Hi. I hope I've done everything correctly. Did you want me to run FRST after I installed re-stalled Chrome? I wasn't sure so I did both. The first is without Chrome and the second is with Chrome, followed by the Addition with Chrome.
There doesn't seem to be a change in my machine. Chrome still will not open.
Thank you.
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 10/24/2014 8:28:42 AM, SYSTEM, BRYAN-PC, Manual, Rootkit Database, 2014.9.18.1, 2014.10.22.1,
Update, 10/24/2014 8:28:48 AM, SYSTEM, BRYAN-PC, Manual, Malware Database, 2014.9.19.5, 2014.10.24.4,
(end)
FRST without Chrome
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2014
Ran by Bryan (administrator) on BRYAN-PC on 27-10-2014 09:34:27
Running from C:\Users\Bryan.Bryan-PC\Desktop
Loaded Profile: Bryan (Available profiles: Kate & Natalie & Sara & Bryan & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\SMINST\BLService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Viewpoint Corporation) C:\Program Files\Viewpoint\Common\ViewpointService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-06-12] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-05-12] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-16] (AVAST Software)
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-02-26] (Hewlett-Packard Company)
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-04] (Google Inc.)
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-09-18] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\Users\Kate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
AOL - News, Sports, Weather, Entertainment, Local & Lifestyle
SearchScopes: HKLM - {5DB6D26C-B21C-43F9-B61F-D52F406DF942} URL =
{searchTerms} - Yahoo Search Results
SearchScopes: HKCU - DefaultScope {7CB736E5-F6E5-43A1-8013-4F0D7F563FD6} URL =
https://search.yahoo.com/search?fr=mcafee&type=B010US0D20131115&p={SearchTerms}
SearchScopes: HKCU - {7CB736E5-F6E5-43A1-8013-4F0D7F563FD6} URL =
https://search.yahoo.com/search?fr=mcafee&type=B010US0D20131115&p={SearchTerms}
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945}
http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4bc0aguf.default-1344826461195
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer,version=1.18.9 -> C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Musicnotes\npsibelius.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Bryan.Bryan-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Panda3D Game Engine Plug-In - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\runtime@panda3d.org [2011-03-06]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-24]
FF Extension: No Name - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash [2011-01-24]
FF Extension: Yahoo! Toolbar - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-05-18]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4bc0aguf.default-1344826461195\Extensions\firefox-hotfix@mozilla.org.xpi [2014-09-04]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008-06-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-02]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-11-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-09-05]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-08-16] (AVAST Software)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [450904 2014-09-18] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-02-26] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [24652 2007-01-04] (Viewpoint Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-16] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2013-09-23] (
libusb-win32 / Wiki / Home)
R3 OA004Ufd; C:\Windows\System32\DRIVERS\OA004Ufd.sys [144672 2008-06-03] (Creative Technology Ltd.)
R3 OA004Vid; C:\Windows\System32\DRIVERS\OA004Vid.sys [269760 2008-07-17] (Creative Technology Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-01-10] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-24 08:28 - 2014-10-27 09:32 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 08:27 - 2014-10-24 08:27 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-24 08:27 - 2014-10-24 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 08:27 - 2014-10-24 08:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 08:27 - 2014-10-24 08:27 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-24 08:27 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-24 08:27 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-24 08:27 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-24 08:24 - 2014-10-24 08:25 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Bryan.Bryan-PC\Desktop\mbam-setup-2.0.3.1025.exe
2014-10-22 15:43 - 2014-10-26 18:22 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\Desktop\FRST-OlderVersion
2014-10-21 15:17 - 2014-10-24 09:37 - 00027635 _____ () C:\Users\Bryan.Bryan-PC\Desktop\Addition.txt
2014-10-21 15:16 - 2014-10-27 09:34 - 00021158 _____ () C:\Users\Bryan.Bryan-PC\Desktop\FRST.txt
2014-10-21 15:16 - 2014-10-27 09:34 - 00000000 ____D () C:\FRST
2014-10-21 15:14 - 2014-10-21 15:14 - 01102336 _____ (Farbar) C:\Users\Bryan.Bryan-PC\Downloads\FRST.exe
2014-10-21 15:13 - 2014-10-26 18:22 - 01104896 _____ (Farbar) C:\Users\Bryan.Bryan-PC\Desktop\FRST.exe
2014-10-20 18:42 - 2014-10-20 18:42 - 00005063 _____ () C:\Users\Bryan.Bryan-PC\Desktop\ark.zip
2014-10-20 18:40 - 2014-10-20 18:40 - 00025910 _____ () C:\Users\Bryan.Bryan-PC\Desktop\ark.txt
2014-10-20 08:49 - 2014-10-20 08:49 - 00370943 _____ () C:\Users\Bryan.Bryan-PC\Desktop\gmer.zip
2014-10-20 08:44 - 2014-10-20 08:44 - 00006515 _____ () C:\Users\Bryan.Bryan-PC\Desktop\attach.txt
2014-10-20 08:44 - 2014-10-20 08:42 - 00016866 _____ () C:\Users\Bryan.Bryan-PC\Desktop\dds.txt
2014-10-20 08:38 - 2014-10-20 08:38 - 00688992 ____R (Swearware) C:\Users\Bryan.Bryan-PC\Desktop\dds.scr
2014-10-19 20:33 - 2014-06-15 18:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-19 20:33 - 2014-06-13 14:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-19 20:33 - 2014-06-13 14:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-19 20:28 - 2014-09-27 19:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-19 20:11 - 2014-09-04 19:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-19 20:08 - 2014-09-16 12:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-19 19:17 - 2014-09-19 18:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-19 19:17 - 2014-09-19 18:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-19 19:17 - 2014-09-19 18:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-19 19:17 - 2014-09-19 18:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-19 19:17 - 2014-09-19 18:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-19 19:17 - 2014-09-19 18:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-19 19:17 - 2014-09-19 18:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-19 19:17 - 2014-09-19 18:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-19 19:17 - 2014-09-19 18:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-19 19:17 - 2014-09-19 18:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-19 19:17 - 2014-09-19 18:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-19 19:17 - 2014-09-19 18:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 19:21 - 2014-10-14 19:21 - 00015872 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 final.xls
2014-10-12 10:36 - 2014-10-12 10:36 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\Garmin
2014-10-12 10:34 - 2014-10-12 10:34 - 00000000 ____D () C:\ProgramData\Ant
2014-10-12 10:32 - 2014-10-12 10:32 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Roaming\Garmin
2014-10-12 10:31 - 2014-10-12 10:36 - 00000000 ____D () C:\ProgramData\Garmin
2014-10-12 10:31 - 2014-10-12 10:32 - 00000000 ____D () C:\Program Files\Garmin
2014-10-12 10:31 - 2014-10-12 10:31 - 00001725 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-10-12 10:31 - 2014-10-12 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-10-12 10:29 - 2014-10-12 10:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-12 10:26 - 2014-10-12 10:27 - 36034936 _____ (Garmin Ltd or its subsidiaries) C:\Users\Bryan.Bryan-PC\Downloads\GarminExpressInstaller (1).exe
2014-10-12 10:25 - 2014-10-12 10:26 - 36034936 _____ (Garmin Ltd or its subsidiaries) C:\Users\Bryan.Bryan-PC\Downloads\GarminExpressInstaller.exe
2014-10-09 20:07 - 2014-10-09 20:07 - 00118272 _____ () C:\Users\Bryan.Bryan-PC\Downloads\PRC 2015-2016.xls
2014-10-09 16:25 - 2014-10-09 16:26 - 00012138 _____ () C:\Users\Bryan.Bryan-PC\Downloads\2015-2016 Play Selection (1).xlsx
2014-10-07 17:45 - 2014-10-07 17:45 - 00035328 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 draft-Tim.xls.crdownload
2014-10-07 11:05 - 2014-10-07 11:05 - 00021504 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 draft.xls
2014-10-07 11:05 - 2014-10-07 11:05 - 00021504 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 draft (1).xls
2014-10-06 11:54 - 2014-10-06 11:54 - 00055948 _____ () C:\Users\Bryan.Bryan-PC\Downloads\100614-DASHassignments.xlsx
2014-10-03 19:28 - 2014-10-03 19:28 - 00233054 _____ () C:\Users\Sara.Bryan-PC\Downloads\kimbum577 sent you a new message..htm
2014-10-03 19:28 - 2014-10-03 19:28 - 00000000 ____D () C:\Users\Sara.Bryan-PC\Downloads\kimbum577 sent you a new message._files
2014-10-01 08:47 - 2014-10-01 08:47 - 00012138 _____ () C:\Users\Bryan.Bryan-PC\Downloads\2015-2016 Play Selection.xlsx
2014-09-29 17:44 - 2014-09-29 17:44 - 00248320 _____ () C:\Users\Bryan.Bryan-PC\Downloads\PRC 2014 20140117 (1).xls
2014-09-29 17:43 - 2014-09-29 17:43 - 00248320 _____ () C:\Users\Bryan.Bryan-PC\Downloads\PRC 2014 20140117.xls
2014-09-28 15:04 - 2014-09-28 15:04 - 00036335 _____ () C:\Users\Bryan.Bryan-PC\Downloads\2013 DASH Ballot - PLAY (with avg).xlsx
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-27 09:35 - 2010-01-29 21:35 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 08:46 - 2012-04-12 13:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-27 08:33 - 2008-09-26 10:34 - 02091410 _____ () C:\Windows\WindowsUpdate.log
2014-10-27 08:25 - 2006-11-02 08:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-27 08:25 - 2006-11-02 08:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 18:43 - 2010-01-29 21:35 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 18:43 - 2008-09-26 11:23 - 00000284 _____ () C:\Users\Public\Documents\hpqp.ini
2014-10-26 18:26 - 2013-10-13 14:07 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-26 18:25 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 18:24 - 2006-11-02 09:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-25 09:02 - 2011-01-09 19:05 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\Google
2014-10-25 09:02 - 2008-12-31 13:11 - 00000000 ____D () C:\Program Files\Google
2014-10-24 09:23 - 2014-03-01 10:55 - 00029124 _____ () C:\Windows\PFRO.log
2014-10-24 09:23 - 2006-11-02 08:47 - 00341368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-24 09:20 - 2008-06-27 13:49 - 00000000 ____D () C:\ProgramData\WildTangent
2014-10-24 04:57 - 2011-01-09 19:03 - 00090720 _____ () C:\Users\Bryan.Bryan-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-23 15:11 - 2008-06-27 14:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-22 16:51 - 2014-03-05 17:22 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-10-20 09:41 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-20 08:50 - 2014-01-28 18:36 - 00380416 _____ () C:\Users\Bryan.Bryan-PC\Desktop\gmer.exe
2014-10-20 07:31 - 2011-12-25 21:32 - 00000000 ____D () C:\Program Files\McAfee
2014-10-20 07:30 - 2010-07-04 09:22 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-19 20:26 - 2013-08-14 03:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-19 20:12 - 2006-11-02 06:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-19 19:06 - 2013-09-23 00:15 - 00001844 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-19 18:53 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-19 18:53 - 2006-11-02 06:22 - 55574528 _____ () C:\Windows\system32\config\software_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 47448064 _____ () C:\Windows\system32\config\components_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 43515904 _____ () C:\Windows\system32\config\system_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 00204800 _____ () C:\Windows\system32\config\sam_previous
2014-10-19 18:52 - 2011-01-09 19:02 - 00000000 ____D () C:\Users\Bryan.Bryan-PC
2014-10-19 18:52 - 2010-12-18 14:38 - 00000000 ____D () C:\Users\Sara.Bryan-PC
2014-10-19 18:52 - 2010-06-14 15:42 - 00000000 ____D () C:\Users\Guest
2014-10-19 18:52 - 2010-06-12 07:53 - 00000000 ____D () C:\Users\Sara
2014-10-19 18:52 - 2010-06-11 09:01 - 00000000 ____D () C:\Users\Natalie
2014-10-19 18:52 - 2008-10-25 21:09 - 00000000 ____D () C:\Users\Kate
2014-10-19 18:52 - 2008-10-25 19:59 - 00000000 ____D () C:\Users\Bryan
2014-10-19 18:51 - 2012-11-17 10:09 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\QuickPlay
2014-10-19 18:51 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\spool
2014-10-19 18:51 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\registration
2014-10-12 17:53 - 2014-08-30 11:31 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\Adobe
2014-10-12 10:33 - 2010-09-04 08:28 - 00000000 ____D () C:\Program Files\DIFX
2014-10-06 07:09 - 2008-12-31 13:24 - 00000000 ____D () C:\Users\Kate\AppData\Roaming\Skype
2014-10-05 11:43 - 2008-10-25 21:09 - 00090720 _____ () C:\Users\Kate\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-02 17:55 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
2014-10-02 15:53 - 2009-10-03 02:28 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 20:00 - 2010-12-18 14:39 - 00090720 _____ () C:\Users\Sara.Bryan-PC\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-27 06:45
==================== End Of Log ============================
FRST With Chrome
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2014
Ran by Bryan (administrator) on BRYAN-PC on 27-10-2014 10:05:51
Running from C:\Users\Bryan.Bryan-PC\Desktop
Loaded Profile: Bryan (Available profiles: Kate & Natalie & Sara & Bryan & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\SMINST\BLService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Viewpoint Corporation) C:\Program Files\Viewpoint\Common\ViewpointService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-06-12] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-05-12] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-16] (AVAST Software)
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-02-26] (Hewlett-Packard Company)
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-04] (Google Inc.)
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-09-18] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1004199723-1386826489-637112434-1006\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\Users\Kate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
AOL - News, Sports, Weather, Entertainment, Local & Lifestyle
SearchScopes: HKLM - {5DB6D26C-B21C-43F9-B61F-D52F406DF942} URL =
{searchTerms} - Yahoo Search Results
SearchScopes: HKCU - DefaultScope {7CB736E5-F6E5-43A1-8013-4F0D7F563FD6} URL =
https://search.yahoo.com/search?fr=mcafee&type=B010US0D20131115&p={SearchTerms}
SearchScopes: HKCU - {7CB736E5-F6E5-43A1-8013-4F0D7F563FD6} URL =
https://search.yahoo.com/search?fr=mcafee&type=B010US0D20131115&p={SearchTerms}
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945}
http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4bc0aguf.default-1344826461195
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer,version=1.18.9 -> C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Musicnotes\npsibelius.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Bryan.Bryan-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Panda3D Game Engine Plug-In - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\runtime@panda3d.org [2011-03-06]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-24]
FF Extension: No Name - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash [2011-01-24]
FF Extension: Yahoo! Toolbar - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9tqfcy1m.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-05-18]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Bryan.Bryan-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4bc0aguf.default-1344826461195\Extensions\firefox-hotfix@mozilla.org.xpi [2014-09-04]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008-06-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-02]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-11-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-09-05]
Chrome:
=======
CHR Profile: C:\Users\Bryan.Bryan-PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Bryan.Bryan-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-27]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-08-16] (AVAST Software)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [450904 2014-09-18] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-02-26] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [24652 2007-01-04] (Viewpoint Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-16] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2013-09-23] (
libusb-win32 / Wiki / Home)
R3 OA004Ufd; C:\Windows\System32\DRIVERS\OA004Ufd.sys [144672 2008-06-03] (Creative Technology Ltd.)
R3 OA004Vid; C:\Windows\System32\DRIVERS\OA004Vid.sys [269760 2008-07-17] (Creative Technology Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-01-10] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-27 10:01 - 2014-10-27 10:01 - 00001931 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 10:01 - 2014-10-27 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-24 08:28 - 2014-10-27 09:32 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 08:27 - 2014-10-24 08:27 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-24 08:27 - 2014-10-24 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 08:27 - 2014-10-24 08:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 08:27 - 2014-10-24 08:27 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-24 08:27 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-24 08:27 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-24 08:27 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-24 08:24 - 2014-10-24 08:25 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Bryan.Bryan-PC\Desktop\mbam-setup-2.0.3.1025.exe
2014-10-22 15:43 - 2014-10-26 18:22 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\Desktop\FRST-OlderVersion
2014-10-21 15:17 - 2014-10-27 09:37 - 00026799 _____ () C:\Users\Bryan.Bryan-PC\Desktop\Addition.txt
2014-10-21 15:16 - 2014-10-27 10:06 - 00021613 _____ () C:\Users\Bryan.Bryan-PC\Desktop\FRST.txt
2014-10-21 15:16 - 2014-10-27 10:05 - 00000000 ____D () C:\FRST
2014-10-21 15:14 - 2014-10-21 15:14 - 01102336 _____ (Farbar) C:\Users\Bryan.Bryan-PC\Downloads\FRST.exe
2014-10-21 15:13 - 2014-10-26 18:22 - 01104896 _____ (Farbar) C:\Users\Bryan.Bryan-PC\Desktop\FRST.exe
2014-10-20 18:42 - 2014-10-20 18:42 - 00005063 _____ () C:\Users\Bryan.Bryan-PC\Desktop\ark.zip
2014-10-20 18:40 - 2014-10-20 18:40 - 00025910 _____ () C:\Users\Bryan.Bryan-PC\Desktop\ark.txt
2014-10-20 08:49 - 2014-10-20 08:49 - 00370943 _____ () C:\Users\Bryan.Bryan-PC\Desktop\gmer.zip
2014-10-20 08:44 - 2014-10-20 08:44 - 00006515 _____ () C:\Users\Bryan.Bryan-PC\Desktop\attach.txt
2014-10-20 08:44 - 2014-10-20 08:42 - 00016866 _____ () C:\Users\Bryan.Bryan-PC\Desktop\dds.txt
2014-10-20 08:38 - 2014-10-20 08:38 - 00688992 ____R (Swearware) C:\Users\Bryan.Bryan-PC\Desktop\dds.scr
2014-10-19 20:33 - 2014-06-15 18:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-19 20:33 - 2014-06-13 14:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-19 20:33 - 2014-06-13 14:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-19 20:28 - 2014-09-27 19:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-19 20:11 - 2014-09-04 19:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-19 20:08 - 2014-09-16 12:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-19 19:17 - 2014-09-19 18:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-19 19:17 - 2014-09-19 18:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-19 19:17 - 2014-09-19 18:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-19 19:17 - 2014-09-19 18:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-19 19:17 - 2014-09-19 18:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-19 19:17 - 2014-09-19 18:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-19 19:17 - 2014-09-19 18:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-19 19:17 - 2014-09-19 18:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-19 19:17 - 2014-09-19 18:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-19 19:17 - 2014-09-19 18:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-19 19:17 - 2014-09-19 18:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-19 19:17 - 2014-09-19 18:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-19 19:17 - 2014-09-19 18:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-19 19:17 - 2014-09-19 18:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 19:21 - 2014-10-14 19:21 - 00015872 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 final.xls
2014-10-12 10:36 - 2014-10-12 10:36 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\Garmin
2014-10-12 10:34 - 2014-10-12 10:34 - 00000000 ____D () C:\ProgramData\Ant
2014-10-12 10:32 - 2014-10-12 10:32 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Roaming\Garmin
2014-10-12 10:31 - 2014-10-12 10:36 - 00000000 ____D () C:\ProgramData\Garmin
2014-10-12 10:31 - 2014-10-12 10:32 - 00000000 ____D () C:\Program Files\Garmin
2014-10-12 10:31 - 2014-10-12 10:31 - 00001725 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-10-12 10:31 - 2014-10-12 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-10-12 10:29 - 2014-10-12 10:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-12 10:26 - 2014-10-12 10:27 - 36034936 _____ (Garmin Ltd or its subsidiaries) C:\Users\Bryan.Bryan-PC\Downloads\GarminExpressInstaller (1).exe
2014-10-12 10:25 - 2014-10-12 10:26 - 36034936 _____ (Garmin Ltd or its subsidiaries) C:\Users\Bryan.Bryan-PC\Downloads\GarminExpressInstaller.exe
2014-10-09 20:07 - 2014-10-09 20:07 - 00118272 _____ () C:\Users\Bryan.Bryan-PC\Downloads\PRC 2015-2016.xls
2014-10-09 16:25 - 2014-10-09 16:26 - 00012138 _____ () C:\Users\Bryan.Bryan-PC\Downloads\2015-2016 Play Selection (1).xlsx
2014-10-07 17:45 - 2014-10-07 17:45 - 00035328 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 draft-Tim.xls.crdownload
2014-10-07 11:05 - 2014-10-07 11:05 - 00021504 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 draft.xls
2014-10-07 11:05 - 2014-10-07 11:05 - 00021504 _____ () C:\Users\Bryan.Bryan-PC\Downloads\Cut to 30 draft (1).xls
2014-10-06 11:54 - 2014-10-06 11:54 - 00055948 _____ () C:\Users\Bryan.Bryan-PC\Downloads\100614-DASHassignments.xlsx
2014-10-03 19:28 - 2014-10-03 19:28 - 00233054 _____ () C:\Users\Sara.Bryan-PC\Downloads\kimbum577 sent you a new message..htm
2014-10-03 19:28 - 2014-10-03 19:28 - 00000000 ____D () C:\Users\Sara.Bryan-PC\Downloads\kimbum577 sent you a new message._files
2014-10-01 08:47 - 2014-10-01 08:47 - 00012138 _____ () C:\Users\Bryan.Bryan-PC\Downloads\2015-2016 Play Selection.xlsx
2014-09-29 17:44 - 2014-09-29 17:44 - 00248320 _____ () C:\Users\Bryan.Bryan-PC\Downloads\PRC 2014 20140117 (1).xls
2014-09-29 17:43 - 2014-09-29 17:43 - 00248320 _____ () C:\Users\Bryan.Bryan-PC\Downloads\PRC 2014 20140117.xls
2014-09-28 15:04 - 2014-09-28 15:04 - 00036335 _____ () C:\Users\Bryan.Bryan-PC\Downloads\2013 DASH Ballot - PLAY (with avg).xlsx
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-27 10:01 - 2011-01-09 19:05 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\Google
2014-10-27 10:01 - 2008-12-31 13:11 - 00000000 ____D () C:\Program Files\Google
2014-10-27 09:46 - 2012-04-12 13:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-27 09:35 - 2010-01-29 21:35 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 08:33 - 2008-09-26 10:34 - 02091410 _____ () C:\Windows\WindowsUpdate.log
2014-10-27 08:25 - 2006-11-02 08:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-27 08:25 - 2006-11-02 08:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 18:43 - 2010-01-29 21:35 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 18:43 - 2008-09-26 11:23 - 00000284 _____ () C:\Users\Public\Documents\hpqp.ini
2014-10-26 18:26 - 2013-10-13 14:07 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-26 18:25 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 18:24 - 2006-11-02 09:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-24 09:23 - 2014-03-01 10:55 - 00029124 _____ () C:\Windows\PFRO.log
2014-10-24 09:23 - 2006-11-02 08:47 - 00341368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-24 09:20 - 2008-06-27 13:49 - 00000000 ____D () C:\ProgramData\WildTangent
2014-10-24 04:57 - 2011-01-09 19:03 - 00090720 _____ () C:\Users\Bryan.Bryan-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-23 15:11 - 2008-06-27 14:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-22 16:51 - 2014-03-05 17:22 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-10-20 09:41 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-20 08:50 - 2014-01-28 18:36 - 00380416 _____ () C:\Users\Bryan.Bryan-PC\Desktop\gmer.exe
2014-10-20 07:31 - 2011-12-25 21:32 - 00000000 ____D () C:\Program Files\McAfee
2014-10-20 07:30 - 2010-07-04 09:22 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-19 20:26 - 2013-08-14 03:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-19 20:12 - 2006-11-02 06:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-19 19:06 - 2013-09-23 00:15 - 00001844 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-19 18:53 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-19 18:53 - 2006-11-02 06:22 - 55574528 _____ () C:\Windows\system32\config\software_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 47448064 _____ () C:\Windows\system32\config\components_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 43515904 _____ () C:\Windows\system32\config\system_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-10-19 18:53 - 2006-11-02 06:22 - 00204800 _____ () C:\Windows\system32\config\sam_previous
2014-10-19 18:52 - 2011-01-09 19:02 - 00000000 ____D () C:\Users\Bryan.Bryan-PC
2014-10-19 18:52 - 2010-12-18 14:38 - 00000000 ____D () C:\Users\Sara.Bryan-PC
2014-10-19 18:52 - 2010-06-14 15:42 - 00000000 ____D () C:\Users\Guest
2014-10-19 18:52 - 2010-06-12 07:53 - 00000000 ____D () C:\Users\Sara
2014-10-19 18:52 - 2010-06-11 09:01 - 00000000 ____D () C:\Users\Natalie
2014-10-19 18:52 - 2008-10-25 21:09 - 00000000 ____D () C:\Users\Kate
2014-10-19 18:52 - 2008-10-25 19:59 - 00000000 ____D () C:\Users\Bryan
2014-10-19 18:51 - 2012-11-17 10:09 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\QuickPlay
2014-10-19 18:51 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\spool
2014-10-19 18:51 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\registration
2014-10-12 17:53 - 2014-08-30 11:31 - 00000000 ____D () C:\Users\Bryan.Bryan-PC\AppData\Local\Adobe
2014-10-12 10:33 - 2010-09-04 08:28 - 00000000 ____D () C:\Program Files\DIFX
2014-10-06 07:09 - 2008-12-31 13:24 - 00000000 ____D () C:\Users\Kate\AppData\Roaming\Skype
2014-10-05 11:43 - 2008-10-25 21:09 - 00090720 _____ () C:\Users\Kate\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-02 17:55 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
2014-10-02 15:53 - 2009-10-03 02:28 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 20:00 - 2010-12-18 14:39 - 00090720 _____ () C:\Users\Sara.Bryan-PC\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-27 06:45
==================== End Of Log ============================
Addition With Chrome
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-10-2014
Ran by Bryan at 2014-10-27 10:07:24
Running from C:\Users\Bryan.Bryan-PC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Elevated Installer (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Garmin Express (HKLM\...\{447c27b7-3a63-4cb2-a49c-864050f9a50f}) (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Bryan.Bryan-PC\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1004199723-1386826489-637112434-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bryan.Bryan-PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
07-10-2014 15:13:18 Windows Update
10-10-2014 23:57:11 Windows Update
12-10-2014 14:28:47 Garmin Express
12-10-2014 14:29:46 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
12-10-2014 14:32:47 Device Driver Package Install: Silicon Labs Software Universal Serial Bus controllers
12-10-2014 14:33:32 Device Driver Package Install: Dynastream Innovations, Inc.
14-10-2014 16:41:55 Windows Update
15-10-2014 07:00:40 Windows Update
16-10-2014 21:16:17 Scheduled Checkpoint
18-10-2014 17:35:42 Windows Update
19-10-2014 22:41:53 Restore Operation
19-10-2014 22:58:37 avast! antivirus system restore point
19-10-2014 23:17:04 Windows Update
20-10-2014 00:08:08 Windows Update
20-10-2014 23:51:41 Scheduled Checkpoint
21-10-2014 12:18:46 Scheduled Checkpoint
22-10-2014 04:00:00 Scheduled Checkpoint
22-10-2014 20:59:17 Scheduled Checkpoint
24-10-2014 04:00:02 Scheduled Checkpoint
24-10-2014 06:28:33 Windows Update
25-10-2014 04:00:04 Scheduled Checkpoint
26-10-2014 13:27:40 Scheduled Checkpoint
27-10-2014 04:00:00 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2012-09-05 12:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A970331-AE5E-461E-8C56-48EDD7D6F7D9} - System32\Tasks\{FECEEC9E-93D7-4BD7-B794-59B5F943D3F5} => Firefox.exe
Download Skype for Desktop
Task: {1498BFFF-D265-4059-ACB2-FFE74AA9CA31} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2119D350-2BBC-4395-9EFC-8D6CF3C7E060} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {302AF56C-4DBB-47E7-9042-07F674475AE5} - System32\Tasks\{2E46173B-5F80-47FD-BE77-3D450D1458AB} => Firefox.exe
Download Skype for Desktop
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3EA4A971-3197-4A7F-8A2D-E97F079A1953} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-08-16] (AVAST Software)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {51B0F3C7-5CB0-4920-B2FB-58214E439A51} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {6945A045-DE76-4BDE-A58D-80DBE6875F44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6E5F8B9C-4517-4A5B-A742-A1ACEC1FD479} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-09-18] ()
Task: {7124A541-3A78-4D39-AB40-882FCB0E5D86} - System32\Tasks\{88028225-927A-4D10-9D9B-F0EB7AAE3DF8} => Iexplore.exe
Download Skype for Desktop
Task: {778DE6FE-01D4-4F48-80AB-046A2E5AA2D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate
Task: {B52D8C33-5879-4739-A2DC-433A6EDDA05E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {C11C1D5C-1D97-4CDE-92A3-6304805F9BBB} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {D4C73C40-F3A5-4646-8E83-63B4BAB20360} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {EFDC0884-E8FF-4A3B-933C-34F13D244334} - System32\Tasks\{8B9A5D3D-09A8-433B-B72C-A0B5F6711302} => Iexplore.exe
Download Skype for Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-05 20:27 - 2014-08-16 16:31 - 00301152 _____ () C:\Program Files\Alwil Software\Avast5\aswProperty.dll
2014-10-27 06:27 - 2014-10-27 06:27 - 02898432 _____ () C:\Program Files\Alwil Software\Avast5\defs\14102700\algo.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-06-27 14:46 - 2008-04-26 04:15 - 00361808 _____ () C:\Windows\SMINST\BLService.exe
2008-06-27 14:46 - 2007-11-15 04:46 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2014-02-28 12:34 - 2014-08-16 16:32 - 19329904 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2014-02-01 13:30 - 2014-02-01 13:30 - 00861184 _____ () C:\Program Files\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
2007-07-12 15:55 - 2007-07-12 15:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 15:59 - 2007-08-14 15:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 15:55 - 2007-07-12 15:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2008-06-27 13:46 - 2008-04-11 12:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname (2).eml:OECustomProperty
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname (3).eml:OECustomProperty
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname (4).eml:OECustomProperty
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname (5).eml:OECustomProperty
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname (6).eml:OECustomProperty
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname (7).eml:OECustomProperty
AlternateDataStreams: C:\Users\Bryan.Bryan-PC\Downloads\noname.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1004199723-1386826489-637112434-500 - Administrator - Disabled)
Bryan (S-1-5-21-1004199723-1386826489-637112434-1006 - Administrator - Enabled) => C:\Users\Bryan.Bryan-PC
Guest (S-1-5-21-1004199723-1386826489-637112434-501 - Limited - Enabled) => C:\Users\Guest
Kate (S-1-5-21-1004199723-1386826489-637112434-1001 - Administrator - Enabled) => C:\Users\Kate
Natalie (S-1-5-21-1004199723-1386826489-637112434-1003 - Limited - Enabled) => C:\Users\Natalie
Sara (S-1-5-21-1004199723-1386826489-637112434-1004 - Limited - Enabled) => C:\Users\Sara.Bryan-PC
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/27/2014 10:03:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.104, time stamp 0x5437298b, faulting module chrome.dll, version 38.0.2125.104, time stamp 0x543726b0, exception code 0xc0000005, fault offset 0x007df95f,
process id 0x940, application start time 0xchrome.exe0.
Error: (10/27/2014 10:03:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.104, time stamp 0x5437298b, faulting module YCWebCameraSource.ax, version 2.0.0.1427, time stamp 0x47c5225b, exception code 0xc0000005, fault offset 0x00014aee,
process id 0x940, application start time 0xchrome.exe0.
Error: (10/27/2014 10:03:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.104, time stamp 0x5437298b, faulting module YCWebCameraSource.ax, version 2.0.0.1427, time stamp 0x47c5225b, exception code 0xc0000005, fault offset 0x00014aee,
process id 0xd50, application start time 0xchrome.exe0.
Error: (10/27/2014 10:02:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.104, time stamp 0x5437298b, faulting module YCWebCameraSource.ax, version 2.0.0.1427, time stamp 0x47c5225b, exception code 0xc0000005, fault offset 0x00014aee,
process id 0x16e4, application start time 0xchrome.exe0.
Error: (10/26/2014 06:26:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/24/2014 09:29:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.104, time stamp 0x5437298b, faulting module YCWebCameraSource.ax, version 2.0.0.1427, time stamp 0x47c5225b, exception code 0xc0000005, fault offset 0x00014aee,
process id 0x9c0, application start time 0xchrome.exe0.
Error: (10/24/2014 09:28:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.104, time stamp 0x5437298b, faulting module YCWebCameraSource.ax, version 2.0.0.1427, time stamp 0x47c5225b, exception code 0xc0000005, fault offset 0x00014aee,
process id 0xe78, application start time 0xchrome.exe0.
Error: (10/24/2014 09:24:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/24/2014 08:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.104, time stamp 0x5437298b, faulting module YCWebCameraSource.ax, version 2.0.0.1427, time stamp 0x47c5225b, exception code 0xc0000005, fault offset 0x00014aee,
process id 0x5a80, application start time 0xchrome.exe0.
Error: (10/22/2014 05:21:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16584, time stamp 0x541caffd, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x08f90fd0,
process id 0x1658, application start time 0xiexplore.exe0.
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-10-27 10:06:59.063
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 10:06:57.634
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 10:06:56.210
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 10:06:54.914
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 10:06:53.117
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 10:06:51.525
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 10:06:50.155
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 10:06:48.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 09:35:57.274
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-27 09:35:55.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 58%
Total physical RAM: 3002.45 MB
Available physical RAM: 1247.96 MB
Total Pagefile: 6215.12 MB
Available Pagefile: 4411.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.02 GB) (Free:91.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (PRESARIO_RP) (Fixed) (Total:9.86 GB) (Free:1.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 2F41570E)
Partition 1: (Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================