Quote:
Originally Posted by Blade81
(Post 9048279)
Hi,
If help still needed please follow these instructions:
- Download Farbar Recovery Scan Tool to your Desktop.
- Right-click Frst.exe and select Run as Administrator to launch it.
Note: Make sure that Addition option is checked.
- Press Scan button and wait.
- When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
Please post their contents in your next reply.
|
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by joannriner (administrator) on G on 03-04-2015 17:07:46
Running from C:\Users\joannriner\Desktop
Loaded Profiles: joannriner (Available profiles: joannriner)
Platform: Microsoft® Windows Vista Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
() C:\Program Files\Clearwire\ClearStick\ClearStick.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6037504 2008-04-08] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [jswtrayutil] => "C:\Program Files\Jumpstart\jswtrayutil.exe"
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-02-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [505720 2008-06-02] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-05-09] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [ClearStick] => C:\Program Files\Clearwire\ClearStick\ClearStick.exe [63488 2012-01-10] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3552375448-1525598448-3347412488-1000\...\MountPoints2: {387988d4-97bc-11e4-a52d-001d8883afa2} - E:\WinInit.exe -c
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig/redirectdom...TSHB&bmod=TSHB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/redirectdom...TSHB&bmod=TSHB
HKU\S-1-5-21-3552375448-1525598448-3347412488-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3552375448-1525598448-3347412488-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/?ocid=EIE9HP&PC=UP51
SearchScopes: HKLM -> DefaultScope {3F053D64-442C-40CE-853C-5FA82EA0BDEE} URL =
http://www.google.com/search?sourcei...g}&rlz=1I7TSHB
SearchScopes: HKLM -> {3F053D64-442C-40CE-853C-5FA82EA0BDEE} URL =
http://www.google.com/search?sourcei...g}&rlz=1I7TSHB
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> DefaultScope {3F053D64-442C-40CE-853C-5FA82EA0BDEE} URL =
SearchScopes: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> {14C36675-A2C1-488A-BC29-52840D8B1007} URL =
http://www.bing.com/search?FORM=UP51...c=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> {6C1925D6-4DCA-469C-905E-07F65D97A837} URL =
https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> {E5860DB7-59E8-417E-AF5A-FA0E0EA9B202} URL =
https://www.google.com/search?q={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3552375448-1525598448-3347412488-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get.../ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
FireFox:
========
FF ProfilePath: C:\Users\joannriner\Application Data\Mozilla\Firefox\Profiles\7chtgwsi.default
FF DefaultSearchEngine: Google
FF Homepage:
www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll [2015-01-13] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-16]
Chrome:
=======
CHR StartupUrls: Default -> "
https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={goo gle:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassi fication}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}s ugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-03]
CHR Extension: (YouTube) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-03]
CHR Extension: (Google Search) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Google Sheets) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-03]
CHR Extension: (Gmail) - C:\Users\joannriner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-03]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [46392 2008-08-04] (TOSHIBA Corporation)
R2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S3 SVRPEDRV; C:\Windows\System32\sysprep\PEDrv.sys [9216 2008-01-18] (Inventec Corporation) [File not signed]
S3 IO_Memory; \??\C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCTINDIS5; \??\C:\Windows\system32\PCTINDIS5.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-03 17:07 - 2015-04-03 17:08 - 00015288 _____ () C:\Users\joannriner\Desktop\FRST.txt
2015-04-03 17:07 - 2015-04-03 17:07 - 00000000 ____D () C:\FRST
2015-04-03 17:06 - 2015-04-03 17:06 - 01135104 _____ (Farbar) C:\Users\joannriner\Desktop\FRST.exe
2015-04-03 06:04 - 2015-04-03 16:55 - 00000000 ____D () C:\Users\joannriner\Documents\4 SALE
2015-04-01 10:31 - 2015-04-01 10:31 - 00001624 _____ () C:\Users\joannriner\AppData\Roaming\Microsoft\Windows\Start Menu\Problem Reports and Solutions.lnk
2015-03-31 01:48 - 2015-03-31 02:03 - 00000000 ____D () C:\Users\joannriner\Downloads\1
2015-03-25 14:13 - 2015-03-31 00:45 - 00000926 _____ () C:\Users\joannriner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-03-25 14:13 - 2015-03-25 14:13 - 00001747 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Center.lnk
2015-03-25 13:30 - 2015-03-25 13:40 - 00001730 _____ () C:\Windows\wmsetup.log
2015-03-25 13:08 - 2015-03-25 13:08 - 00001878 _____ () C:\Users\joannriner\AppData\Roaming\Microsoft\Windows\Start Menu\Skype.lnk
2015-03-25 09:16 - 2015-03-25 09:16 - 00000000 ____D () C:\Users\joannriner\AppData\Local\Skype
2015-03-25 09:14 - 2015-03-25 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-25 09:14 - 2015-03-25 09:14 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-03-25 09:13 - 2015-03-25 09:14 - 00000000 ___RD () C:\Program Files\Skype
2015-03-25 09:11 - 2015-03-25 09:15 - 00000000 ____D () C:\ProgramData\Skype
2015-03-15 12:20 - 2015-01-28 18:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-15 12:19 - 2015-01-28 18:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-15 12:18 - 2015-02-25 17:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-15 12:10 - 2015-02-19 19:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-15 12:10 - 2015-02-19 17:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-15 12:09 - 2015-02-25 19:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-15 12:09 - 2015-02-25 19:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-15 12:09 - 2015-01-20 19:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-15 12:09 - 2015-01-08 19:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-15 12:09 - 2015-01-08 17:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-15 12:08 - 2015-03-05 21:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-15 12:07 - 2015-02-17 19:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-15 12:07 - 2014-10-12 18:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-15 11:49 - 2015-02-21 10:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-15 11:49 - 2015-02-21 10:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-15 11:49 - 2015-02-21 10:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-15 11:49 - 2015-02-21 10:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-15 11:49 - 2015-02-21 10:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-15 11:49 - 2015-02-21 10:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-15 11:49 - 2015-02-21 10:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-15 11:49 - 2015-02-21 10:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-15 11:49 - 2015-02-21 10:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-15 11:49 - 2015-02-21 10:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-15 11:49 - 2015-02-21 10:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-15 11:49 - 2015-02-21 10:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-15 11:49 - 2015-02-21 10:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-15 11:49 - 2015-02-21 10:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-15 11:49 - 2015-02-21 10:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-15 11:49 - 2015-02-21 10:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-15 11:49 - 2015-02-21 10:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-15 11:49 - 2015-02-21 10:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-15 11:49 - 2015-02-21 10:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-15 11:49 - 2015-02-21 10:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-15 11:49 - 2015-02-21 10:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-15 11:49 - 2015-02-21 10:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-03 16:46 - 2006-11-02 03:33 - 00775406 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-03 16:44 - 2009-04-21 08:51 - 01789350 _____ () C:\Windows\WindowsUpdate.log
2015-04-03 16:38 - 2015-02-03 10:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-03 16:38 - 2006-11-02 06:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-03 16:38 - 2006-11-02 05:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-03 16:38 - 2006-11-02 05:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-03 06:52 - 2006-11-02 06:01 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-03 06:47 - 2006-11-02 05:52 - 00042734 _____ () C:\Windows\setupact.log
2015-04-03 06:41 - 2015-01-11 00:44 - 00000000 ___RD () C:\Users\joannriner\Pics
2015-04-03 06:26 - 2015-02-03 10:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 12:34 - 2015-01-13 23:10 - 00000000 ____D () C:\Users\joannriner\AppData\Local\Windows Live
2015-04-01 10:43 - 2015-01-17 12:26 - 00000000 ____D () C:\Program Files\AVS4YOU
2015-04-01 10:34 - 2015-01-10 23:34 - 00000000 ____D () C:\Users\joannriner\Documents\TOSHIBA SATELLITE L305
2015-03-31 00:54 - 2015-01-10 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-25 15:29 - 2009-06-16 11:34 - 00000000 ____D () C:\Users\joannriner
2015-03-25 14:13 - 2015-02-03 01:38 - 00000920 _____ () C:\Users\joannriner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-25 13:33 - 2015-01-10 15:12 - 00011639 _____ () C:\Windows\IE9_main.log
2015-03-25 13:32 - 2008-08-18 11:07 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-03-15 12:45 - 2015-01-08 21:19 - 00000000 ____D () C:\Program Files\Clearwire
2015-03-15 12:27 - 2006-11-02 05:47 - 00327856 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-15 12:20 - 2009-04-21 07:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-15 12:18 - 2014-08-03 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-15 12:12 - 2006-11-02 03:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Files in the root of some directories =======
2011-09-26 17:20 - 2011-09-26 17:20 - 0000680 ____R () C:\Users\joannriner\AppData\Local\d3d9caps.dat
2009-06-16 11:41 - 2015-01-08 21:13 - 0024576 ____R () C:\Users\joannriner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\joannriner\AppData\Local\Temp\jre-6u34-windows-i586-iftw.exe
C:\Users\joannriner\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\joannriner\AppData\Local\Temp\{FD8A884D-F71C-4DC0-9E66-4006480DD82D}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-03 16:46
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by joannriner at 2015-04-03 17:08:30
Running from C:\Users\joannriner\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.2 - Atheros)
Atheros Wi-Fi Protected Setup Library (HKLM\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros)
AVS Media Player 4.2.3.106 (HKLM\...\AVS Media Player_is1) (Version: 4.2.3.106 - Online Media Technologies Ltd.)
AVS Video Converter 9.0 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 9.0.1.566 - Online Media Technologies Ltd.)
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.02.03 - TOSHIBA)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.)
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java(TM) 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5599 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.08 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation)
TOSHIBA Desktop Links (HKLM\...\{E1E56B8A-1AAF-422A-91DB-625059FB9863}) (Version: 1.7 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.31.14 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM\...\{2883F6F5-0509-43F3-868C-D50330DD9DD3}) (Version: 2.00.08 - )
TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 - TOSHIBA Corporation)
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 1.1.14 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD04) - Agere Systems)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}) (Version: 2.00.04 - )
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.1.24 - TOSHIBA Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
21-02-2015 03:38:11 Scheduled Checkpoint
02-03-2015 01:46:25 Windows Update
15-03-2015 11:49:42 Windows Update
15-03-2015 12:02:44 Windows Update
15-03-2015 12:43:05 Removed CLEAR Connection Manager.
25-03-2015 08:43:52 Windows Update
25-03-2015 09:08:23 Windows Update
25-03-2015 15:19:17 Windows Update
25-03-2015 15:28:33 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Modems
25-03-2015 15:32:37 Windows Update
25-03-2015 15:34:09 Windows Update
25-03-2015 15:36:05 Windows Update
31-03-2015 01:34:36 Windows Update
02-04-2015 01:46:51 Scheduled Checkpoint
03-04-2015 06:45:41 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1EACC0DB-3753-4FCD-B320-DCAA40C7C388} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {6364DB15-0EDF-4B18-BB8A-CB8A60D0CF93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {7484D088-DB07-46D7-ADE5-A0D21973F732} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-07-13] (TOSHIBA CORPORATION)
Task: {7AD457DD-B43E-47F3-95C8-2395F93DD1B3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - joannriner => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {EF932D7E-2F8C-4B60-B13B-AFDEC4EE8348} - System32\Tasks\{1B4F7A1A-869F-4136-976E-8A3864A35561} => pcalua.exe -a "C:\Users\JOANNR~1\AppData\Local\Temp\Temporary Internet Files\Content.IE5\HF32F5AN\wmp11-windowsxp-x64-enu.exe" -d C:\Users\joannriner\Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2008-03-06 10:14 - 2008-03-06 10:14 - 05121912 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2007-12-14 21:40 - 2007-12-14 21:40 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2008-08-18 10:49 - 2006-10-10 11:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2007-12-25 12:03 - 2007-12-25 12:03 - 00015184 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 11:57 - 2006-10-07 11:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2006-12-01 17:55 - 2006-12-01 17:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2015-01-08 22:20 - 2012-01-10 22:48 - 00063488 ____R () C:\Program Files\Clearwire\ClearStick\ClearStick.exe
2012-01-09 12:28 - 2012-01-09 12:28 - 00057856 ____R () C:\Program Files\Clearwire\ClearStick\ClearStickHandler.dll
2015-03-25 09:32 - 2015-03-14 03:12 - 09278792 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-25 09:32 - 2015-03-14 03:12 - 14974280 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dl l
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3552375448-1525598448-3347412488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\joannriner\Application Data\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.43.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3552375448-1525598448-3347412488-500 - Administrator - Disabled)
Guest (S-1-5-21-3552375448-1525598448-3347412488-501 - Limited - Disabled)
joannriner (S-1-5-21-3552375448-1525598448-3347412488-1000 - Administrator - Enabled) => C:\Users\joannriner
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/03/2015 04:40:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2015 06:36:50 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=41.0.2272.101;lang=;guid=9521A03BB1164FB2873EEBD40E6D89DF;is_machine=1; oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\872dc953-d972-469c-8067-0cd7e4ae0fa9.dmp
Error: (04/02/2015 08:12:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2015 00:24:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 07:13:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 10:32:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2015 08:09:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: bd8
Start Time: 01d06c8d6187c0aa
Termination Time: 125
Error: (04/01/2015 08:07:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/31/2015 01:57:17 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=41.0.2272.101;lang=;guid=9521A03BB1164FB2873EEBD40E6D89DF;is_machine=1; oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\b4f1283a-5101-4073-96f8-a38e285c3b61.dmp
Error: (03/31/2015 01:31:56 AM) (Source: ESENT) (EventID: 490) (User: )
Description: WinMail (2800) WindowsMail0: An attempt to open the file "C:\Users\joannriner\AppData\Local\Microsoft\Windows Mail\edb.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
System errors:
=============
Error: (04/03/2015 06:52:19 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
Error: (04/02/2015 00:32:46 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.195.1215.0
Update Source: %NT AUTHORITY59
Update Stage: 4.7.0205.00
Source Path: 4.7.0205.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (04/01/2015 10:31:37 AM) (Source: Microsoft-Windows-ResourcePublication) (EventID: 1002) (User: NT AUTHORITY)
Description: Provider\Microsoft.Base.Publication/Publication/Computer
Error: (04/01/2015 08:05:56 AM) (Source: Microsoft-Windows-ResourcePublication) (EventID: 1002) (User: NT AUTHORITY)
Description: Provider\Microsoft.Base.Publication/Publication/Computer
Error: (03/31/2015 00:55:18 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.195.282.0
Update Source: %NT AUTHORITY59
Update Stage: 4.7.0205.00
Source Path: 4.7.0205.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (03/25/2015 03:40:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x800f020bSAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile USB Modem{337EAFEF-DE38-4F7E-A7B8-F1E587A051BA}200
Error: (03/25/2015 03:36:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070103SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile USB Modem{337EAFEF-DE38-4F7E-A7B8-F1E587A051BA}200
Error: (03/25/2015 03:34:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070103SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile USB Modem{337EAFEF-DE38-4F7E-A7B8-F1E587A051BA}200
Error: (03/25/2015 02:00:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWFailureCommand%%5
Error: (03/25/2015 02:00:39 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5
Microsoft Office Sessions:
=========================
Error: (05/09/2010 09:49:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-01-07 23:06:30.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-07 23:06:30.420
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-07 23:06:30.186
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-07 23:06:29.967
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-07 23:06:29.655
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 62%
Total physical RAM: 1915.25 MB
Available physical RAM: 725.95 MB
Total Pagefile: 4075.79 MB
Available Pagefile: 2752.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.95 MB
==================== Drives ================================
Drive c: (SQ004816V03) (Fixed) (Total:140.34 GB) (Free:90.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 3FF3ADBC)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=140.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=7.2 GB) - (Type=17)
==================== End Of Log ============================