 ____D () C:\Windows\erdnt 2014-11-04 11:33 - 2014-11-04 11:33 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Seagate 2014-11-04 11:32 - 2014-11-04 11:32 - 00001292 _____ () C:\Users\Public\Desktop\Seagate Dashboard.lnk 2014-11-04 11:32 - 2014-11-04 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2014-11-04 11:28 - 2014-11-04 11:28 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-11-04 11:26 - 2014-11-04 11:33 - 00001126 _____ () C:\Users\Debbie\Documents\GoFlexHomeInstaller.11-04-2014.log 2014-11-03 08:31 - 2014-11-03 08:31 - 00033504 _____ () C:\{CE0D2AD2-4F44-4686-B7FA-7510CEFA73D0} 2014-11-02 09:27 - 2014-11-03 09:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2A0C2989.sys 2014-11-01 08:49 - 2014-11-01 08:49 - 00036472 _____ () C:\{82BAF8F5-CC6B-4165-9A02-DE73B94E6CB6} 2014-10-30 19:38 - 2014-11-06 21:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-30 19:38 - 2014-11-06 16:12 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-30 19:38 - 2014-10-30 19:38 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-30 19:38 - 2014-10-30 19:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-10-30 19:38 - 2014-10-01 10:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-30 19:38 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-29 08:07 - 2014-10-29 08:07 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log 2014-10-29 07:49 - 2014-10-29 07:49 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-29 07:49 - 2014-10-03 09:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-28 22:08 - 2014-11-03 09:58 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\LSC 2014-10-28 09:49 - 2014-10-28 09:50 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{F1CCEC0A-17E7-4C7A-972B-1D55F8864B5F} 2014-10-28 09:49 - 2014-10-28 09:49 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{8B3C8E8A-0CAE-43BC-816C-8BA62B4C2122} 2014-10-27 16:00 - 2014-10-27 16:00 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{02D21EC6-09F2-4B56-96D4-1DE0EE5B7998} 2014-10-26 21:28 - 2014-10-26 21:28 - 00001962 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk 2014-10-26 08:12 - 2014-10-26 08:12 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{B8FA8C99-6081-4C2E-8C50-169E012E2A96} 2014-10-26 08:12 - 2014-10-26 08:12 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{6810991B-7F80-432A-ABD4-50BD72E8218F} 2014-10-21 06:53 - 2014-10-21 06:54 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{BB2BBC41-36EE-4294-832B-0CF0CC3054CB} 2014-10-16 10:22 - 2014-10-16 10:22 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{C626203E-87B1-4657-B6FB-69D0BC0AAF92} 2014-10-16 06:42 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-16 06:42 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-16 06:42 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 06:42 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 06:42 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-16 06:42 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 06:42 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 06:42 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-16 06:42 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 06:42 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 06:42 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 06:42 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 06:42 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-16 06:42 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-16 06:42 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 06:42 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 06:42 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-16 06:42 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-16 06:42 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-16 06:42 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 06:42 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 06:42 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-16 06:42 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 06:42 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 06:42 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-16 06:42 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-16 06:42 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-16 06:42 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-16 06:42 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-16 06:42 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 06:42 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-16 06:42 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-16 06:42 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-16 06:42 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-16 06:42 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-16 06:42 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 06:42 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-16 06:42 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 06:42 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-16 06:42 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-16 06:42 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-16 06:42 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-16 06:42 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-16 06:42 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-16 06:42 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 06:42 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-16 06:42 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-16 06:42 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-16 06:42 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 06:42 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-16 06:42 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 06:42 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-16 06:42 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 06:42 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-16 06:42 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-16 06:42 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-16 06:42 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-16 06:42 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-16 06:42 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-16 06:42 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-16 06:42 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-16 06:42 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-16 06:42 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-16 06:42 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-16 06:42 - 2014-07-08 17:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-16 06:42 - 2014-07-08 17:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-16 06:42 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 06:42 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-16 06:42 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-16 06:42 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 06:42 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-16 06:42 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-16 06:41 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 06:41 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-16 06:41 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-16 06:41 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-16 06:41 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 06:41 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-16 06:41 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 06:41 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-16 06:41 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 06:41 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 06:41 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 06:41 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 06:41 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 06:41 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 06:41 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-16 06:41 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-16 06:41 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-16 06:41 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-16 06:41 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-16 06:41 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-16 06:41 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-16 06:41 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-10 11:12 - 2014-10-10 11:12 - 00000000 ____D () C:\Users\Debbie\AppData\Local\{B8868936-3B4C-4482-BDB7-662024D9E451} ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 06:25 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-07 06:24 - 2012-11-24 16:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-07 06:22 - 2012-05-29 15:32 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA.job 2014-11-07 06:22 - 2012-01-05 07:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-07 06:22 - 2011-06-09 22:43 - 00000000 ____D () C:\Users\Debbie\Documents\Outlook Files 2014-11-07 06:22 - 2009-07-13 23:51 - 00132796 _____ () C:\Windows\setupact.log 2014-11-07 06:21 - 2012-01-05 07:34 - 02010621 _____ () C:\Windows\WindowsUpdate.log 2014-11-06 23:45 - 2011-01-16 18:14 - 00000000 ____D () C:\Users\Debbie\Documents\eBay 2014-11-06 17:27 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-06 17:27 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-06 17:23 - 2013-05-22 12:16 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-11-06 17:18 - 2012-01-09 10:30 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher 2014-11-06 17:16 - 2012-01-05 07:54 - 00000000 ____D () C:\ProgramData\PCDr 2014-11-06 17:13 - 2013-06-02 20:55 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2014-11-06 17:13 - 2012-01-05 07:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-06 17:12 - 2012-01-05 07:41 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-06 17:12 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-06 17:09 - 2012-11-20 18:30 - 00000000 ____D () C:\Users\Debbie\AppData\Local\CrashDumps 2014-11-06 11:38 - 2010-11-20 22:47 - 00814640 _____ () C:\Windows\PFRO.log 2014-11-06 09:09 - 2012-01-09 10:30 - 00003502 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2014-11-06 09:09 - 2012-01-09 10:30 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job 2014-11-06 07:34 - 2012-05-29 15:32 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core.job 2014-11-05 14:31 - 2011-07-16 15:30 - 00000000 ____D () C:\temp 2014-11-05 12:58 - 2012-01-05 07:59 - 00000000 ____D () C:\ProgramData\Norton 2014-11-04 16:05 - 2012-12-10 14:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-30 19:38 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-29 08:45 - 2009-07-14 00:08 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-29 08:13 - 2014-01-27 22:16 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-29 08:07 - 2013-07-19 08:13 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-29 07:51 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-10-28 07:57 - 2012-11-01 08:47 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Mozilla 2014-10-26 21:28 - 2012-01-05 07:49 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo 2014-10-26 21:28 - 2012-01-05 07:49 - 00000000 ____D () C:\Windows\Downloaded Installations 2014-10-26 21:28 - 2012-01-05 07:34 - 00000000 ____D () C:\Program Files\Lenovo 2014-10-26 21:26 - 2012-01-05 07:13 - 00000000 ____D () C:\ProgramData\Lenovo 2014-10-22 06:29 - 2012-05-29 15:32 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA 2014-10-22 06:29 - 2012-05-29 15:32 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core 2014-10-20 16:41 - 2012-01-09 10:30 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job 2014-10-20 07:27 - 2012-01-05 07:53 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-20 07:27 - 2012-01-05 07:53 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-19 07:40 - 2012-01-09 10:30 - 00004242 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2014-10-17 13:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache 2014-10-17 12:27 - 2009-07-13 23:45 - 00514344 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-17 08:05 - 2012-09-12 08:07 - 00000000 ____D () C:\ProgramData\Microsoft Help Files to move or delete: ==================== C:\Users\Debbie\8jku02ww.exe C:\Users\Debbie\8mu414ww.exe C:\Users\Debbie\hpothb07.dat C:\Users\Debbie\lttsetup_60580224x86.exe Some content of TEMP: ==================== C:\Users\Debbie\AppData\Local\Temp\avguidx.dll C:\Users\Debbie\AppData\Local\Temp\dllnt_dump.dll C:\Users\Debbie\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Debbie\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Debbie\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Debbie\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Debbie\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Debbie\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\Debbie\AppData\Local\Temp\LaunchPrivacyStatement.exe C:\Users\Debbie\AppData\Local\Temp\MachineIdCreator.exe C:\Users\Debbie\AppData\Local\Temp\nvStInst.exe C:\Users\Debbie\AppData\Local\Temp\oi_{0FB32886-A2E3-4A15-BFDB-3F6C5CBDDF56}.exe C:\Users\Debbie\AppData\Local\Temp\Quarantine.exe C:\Users\Debbie\AppData\Local\Temp\setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-26 10:11 =================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by Debbie at 2014-11-07 06:29:14 Running from C:\Users\Debbie\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Photoshop Elements 2.0 (HKLM-x32\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden Canon Camera WIA Driver (x32 Version: 5.3 - Canon) Hidden Canon Camera WIA Driver (x32 Version: 5.4 - Canon) Hidden Canon Camera WIA Driver (x32 Version: 5.5 - Canon) Hidden Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.0.9 - ) Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.3.0.8 - ) Canon EOS 20D WIA Driver (HKLM-x32\...\InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}) (Version: 5.4 - Canon) Canon EOS-1D Mark II WIA Driver (HKLM-x32\...\InstallShield_{C537C86E-22C0-41CF-8A8E-3B23E986C3D9}) (Version: 5.3 - Canon) Canon EOS-1Ds Mark II WIA Driver (HKLM-x32\...\InstallShield_{652C4ADF-0A29-4B02-9211-EE61675847DE}) (Version: 5.5 - Canon) Canon G.726 WMP-Decoder (HKLM-x32\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - ) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 2.4.0.14 - ) Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.5.0.8 - ) Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.0.8 - ) Canon Utilities EOS Capture 1.2 (HKLM-x32\...\InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808}) (Version: 1.2 - Canon) Canon Utilities EOS Viewer Utility 1.2 (HKLM-x32\...\InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373}) (Version: 1.2.1 - Canon) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - ) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.8.0.74 - ) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant) Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.) Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden EOS Capture 1.2 (x32 Version: 1.2 - Canon) Hidden EOS Viewer Utility 1.2.1 (x32 Version: 1.2.1 - Canon) Hidden Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Hallmark Card Studio Select (HKLM-x32\...\{A6E08FBC-FC99-4CEE-B645-83A42107BE89}) (Version: 14.0.0.34 - Creative Home) HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company) HP Photo and Imaging 2.0 - Photosmart Cameras (HKLM-x32\...\{15C46A4B-1AB5-4C25-91B6-59151E199D13}) (Version: 2.0.0000 - {&Tahoma8}Hewlett-Packard) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2538 - Intel Corporation) iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - ) Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited) Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.) Lenovo SimpleTap (HKLM\...\{39969C3E-B297-41E5-9A7B-E252B504B21B}) (Version: 2.1.0003.00 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo) Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.) Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo) Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo) Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 3.00.006.0 - Lenovo) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7916 - Memeo Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Publisher 2002 (HKLM-x32\...\{91190409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation) NVIDIA 3D Vision Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation) NVIDIA Graphics Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation) On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - ) picture-shark 1.0 (HKLM-x32\...\%ProgramName%) (Version: - ) RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo) Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - ) RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH) Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1548 - Memeo Inc.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - ) ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.63 - ) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.8.0 - ) ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo) ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.8 - REALTEK Semiconductor Corp.) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.07 - Lenovo) VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.140 - VeriSign) Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel) Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel) Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel) Windows Driver Package - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel) Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel) Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo) Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-446325687-4255057720-627188916-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 04-11-2014 19:24:30 ComboFix created restore point 05-11-2014 04:05:43 Checkpoint by HitmanPro 05-11-2014 04:10:45 Checkpoint by HitmanPro 06-11-2014 22:04:05 Malwarebytes Anti-Rootkit Restore Point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03444A34-5E38-48FE-9E68-A8D9D7D46CC4} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.) Task: {0FBAC15B-7CE6-46EB-973F-21F69E8848F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.) Task: {133F19D6-B344-4009-9E49-8C2CDC24F419} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-01] (Symantec Corporation) Task: {154DC038-22DB-4AC4-9745-39D15BC49EA9} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {1972BFD8-FFFC-48CD-BC95-013E8F190C57} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation) Task: {3053DBF8-95F0-4749-AF97-435095E9C992} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] () Task: {3C0E2FB4-DFDA-46B8-9003-8B712889EFA6} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] () Task: {450E5C8E-496E-409B-93C7-3D4CF944E458} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-02-21] () Task: {482B379F-5724-4CEB-A35D-E311E1C5C09F} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.) Task: {7010AF58-E380-4353-8F43-7A04DE11CF84} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo) Task: {804965AF-533B-49E0-B355-F3B70205314B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.) Task: {89BA7F9B-2950-4F33-9E18-438C8A9CDCDB} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] () Task: {8C42FFA2-D4C9-4E68-8F46-EE2791FCDBC8} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{BEE0BD8E-937D-46CA-AC2A-190111D526DD}.exe Task: {A5B48964-8335-4EE5-A4F4-70172466DDB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated) Task: {A83CC65E-1ABB-432D-BA44-D4C5B059E2F1} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited) Task: {ABDE0901-D2D0-412F-B9DD-81F09E57C9E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo) Task: {CE23D284-6A67-4FF3-A3EC-F334358B38D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.) Task: {CE54D44D-2A06-4BA2-ACC9-4B33BD57958C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo) Task: {E538675E-CF36-45D2-B195-02FD64D3E8F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.) Task: {E73BA2E0-F92F-4427-A7CE-00C0305C445B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.) Task: {F89F68D9-54F5-418F-9977-973988C3447E} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft) Task: {FB87CBBA-8E62-46B4-B27E-7424A65D7CE2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation) Task: {FD487064-0D57-4CE9-9F9B-FB52B54DF267} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-09-03] () Task: {FE9F339B-E01F-4310-BCF5-E85DBC78AB6F} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{BEE0BD8E-937D-46CA-AC2A-190111D526DD}.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001Core.job => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-446325687-4255057720-627188916-1001UA.job => C:\Users\Debbie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-14 23:08 - 2013-10-28 19:53 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-01-05 07:44 - 2011-08-31 13:03 - 00045568 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL 2012-01-05 07:18 - 2011-05-19 07:04 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll 2012-01-05 07:37 - 2010-10-25 23:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2012-01-05 07:40 - 2011-03-06 06:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2002-06-20 14:36 - 2002-06-20 14:36 - 00077824 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe 2011-04-06 10:22 - 2011-04-06 10:22 - 00325344 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe 2009-05-28 01:09 - 2009-05-28 01:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe 2014-03-14 16:47 - 2014-03-14 16:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2002-06-20 14:36 - 2002-06-20 14:36 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll 2011-11-03 13:09 - 2011-11-03 13:09 - 00102912 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll 2011-11-03 13:10 - 2011-11-03 13:10 - 00025600 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll 2011-11-03 13:10 - 2011-11-03 13:10 - 00015360 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.TroubleshootingPlugin.dll 2011-11-03 13:10 - 2011-11-03 13:10 - 00014848 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.VideoTutorialsPlugin.dll 2010-04-20 12:22 - 2010-04-20 12:22 - 00241664 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll 2010-04-20 12:22 - 2010-04-20 12:22 - 00971776 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll 2011-04-06 10:22 - 2011-04-06 10:22 - 02896608 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll 2011-04-06 10:22 - 2011-04-06 10:22 - 00027360 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll 2010-03-22 17:59 - 2010-03-22 17:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL 2010-03-22 17:57 - 2010-03-22 17:57 - 00178176 _____ () C:\Program Files (x86)\Common Files\Memeo\ProfMan.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2014-11-04 14:20 - 2014-11-04 14:21 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-446325687-4255057720-627188916-500 - Administrator - Disabled) Debbie (S-1-5-21-446325687-4255057720-627188916-1001 - Administrator - Enabled) => C:\Users\Debbie Guest (S-1-5-21-446325687-4255057720-627188916-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-446325687-4255057720-627188916-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-446325687-4255057720-627188916-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 23408013 Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 23408013 Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/06/2014 05:13:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/06/2014 05:08:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00094765 Faulting process id: 0x43a8 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/06/2014 04:17:01 PM) (Source: PC-Doctor) (EventID: 1) (User: ) Description: (18724) Asapi: (16:17:01:7610)(18724) ASAPI-Global - Fatal -- 262 Engine has shut down! Error: (11/06/2014 03:26:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00094765 Faulting process id: 0x2e60 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/06/2014 03:25:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00095c91 Faulting process id: 0x1d40 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/06/2014 02:23:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00095c91 Faulting process id: 0x2db8 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (11/06/2014 01:52:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22 Exception code: 0xc00000fd Fault offset: 0x00094765 Faulting process id: 0x3df8 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 System errors: ============= Error: (11/06/2014 05:21:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (11/06/2014 05:21:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (11/06/2014 05:19:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service hung on starting. Error: (11/06/2014 05:13:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AFS Error: (11/06/2014 05:13:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The vToolbarUpdater18.1.9 service failed to start due to the following error: %%2 Error: (11/06/2014 02:58:41 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.0.0.15. The computer with the IP address 10.0.0.10 did not allow the name to be claimed by this computer. Error: (11/06/2014 02:58:39 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.0.0.15. The computer with the IP address 10.0.0.10 did not allow the name to be claimed by this computer. Error: (11/06/2014 02:22:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 43. The internal error state is 252. Error: (11/06/2014 02:22:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 43. The internal error state is 252. Error: (11/06/2014 01:29:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Microsoft Office Sessions: ========================= Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 23408013 Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 23408013 Error: (11/07/2014 06:21:28 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/06/2014 05:13:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/06/2014 05:08:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd0009476543a801cffa0e146fc450C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll7e95f1e8-6601-11e4-9628-f0def1ba22d1 Error: (11/06/2014 04:17:01 PM) (Source: PC-Doctor) (EventID: 1) (User: ) Description: (18724) Asapi: (16:17:01:7610)(18724) ASAPI-Global - Fatal -- 262 Engine has shut down! Error: (11/06/2014 03:26:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd000947652e6001cff9ff4f5c3ff4C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll381c9c54-65f3-11e4-9628-f0def1ba22d1 Error: (11/06/2014 03:25:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c911d4001cff9ffb10c17cfC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll13d6e0de-65f3-11e4-9628-f0def1ba22d1 Error: (11/06/2014 02:23:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00095c912db801cff9f64f2e56d0C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll62e680e5-65ea-11e4-9628-f0def1ba22d1 Error: (11/06/2014 01:52:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd000947653df801cff9f2b4d3c107C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll152c514c-65e6-11e4-9628-f0def1ba22d1 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz Percentage of memory in use: 53% Total physical RAM: 6027.23 MB Available physical RAM: 2799.93 MB Total Pagefile: 12052.65 MB Available Pagefile: 9082.66 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:281 GB) (Free:114.43 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: E2A1E811) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS) ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top