1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Powershell Not Working Windows 7

Discussion in 'Virus & Other Malware Removal' started by teddidit, Dec 30, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz, Intel64 Family 6 Model 23 Stepping 10
    Processor Count: 2
    RAM: 3999 Mb
    Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1807 Mb
    Hard Drives: C: Total - 225246 MB, Free - 137754 MB; D: Total - 13026 MB, Free - 2178 MB;
    Motherboard: Quanta, 3627
    Antivirus: avast! Antivirus, Updated and Enabled

    I get all kinds of error messages on HP laptop. Called Kaspersky for help. They told me my OS is infected with malware and I need their $299 fix. Ouch. Get popup all the time with Powershell not working. Get messages all the time Can't open the page. Got lots of blocks from AVAST popping up. I am NOT computer savvy so any help must be very detailed basic instructions - do this, then click here and do that. Thanks anyone and everyone for help.

    Oh, one more oddity. If I turn on the internet on this computer my ipad won't work online. Can this be possible?
     
  2. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Hi teddidit,

    Welcome to Tech Support Guy. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:
    • As I am in the final phase of training right now, my responses to you may be delayed slightly as they have to be checked by my adviser (good news for you, as there will be two sets of eyes fixing your problem). I promise to be as prompt as possible in helping you, so please bear with me and we will get through this.
    • Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
    • All of the assistants and staff at Tech Support Guy are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date.
    • Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
    • If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
    • While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
    • Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
    • Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.

      - Save ALL Tools to your Desktop-
      All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

      Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
      [​IMG]Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.[​IMG] Choose Settings. at the bottom of the screen click the
      "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
      [​IMG]Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. [​IMG] Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
      and the click the "Select Folder" button. Click OK to get out of the Options menu.
      [​IMG]Internet Explorer - Click the Tools menu in the upper right-corner of the browser. [​IMG] Select View downloads. Select the Options link in the lower left of the window. Click Browse and
      select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
      NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
    Let's get started....


    Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.

    • Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • If an update is available, the program will inform you and download the update. Allow it do this please.
    • Press the Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST64.exe). Please also paste that along with the FRST.txt into your reply.
     
  3. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
    Ran by Admin (administrator) on ADMIN-PC on 31-12-2014 15:17:02
    Running from C:\Users\Admin\Desktop
    Loaded Profile: Admin (Available profiles: Admin)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
    (Hewlett-Packard) C:\Windows\System32\hpservice.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
    (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
    (SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
    (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
    () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\ToolbarUpdater.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\loggingserver.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    (CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    () C:\Program Files (x86)\OtShot\otshot.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\NAPSTAT.EXE
    (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\systray.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\NAPSTAT.EXE
    (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\shrpubw.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmmon32.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
    HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-09] (Sun Microsystems, Inc.)
    HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
    HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
    HKLM-x32\...\Run: [OtShot] => C:\Program Files (x86)\OtShot\otshot.exe [4386816 2012-10-18] ()
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-22] (AVAST Software)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\Policies\system: [WallpaperStyle] 2
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\MountPoints2: {3359ed9a-892d-11e0-ba9d-806e6f6e6963} - F:\WIN\setup.exe
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!
    HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
    SearchScopes: HKLM -> DefaultScope {22348997-7FD7-4759-AB9D-EB2B7A365617} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKLM -> {22348997-7FD7-4759-AB9D-EB2B7A365617} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKLM-x32 -> {22348997-7FD7-4759-AB9D-EB2B7A365617} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {281A27AD-5EE3-465B-AFC8-3DD187C8F223} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {5C92F213-D47F-4E3E-A150-7D06380B13FA} URL = http://www.mysearchresults.com/search?&c=3558&t=01&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {9517C61E-3144-44D4-99F0-6EE073CE9070} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298569&CUI=UN26062681701139919&UM=2
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {BD6686C3-1470-4557-826E-56C51535D882} URL = http://www.search.ask.com/web?tpid=WCL2-SP&o=APN10938&pf=V7&p2=^B1N^YYYYYY^YY^US&gct=&itbv=12.17.1.2492&apn_uid=8676F94B-9F7C-45EC-A2AE-7831C668E761&apn_ptnrs=^B1N&apn_dtid=^YYYYYY^YY^US&apn_dbr=cr_37.0.2062.124&doi=2014-09-29&trgb=IE&q={searchTerms}&psv=&pt=tb
    BHO: No Name -> {57434C32-2D53-5000-76A7-7A786E7484D7} -> No File
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
    BHO-x32: No Name -> {57434C32-2D53-5000-76A7-7A786E7484D7} -> No File
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
    BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll No File
    BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
    Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM - No Name - {57434C32-2D53-5000-76A7-7A786E7484D7} - No File
    Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
    Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
    Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - No Name - {57434C32-2D53-5000-76A7-7A786E7484D7} - No File
    Toolbar: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    Toolbar: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> No Name - {57434C32-2D53-5000-76A7-7A786E7484D7} - No File
    DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.5\ViProtocol.dll (AVG Secure Search)
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.5\\npsitesafety.dll No File
    FF Plugin-x32: @ei.RecipeHub_2j.com/Plugin -> C:\Program Files (x86)\RecipeHub_2jEI\Installr\1.bin\NP2jEISB.dll (Recipe Hub)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-08-09]
    FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
    FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2014-12-10]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-30]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
    CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
    CHR DefaultSearchKeyword: Default -> bing1.com
    CHR DefaultSearchURL: Default -> http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&FORM=AVASDF&PC=AV01
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
    CHR Plugin: (Norton Identity Safe) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\npcoplgn.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
    CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
    CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
    CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    CHR Plugin: (Recipe Hub Installer Plugin Stub) - C:\Program Files (x86)\RecipeHub_2jEI\Installr\1.bin\NP2jEISB.dll (Recipe Hub)
    CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
    CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-29]
    CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
    CHR Extension: (Vafmusic2) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko [2013-05-29]
    CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
    CHR Extension: (WhiteSmoke B) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjgoboealkonoikjklgigbgconjnfbc [2013-03-31]
    CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-02-01]
    CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10]
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Admin\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-05-13]
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\Chrome\Extension: [jgjgoboealkonoikjklgigbgconjnfbc] - C:\Users\Admin\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx [2013-02-17]
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\Chrome\Extension: [lonndllmbldmmoefheenkmgkencnkdkh] - C:\Users\Admin\AppData\Local\CRE\lonndllmbldmmoefheenkmgkencnkdkh.crx [2013-03-04]
    CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Admin\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-05-13]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]
    CHR HKLM-x32\...\Chrome\Extension: [jgjgoboealkonoikjklgigbgconjnfbc] - C:\Users\Admin\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx [2013-02-17]
    CHR HKLM-x32\...\Chrome\Extension: [lonndllmbldmmoefheenkmgkencnkdkh] - C:\Users\Admin\AppData\Local\CRE\lonndllmbldmmoefheenkmgkencnkdkh.crx [2013-03-04]
    CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [Not Found]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
    R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
    R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
    S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
    R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-31] (Symantec Corporation)
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
    R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
    R2 vToolbarUpdater18.1.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\ToolbarUpdater.exe [1801752 2014-05-08] (AVG Secure Search)
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
    R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
    S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [30336 2007-01-18] (Research in Motion Ltd)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-12-31] ()
    S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [28808 2008-10-15] ()
    S3 SWNC5E00; C:\Windows\System32\DRIVERS\SWNC5E00.sys [202248 2008-10-15] (Sierra Wireless Inc.)
    S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
    S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
    S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-31 15:17 - 2014-12-31 15:18 - 00028843 _____ () C:\Users\Admin\Desktop\FRST.txt
    2014-12-31 15:16 - 2014-12-31 15:17 - 00000000 ____D () C:\FRST
    2014-12-31 15:10 - 2014-12-31 15:11 - 02123264 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
    2014-12-30 19:47 - 2014-12-30 19:47 - 00509440 _____ (Tech Support Guy System) C:\Users\Admin\Downloads\SysInfo (1).exe
    2014-12-30 19:46 - 2014-12-30 19:47 - 00509440 _____ (Tech Support Guy System) C:\Users\Admin\Downloads\SysInfo.exe
    2014-12-30 14:20 - 2014-12-30 14:20 - 00000040 _____ () C:\Users\Admin\Desktop\kaspersky support.txt
    2014-12-30 14:00 - 2014-12-30 14:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Systweak
    2014-12-30 12:36 - 2014-12-30 12:39 - 00002944 _____ () C:\Windows\SysWOW64\debug.log
    2014-12-29 16:07 - 2014-12-29 16:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\{D3C6EC2F-5F0D-4116-9F74-BBC7B07B847E}
    2014-12-28 15:54 - 2014-12-28 15:54 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2014-12-28 15:49 - 2014-12-28 15:49 - 460469789 _____ () C:\Windows\MEMORY.DMP
    2014-12-28 15:49 - 2014-12-28 15:49 - 00277056 _____ () C:\Windows\Minidump\122814-42042-01.dmp
    2014-12-23 13:24 - 2014-12-23 13:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\{F14CA4CC-E729-43E4-BDF2-E51346834776}
    2014-12-23 12:53 - 2014-12-23 12:53 - 00880784 _____ (Google Inc.) C:\Users\Admin\Downloads\ChromeSetup.exe
    2014-12-23 09:40 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-23 09:40 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-22 15:47 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-22 15:47 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-22 15:47 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-22 15:47 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-22 15:47 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-22 15:47 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-22 15:47 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-22 15:47 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-22 15:47 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-22 15:47 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-22 15:47 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-22 15:47 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-22 15:47 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-22 15:47 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-22 15:47 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-22 15:47 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-22 15:47 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-22 15:47 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-22 15:47 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-22 15:47 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-22 15:47 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-22 15:47 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-22 15:47 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-22 15:47 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-22 15:47 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-22 15:47 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-22 15:47 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-22 15:47 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-22 15:47 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-22 15:47 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-22 15:47 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-22 15:47 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-22 15:47 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-22 15:47 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-22 15:47 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-22 15:47 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-22 15:47 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-22 15:47 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-22 15:47 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-22 15:47 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-22 15:47 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-22 15:47 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-22 15:47 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-22 15:47 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-22 15:47 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-22 15:47 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-22 15:47 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-22 15:47 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-22 15:47 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-22 15:47 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-22 15:47 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-22 15:47 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-22 15:47 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-22 15:44 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-22 15:44 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-12-22 15:44 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-12-22 15:44 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2014-12-22 15:44 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2014-12-22 15:44 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2014-12-22 15:44 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2014-12-22 15:44 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2014-12-22 15:44 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2014-12-22 15:44 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2014-12-22 15:43 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-22 15:43 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-22 15:43 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-22 15:43 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2014-12-22 15:43 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-22 15:43 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-22 15:43 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-22 15:43 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-22 15:43 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-22 15:43 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-22 15:43 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2014-12-22 15:43 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2014-12-22 15:43 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2014-12-22 15:43 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2014-12-22 09:36 - 2014-12-22 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-22 09:35 - 2014-12-09 10:13 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-12-21 18:07 - 2014-12-21 18:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\{89D79B32-7BB8-49A4-89FF-3A0637A2A3E0}
    2014-12-10 08:50 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-10 08:49 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-10 08:49 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-10 08:49 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-09 10:13 - 2014-12-22 09:36 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-09 10:13 - 2014-12-09 10:13 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-12-07 09:56 - 2014-12-07 21:44 - 00377562 _____ () C:\Users\Admin\Documents\Copy of Antiques List 12-7-2014.xlsx
    2014-12-05 13:20 - 2014-12-06 16:41 - 00375690 _____ () C:\Users\Admin\Documents\Copy of Antiques List 12-1-2014.REV1.xlsx
    2014-12-04 17:15 - 2014-12-04 17:15 - 00000000 ____D () C:\Users\Admin\AppData\Local\{C73FEF0B-D5EB-4634-B51C-0E4A189FBE79}

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-31 15:02 - 2009-08-25 03:37 - 02054285 _____ () C:\Windows\WindowsUpdate.log
    2014-12-31 15:02 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing
    2014-12-31 14:59 - 2011-04-03 08:41 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-31 14:53 - 2012-04-28 14:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-31 10:07 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-31 10:07 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-31 10:01 - 2013-12-02 10:39 - 00002844 _____ () C:\Windows\System32\Tasks\DriverUpdate Startup
    2014-12-31 10:01 - 2013-12-02 10:39 - 00000418 _____ () C:\Windows\Tasks\DriverUpdate Startup.job
    2014-12-31 10:00 - 2014-01-23 17:17 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
    2014-12-31 10:00 - 2013-12-02 10:39 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2014-12-31 10:00 - 2011-04-03 08:41 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-31 10:00 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-31 10:00 - 2009-07-13 23:51 - 00140426 _____ () C:\Windows\setupact.log
    2014-12-30 18:25 - 2009-07-14 00:13 - 00792924 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-30 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-12-30 12:39 - 2011-02-06 11:24 - 00000000 ____D () C:\Users\Admin\Documents\TurboTax
    2014-12-30 12:36 - 2009-11-28 08:37 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
    2014-12-29 23:18 - 2014-01-30 19:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-12-29 10:37 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Help
    2014-12-28 16:12 - 2009-08-25 04:03 - 01371336 _____ () C:\Windows\PFRO.log
    2014-12-28 15:49 - 2013-06-19 22:41 - 00000000 ____D () C:\Windows\Minidump
    2014-12-24 11:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-12-23 08:08 - 2012-11-10 17:45 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-12-22 16:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-22 16:11 - 2013-10-14 20:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-22 16:11 - 2013-08-16 19:30 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-22 16:06 - 2010-02-06 16:30 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-22 15:01 - 2014-03-28 07:32 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-12-22 14:58 - 2012-05-05 08:37 - 00000000 ____D () C:\Users\Admin\AppData\Local\{E2DE8945-837B-40F6-AB89-C6C5AABCAE56}
    2014-12-22 09:23 - 2014-01-31 07:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
    2014-12-22 09:23 - 2014-01-31 07:47 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
    2014-12-22 09:23 - 2012-11-10 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-12-22 09:23 - 2009-11-26 00:46 - 00000000 ____D () C:\Users\Admin
    2014-12-22 09:23 - 2009-08-25 03:43 - 00000000 ____D () C:\Program Files\LSI SoftModem
    2014-12-22 09:23 - 2009-08-09 02:16 - 00000000 ____D () C:\ProgramData\Norton
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\th-TH
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sl-SI
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sk-SK
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ro-RO
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\lv-LV
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\lt-LT
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\hr-HR
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\he-IL
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\et-EE
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\bg-BG
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ar-SA
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\servicing
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-22 09:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2014-12-22 09:22 - 2013-10-14 20:35 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
    2014-12-22 09:08 - 2009-08-09 04:54 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
    2014-12-22 09:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
    2014-12-22 09:06 - 2009-11-26 00:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\Hewlett-Packard
    2014-12-22 09:05 - 2012-11-05 19:31 - 00000000 ____D () C:\Program Files (x86)\RecipeHub_2jEI
    2014-12-17 10:59 - 2009-07-14 00:08 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-12-14 14:29 - 2012-11-05 10:48 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
    2014-12-14 10:18 - 2009-11-26 00:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Hewlett-Packard
    2014-12-14 09:52 - 2010-01-12 09:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\HP
    2014-12-10 09:54 - 2012-04-28 14:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-10 09:54 - 2012-04-28 14:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-10 09:54 - 2011-06-23 06:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-10 08:37 - 2009-11-28 10:11 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForAdmin
    2014-12-10 08:37 - 2009-11-28 10:11 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForAdmin.job
    2014-12-09 10:13 - 2014-05-01 13:14 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-12-09 10:13 - 2014-01-30 19:44 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-12-09 10:13 - 2014-01-30 19:44 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
    2014-12-09 10:13 - 2014-01-30 19:43 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-12-09 10:13 - 2014-01-30 19:43 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-12-09 10:13 - 2014-01-30 19:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-12-09 10:13 - 2014-01-30 19:43 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-12-09 10:13 - 2014-01-30 19:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

    Some content of TEMP:
    ====================
    C:\Users\Admin\AppData\Local\Temp\Extract.exe
    C:\Users\Admin\AppData\Local\Temp\ochelper.exe
    C:\Users\Admin\AppData\Local\Temp\ose00000.exe
    C:\Users\Admin\AppData\Local\Temp\_is53DA.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-28 11:18

    ==================== End Of Log ============================
     
  4. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
    Ran by Admin at 2014-12-31 15:20:09
    Running from C:\Users\Admin\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Activate Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.1.20.0 - Symantec)
    ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.30.21.0 - Broadcom Corporation)
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    DriverUpdate (HKLM-x32\...\{850A14FC-F410-47F7-94E4-38F4D3F270D4}) (Version: 2.2.30452 - SlimWare Utilities, Inc.)
    ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
    Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
    EPSON NX420 Series Printer Uninstall (HKLM\...\EPSON NX420 Series) (Version: - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
    EpsonNet Setup 3.2 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.2a - SEIKO EPSON CORPORATION)
    GEAR driver installer for x86 and x64 (x32 Version: 4.008.5 - GEAR Software) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
    HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
    HP Customer Experience Enhancements (HKLM-x32\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
    HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
    HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard)
    HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
    HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
    HP MediaSmart SlingPlayer (HKLM-x32\...\{90F6051D-A69F-4159-9203-7E20430E1056}) (Version: 2.1.1.60 - Sling Media, Inc.)
    HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
    HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
    HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Scanjet G3110 (HKLM\...\{9B4E2E01-D726-414F-947D-8CE4EC074EB6}) (Version: 13.0 - HP)
    HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
    HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Support Assistant (HKLM-x32\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
    HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
    HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
    hpg3110 (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
    iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    Java(TM) 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
    LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
    LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.6.15 - Symantec Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
    Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
    PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
    PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Search App by Ask (HKLM-x32\...\{57434C32-2D53-5000-76A7-A758B70C1101}) (Version: 12.17.1.2492 - APN, LLC) <==== ATTENTION
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SlingBoxWatchYourTVAnyWhere (HKLM-x32\...\{4313E16C-811B-469F-8815-6EB98085F8B2}) (Version: 2.1.1.58 - Sling Media)
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
    TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)
    TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
    TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.36 - WildTangent)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2367873466-1492356150-139791627-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?

    ==================== Restore Points =========================

    22-12-2014 08:59:01 Restore Operation
    22-12-2014 09:30:56 avast! antivirus system restore point
    22-12-2014 15:41:51 Windows Update
    22-12-2014 16:02:55 Windows Update
    24-12-2014 08:24:18 Windows Update
    28-12-2014 19:10:53 HPSF Restore Point
    29-12-2014 09:54:08 HPSF Applying updates
    29-12-2014 10:17:05 HPSF Applying updates
    29-12-2014 10:38:49 Windows Modules Installer
    29-12-2014 10:40:51 Windows Modules Installer

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0803BDAC-6345-4A51-9B33-D7A6020295B6} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
    Task: {11490C86-5A77-4C4B-9DC1-0BB2A40109B1} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2367873466-1492356150-139791627-1000
    Task: {19327111-EB96-4A77-8865-2705E7FE33DD} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
    Task: {2CEE425A-6024-43AE-B500-B74F9B6403D6} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
    Task: {36450CC6-06BC-491B-A7E0-D3E3A0C51DC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
    Task: {52694148-81BE-49A7-A474-53223F2ED516} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {58AA11A8-36F1-4CBE-BFC6-E46AB5C949D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
    Task: {9D3AE141-F0BE-413E-BCC3-3280F6482303} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {9E6954A8-7725-4EBC-BE2B-53376A4B27E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
    Task: {9EDCDC29-1ADB-4173-B1F7-3E13B85E3C7A} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {BFFECAC8-B623-409D-B165-B189AA33A242} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {C149A6FB-807A-42E5-81F0-1CC9B6A12548} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
    Task: {C4900273-3747-4CA6-9C41-E231F97585D9} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2013-06-22] (SlimWare Utilities, Inc.)
    Task: {CC2F1D96-C0AB-47E2-8BD1-9F5FE5478852} - System32\Tasks\HPCeeScheduleForAdmin => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-05-26] (Hewlett-Packard)
    Task: {DAB89DA2-491D-4DA6-B9FF-226ED833BF80} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
    Task: {EDF5BA0C-9AFA-4D36-AEDA-81852687DBF1} - System32\Tasks\{6CE75A8D-4847-4872-89CE-0F4DC139A811} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {EEFD0660-8E12-402B-B1C8-0E771E4DC16A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
    Task: {F7CE1DDE-DA8F-40AB-B0A7-4EDB961151DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {F832790E-0C97-4D20-BA4B-4C76E28319CC} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
    Task: {F9C113D7-0303-4FFB-A0DB-9B81FB73E30A} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
    Task: {FDB9FDA7-ED44-42DA-90E4-6254025BE9D7} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForAdmin.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2009-08-09 03:42 - 2009-01-21 13:47 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    2014-05-08 08:17 - 2014-05-08 08:17 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\loggingserver.exe
    2009-07-21 12:34 - 2009-07-21 12:34 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    2012-10-18 08:27 - 2012-10-18 08:27 - 04386816 _____ () C:\Program Files (x86)\OtShot\otshot.exe
    2009-07-01 17:44 - 2009-07-01 17:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    2014-12-30 13:48 - 2014-12-30 13:48 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123001\algo.dll
    2014-12-31 14:56 - 2014-12-31 14:56 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123101\algo.dll
    2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-05-08 08:17 - 2014-05-08 08:17 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\log4cplusU.dll
    2009-07-23 13:37 - 2009-07-23 13:37 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
    2014-12-09 10:13 - 2014-12-09 10:13 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2011-02-06 10:33 - 2011-02-06 10:33 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
    2011-02-06 10:33 - 2011-02-06 10:33 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-12-23 08:08 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-23 08:08 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-12-23 08:08 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-23 08:08 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
    2014-12-23 08:08 - 2014-12-05 20:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:373E1720

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
    MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe

    ========================= Accounts: ==========================

    Admin (S-1-5-21-2367873466-1492356150-139791627-1000 - Administrator - Enabled) => C:\Users\Admin
    Administrator (S-1-5-21-2367873466-1492356150-139791627-500 - Administrator - Disabled)
    Guest (S-1-5-21-2367873466-1492356150-139791627-501 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 557252

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 557252

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 10514

    Error: (12/30/2014 11:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 10514

    Error: (12/30/2014 11:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:25:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3728


    System errors:
    =============
    Error: (12/31/2014 10:02:19 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (12/30/2014 10:46:59 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (12/29/2014 03:41:53 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (12/28/2014 05:29:11 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (12/28/2014 04:15:02 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (12/28/2014 03:51:48 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (12/28/2014 03:51:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Installer service failed to start due to the following error:
    %%1053

    Error: (12/28/2014 03:51:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.

    Error: (12/28/2014 03:49:43 PM) (Source: BugCheck) (EventID: 1001) (User: )
    Description: 0x00000023 (0x00000000000e0107, 0xfffff880096e12d8, 0xfffff880096e0b30, 0xfffff80002ea1ced)C:\Windows\MEMORY.DMP122814-42042-01

    Error: (12/28/2014 03:49:43 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 3:47:47 PM on &#8206;12/&#8206;28/&#8206;2014 was unexpected.


    Microsoft Office Sessions:
    =========================
    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 557252

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 557252

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 10514

    Error: (12/30/2014 11:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 10514

    Error: (12/30/2014 11:25:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:25:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3728


    ==================== Memory info ===========================

    Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
    Percentage of memory in use: 57%
    Total physical RAM: 3999.19 MB
    Available physical RAM: 1696.64 MB
    Total Pagefile: 7996.55 MB
    Available Pagefile: 4998.95 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:219.97 GB) (Free:134.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (RECOVERY) (Fixed) (Total:12.72 GB) (Free:2.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 232.9 GB) (Disk ID: 2169E425)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=220 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  5. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    dbreeze - FYI - I first tried to follow your instructions using IE. Message received: "Your current security settings do not allow this file to be downloaded". So I went back to the beginning and tried to utilize Chrome. Message received: "This webpage is not available." But, I hit enter again and I got the message: "This can harm your computer, do you want to keep?" I hit keep, per your instructions. Hope I got the correct files for you and pasted them properly. Thanks so much for any help you provide. Happy New Year.
     
  6. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Happy New Year to you too!!

    The files are correct and I will help with the download issue also. Enjoy the evening and we will be back with some instructions later.
     
  7. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Hi teddidit,

    Hope the New Year's treating you well! Let's get that system fixed for you, OK?

    FIRST, a FRST script file run >>>>

    Download the attached fixlist.txt file and save it to the Desktop. File is here ===>>> View attachment Fixlist.txt

    NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST64 by right clicking on the FRST64.exe file, selecting "Run as Administrator..". The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.

    The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.

    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.



    SECOND, Fix the IE download issue >>>>

    The fastest way to fix this issue is to reset your Internet Explorer Security settings.

    Start Internet Explorer.

    Click Tools » Options.

    Click on the Security tab.

    Select the Internet Zone.

    Click on the Custom Level button

    Click on the Enable button under File Download in the Downloads section

    [​IMG]


    Click OK.



    Information to Reply with >>>>
    • The FRST64 Fixlog.txt log text.
    • Did you have any problems following the Reset of IE downloads security? Can you download a file now?
    • How is your system running now?
     
  8. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Are you still needing any help?
     
  9. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    Thanks for the info. I was waiting for an email reply. Sorry. My mistake. I will try this this afternoon or tomorrow and let you know how I did. Thanks so much for the help.
     
  10. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    Thanks for the help. It took over an hour to run the FIX. Don't know if this is normal. I had to utilize your IE fix first in order to get it to run. So, that seems to have worked.
    Going to try to find the fixlog.txt and attach it here.
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
    Ran by Admin at 2015-01-08 15:25:56 Run:1
    Running from C:\Users\Admin\Desktop
    Loaded Profile: Admin (Available profiles: Admin)
    Boot Mode: Normal
    ==============================================
    Content of fixlist:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\MountPoints2: {3359ed9a-892d-11e0-ba9d-806e6f6e6963} - F:\WIN\setup.exe
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKLM -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKLM-x32 -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {5C92F213-D47F-4E3E-A150-7D06380B13FA} URL = http://www.mysearchresults.com/search?&c=3558&t=01&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {9517C61E-3144-44D4-99F0-6EE073CE9070} URL = http://search.conduit.com/ResultsEx...}&SearchSource=4&ctid=CT3298569&CUI=UN2606268 1701139919&UM=2
    SearchScopes: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> {BD6686C3-1470-4557-826E-56C51535D882} URL = http://www.search.ask.com/web?tpid=...YYYY^YY^US&gct=&itbv=12.17.1.2492&apn_uid=867 6F94B-9F7C-45EC-A2AE-7831C668E761&apn_ptnrs=^B1N&apn_dtid=^YYYYYY^YY^US&apn_dbr=cr_37.0.2062.124 &doi=2014-09-29&trgb=IE&q={searchTerms}&psv=&pt=tb
    BHO: No Name -> {57434C32-2D53-5000-76A7-7A786E7484D7} -> No File
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
    BHO-x32: No Name -> {57434C32-2D53-5000-76A7-7A786E7484D7} -> No File
    BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll No File
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
    Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Toolbar: HKLM - No Name - {57434C32-2D53-5000-76A7-7A786E7484D7} - No File
    Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
    Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
    Toolbar: HKLM-x32 - No Name - {57434C32-2D53-5000-76A7-7A786E7484D7} - No File
    Toolbar: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    Toolbar: HKU\S-1-5-21-2367873466-1492356150-139791627-1000 -> No Name - {57434C32-2D53-5000-76A7-7A786E7484D7} - No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
    CHR Extension: (Vafmusic2) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko [2013-05-29]
    CHR Extension: (WhiteSmoke B) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjgoboealkonoikjklgigbgconjnfbc [2013-03-31]
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Admin\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-05-13]
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\Chrome\Extension: [jgjgoboealkonoikjklgigbgconjnfbc] - C:\Users\Admin\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx [2013-02-17]
    CHR HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...\Chrome\Extension: [lonndllmbldmmoefheenkmgkencnkdkh] - C:\Users\Admin\AppData\Local\CRE\lonndllmbldmmoefheenkmgkencnkdkh.crx [2013-03-04]
    CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Admin\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [2013-05-13]
    CHR HKLM-x32\...\Chrome\Extension: [jgjgoboealkonoikjklgigbgconjnfbc] - C:\Users\Admin\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx [2013-02-17]
    CHR HKLM-x32\...\Chrome\Extension: [lonndllmbldmmoefheenkmgkencnkdkh] - C:\Users\Admin\AppData\Local\CRE\lonndllmbldmmoefheenkmgkencnkdkh.crx [2013-03-04]
    S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
    S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
    S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
    Task: {EDF5BA0C-9AFA-4D36-AEDA-81852687DBF1} - System32\Tasks\{6CE75A8D-4847-4872-89CE-0F4DC139A811} => pcalua.exe -a E:\setup.exe -d E:\
    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    C:\Users\Admin\AppData\Local\Temp\Extract.exe
    C:\Users\Admin\AppData\Local\Temp\ochelper.exe
    C:\Users\Admin\AppData\Local\Temp\ose00000.exe
    C:\Users\Admin\AppData\Local\Temp\_is53DA.exe
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!
    CustomCLSID: HKU\S-1-5-21-2367873466-1492356150-139791627-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?
    cmd: ipconfig /flushdns
    cmd: netsh advfirewall reset
    cmd: netsh advfirewall set allprofiles state on
    Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
    Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
    Hosts:
    EmptyTemp:
    Reboot:
    end
    *****************
    Restore point was successfully created.
    Processes closed successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3359ed9a-892d-11e0-ba9d-806e6f6e6963}" => Key deleted successfully.
    HKCR\CLSID\{3359ed9a-892d-11e0-ba9d-806e6f6e6963} => Key not found.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0809851D-6B6B-49C8-93A3-D43B32E2A276}" => Key deleted successfully.
    HKCR\CLSID\{0809851D-6B6B-49C8-93A3-D43B32E2A276} => Key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0809851D-6B6B-49C8-93A3-D43B32E2A276}" => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{0809851D-6B6B-49C8-93A3-D43B32E2A276} => Key not found.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0809851D-6B6B-49C8-93A3-D43B32E2A276}" => Key deleted successfully.
    HKCR\CLSID\{0809851D-6B6B-49C8-93A3-D43B32E2A276} => Key not found.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5C92F213-D47F-4E3E-A150-7D06380B13FA}" => Key deleted successfully.
    HKCR\CLSID\{5C92F213-D47F-4E3E-A150-7D06380B13FA} => Key not found.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9517C61E-3144-44D4-99F0-6EE073CE9070}" => Key deleted successfully.
    HKCR\CLSID\{9517C61E-3144-44D4-99F0-6EE073CE9070} => Key not found.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD6686C3-1470-4557-826E-56C51535D882}" => Key deleted successfully.
    HKCR\CLSID\{BD6686C3-1470-4557-826E-56C51535D882} => Key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57434C32-2D53-5000-76A7-7A786E7484D7}" => Key deleted successfully.
    HKCR\CLSID\{57434C32-2D53-5000-76A7-7A786E7484D7} => Key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{0347C33E-8762-4905-BF09-768834316C61}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57434C32-2D53-5000-76A7-7A786E7484D7}" => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{57434C32-2D53-5000-76A7-7A786E7484D7} => Key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value deleted successfully.
    "HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
    HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{57434C32-2D53-5000-76A7-7A786E7484D7} => value deleted successfully.
    HKCR\CLSID\{57434C32-2D53-5000-76A7-7A786E7484D7} => Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value deleted successfully.
    "HKCR\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value deleted successfully.
    HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{57434C32-2D53-5000-76A7-7A786E7484D7} => value deleted successfully.
    HKCR\Wow6432Node\CLSID\{57434C32-2D53-5000-76A7-7A786E7484D7} => Key not found.
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value deleted successfully.
    HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key not found.
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{57434C32-2D53-5000-76A7-7A786E7484D7} => value deleted successfully.
    HKCR\CLSID\{57434C32-2D53-5000-76A7-7A786E7484D7} => Key not found.
    "HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
    "HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
    "HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0" => Key deleted successfully.
    C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll not found.
    C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll not found.
    C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll not found.
    C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll not found.
    C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
    c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll not found.
    C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko => Moved successfully.
    C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjgoboealkonoikjklgigbgconjnfbc => Moved successfully.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko" => Key deleted successfully.
    C:\Users\Admin\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx => Moved successfully.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Google\Chrome\Extensions\jgjgoboealkonoikjklgigbgconjnfbc" => Key deleted successfully.
    C:\Users\Admin\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx => Moved successfully.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\SOFTWARE\Google\Chrome\Extensions\lonndllmbldmmoefheenkmgkencnkdkh" => Key deleted successfully.
    C:\Users\Admin\AppData\Local\CRE\lonndllmbldmmoefheenkmgkencnkdkh.crx => Moved successfully.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko" => Key deleted successfully.
    "C:\Users\Admin\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx" => File/Directory not found.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jgjgoboealkonoikjklgigbgconjnfbc" => Key deleted successfully.
    "C:\Users\Admin\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx" => File/Directory not found.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lonndllmbldmmoefheenkmgkencnkdkh" => Key deleted successfully.
    "C:\Users\Admin\AppData\Local\CRE\lonndllmbldmmoefheenkmgkencnkdkh.crx" => File/Directory not found.
    PCTINDIS5X64 => Service deleted successfully.
    RtsUIR => Service deleted successfully.
    USBCCID => Service deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDF5BA0C-9AFA-4D36-AEDA-81852687DBF1}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDF5BA0C-9AFA-4D36-AEDA-81852687DBF1}" => Key deleted successfully.
    C:\Windows\System32\Tasks\{6CE75A8D-4847-4872-89CE-0F4DC139A811} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6CE75A8D-4847-4872-89CE-0F4DC139A811}" => Key deleted successfully.
    C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
    C:\Users\Admin\AppData\Local\Temp\Extract.exe => Moved successfully.
    C:\Users\Admin\AppData\Local\Temp\ochelper.exe => Moved successfully.
    C:\Users\Admin\AppData\Local\Temp\ose00000.exe => Moved successfully.
    C:\Users\Admin\AppData\Local\Temp\_is53DA.exe => Moved successfully.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
    "HKU\S-1-5-21-2367873466-1492356150-139791627-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
    HKU\S-1-5-21-2367873466-1492356150-139791627-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} => Key not found.
    ========= ipconfig /flushdns =========

    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    ========= End of CMD: =========

    ========= netsh advfirewall reset =========
    Ok.

    ========= End of CMD: =========

    ========= netsh advfirewall set allprofiles state on =========
    Ok.

    ========= End of CMD: =========

    ========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
    The operation completed successfully.


    ========= End of Reg: =========

    ========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
    The operation completed successfully.


    ========= End of Reg: =========
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 3.2 GB temporary data.

    The system needed a reboot.
    ==== End of Fixlog 16:53:09 ====
     
  11. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Sorry for the delay but I lost internet access this week and just got it back today.

    Yes the Fixlist can take a bit to run as the EmptyTemp command is very thorough; if a user has a large amount of temp files .....

    Moving on; how is your system running now?
     
  12. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    Going to try to use that laptop for a longer period of time tomorrow.
    But- when I use it my son cannot get online on his Apple laptop and my husband cannot get online on his ipad. Weird. Can one affect the other? Can we fix this?
     
  13. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Let me know how the laptop is performing, please. As to the network issue, I can not really say without a closer look at the network settings.

    Please download MiniToolBox, save it to your desktop and run it.

    Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Devices
    • List Users, Partitions and Memory size.
    • List Minidump Files
    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
  14. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    MiniToolBox by Farbar Version: 30-11-2014
    Ran by Admin (administrator) on 12-01-2015 at 12:41:18
    Running from "C:\Users\Admin\Desktop"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.
    ========================= Hosts content: =================================


    ========================= IP Configuration: ================================

    Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Admin-PC
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Wireless Network Connection 2:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
    Physical Address. . . . . . . . . : 0C-EE-E6-D6-AE-EA
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
    Physical Address. . . . . . . . . : 0C-EE-E6-D6-AE-EA
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::9ddf:e943:6093:1866%12(Preferred)
    IPv4 Address. . . . . . . . . . . : 10.0.0.8(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Monday, January 12, 2015 11:17:27 AM
    Lease Expires . . . . . . . . . . : Tuesday, January 13, 2015 11:17:31 AM
    Default Gateway . . . . . . . . . : 10.0.0.1
    DHCP Server . . . . . . . . . . . : 10.0.0.1
    DHCPv6 IAID . . . . . . . . . . . : 319614694
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-25-5A-8F-00-26-9E-7B-1D-AF
    DNS Servers . . . . . . . . . . . : 10.0.0.1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter Local Area Connection* 27:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 26:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2432:3a0f:f5ff:fff7(Preferred)
    Link-local IPv6 Address . . . . . : fe80::2432:3a0f:f5ff:fff7%36(Preferred)
    Default Gateway . . . . . . . . . : ::
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter isatap.{1986CB7E-9AF7-47B4-8F87-47A7DEFDA28A}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: UnKnown
    Address: 10.0.0.1

    Name: google.com
    Addresses: 2607:f8b0:4006:80a::100e
    173.194.123.3
    173.194.123.6
    173.194.123.1
    173.194.123.5
    173.194.123.4
    173.194.123.7
    173.194.123.9
    173.194.123.0
    173.194.123.8
    173.194.123.2
    173.194.123.14


    Pinging google.com [173.194.123.3] with 32 bytes of data:
    Reply from 173.194.123.3: bytes=32 time=43ms TTL=52
    Reply from 173.194.123.3: bytes=32 time=43ms TTL=52

    Ping statistics for 173.194.123.3:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 43ms, Maximum = 43ms, Average = 43ms
    Server: UnKnown
    Address: 10.0.0.1

    Name: yahoo.com
    Addresses: 206.190.36.45
    98.138.253.109
    98.139.183.24


    Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
    Reply from 206.190.36.45: bytes=32 time=125ms TTL=45
    Reply from 206.190.36.45: bytes=32 time=128ms TTL=45

    Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 125ms, Maximum = 128ms, Average = 126ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    15...0c ee e6 d6 ae ea ......Microsoft Virtual WiFi Miniport Adapter
    12...0c ee e6 d6 ae ea ......Broadcom 802.11b/g WLAN
    1...........................Software Loopback Interface 1
    47...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
    36...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    48...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.8 25
    10.0.0.0 255.255.255.0 On-link 10.0.0.8 281
    10.0.0.8 255.255.255.255 On-link 10.0.0.8 281
    10.0.0.255 255.255.255.255 On-link 10.0.0.8 281
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 10.0.0.8 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 10.0.0.8 281
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    36 58 ::/0 On-link
    1 306 ::1/128 On-link
    36 58 2001::/32 On-link
    36 306 2001:0:9d38:6ab8:2432:3a0f:f5ff:fff7/128
    On-link
    12 281 fe80::/64 On-link
    36 306 fe80::/64 On-link
    36 306 fe80::2432:3a0f:f5ff:fff7/128
    On-link
    12 281 fe80::9ddf:e943:6093:1866/128
    On-link
    1 306 ff00::/8 On-link
    36 306 ff00::/8 On-link
    12 281 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
    x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (01/12/2015 11:15:42 AM) (Source: RasClient) (User: )
    Description: CoId={D047B997-BC6A-4947-AC71-93A59EE22A24}: The user Admin-PC\Admin dialed a connection named 3G Connection which has failed. The error code returned on failure is 0.

    Error: (01/12/2015 11:15:42 AM) (Source: RasClient) (User: )
    Description: CoId={D047B997-BC6A-4947-AC71-93A59EE22A24}: The user Admin-PC\Admin dialed a connection named 3G Connection which has failed. The error code returned on failure is 680.

    Error: (01/12/2015 11:14:45 AM) (Source: RasClient) (User: )
    Description: CoId={7091D6C1-DE6F-4EA9-8775-62DCEC1EC3BB}: The user Admin-PC\Admin dialed a connection named CDMA which has failed. The error code returned on failure is 680.

    Error: (01/07/2015 01:41:47 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 64817105

    Error: (01/07/2015 01:41:47 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 64817105

    Error: (01/07/2015 01:41:46 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 557252


    System errors:
    =============
    Error: (01/10/2015 08:52:41 PM) (Source: Disk) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (01/08/2015 04:56:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\System32\bcmihvsrv64.dll

    Error: (01/08/2015 04:56:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\System32\bcmihvsrv64.dll

    Error: (01/08/2015 04:56:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\System32\bcmihvsrv64.dll

    Error: (01/08/2015 03:27:09 PM) (Source: Service Control Manager) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
    %%1056

    Error: (01/08/2015 03:26:39 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (01/08/2015 03:26:39 PM) (Source: Service Control Manager) (User: )
    Description: The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/08/2015 03:26:38 PM) (Source: Service Control Manager) (User: )
    Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/08/2015 03:26:38 PM) (Source: Service Control Manager) (User: )
    Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/08/2015 03:26:38 PM) (Source: Service Control Manager) (User: )
    Description: The hpqwmiex service terminated unexpectedly. It has done this 1 time(s).


    Microsoft Office Sessions:
    =========================
    Error: (01/12/2015 11:15:42 AM) (Source: RasClient)(User: )
    Description: {D047B997-BC6A-4947-AC71-93A59EE22A24}Admin-PC\Admin3G Connection0

    Error: (01/12/2015 11:15:42 AM) (Source: RasClient)(User: )
    Description: {D047B997-BC6A-4947-AC71-93A59EE22A24}Admin-PC\Admin3G Connection680

    Error: (01/12/2015 11:14:45 AM) (Source: RasClient)(User: )
    Description: {7091D6C1-DE6F-4EA9-8775-62DCEC1EC3BB}Admin-PC\AdminCDMA680

    Error: (01/07/2015 01:41:47 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 64817105

    Error: (01/07/2015 01:41:47 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 64817105

    Error: (01/07/2015 01:41:46 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13951950

    Error: (12/30/2014 06:20:50 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/30/2014 11:54:38 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 557252


    ========================= Devices: ================================

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
    Description: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: LSI_SCSI
    Description: LSI_SCSI
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: LSI_SCSI

    Name: nfrd960
    Description: nfrd960
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: nfrd960

    Name: arc
    Description: arc
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: arc

    Name: ATA Channel 4
    Description: IDE Channel
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard IDE ATA/ATAPI controllers)
    Service: atapi

    Name: viaide
    Description: viaide
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: viaide

    Name: System Attribute Cache
    Description: System Attribute Cache
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: discache

    Name: Microsoft ACPI-Compliant System
    Description: Microsoft ACPI-Compliant System
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: ACPI

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: WAN Miniport (PPTP)
    Description: WAN Miniport (PPTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: PptpMiniport

    Name: Security Driver
    Description: Security Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: secdrv

    Name: High precision event timer
    Description: High precision event timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver
    Description: Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: arcsas

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:

    Name: Microsoft eHome Infrared Transceiver
    Description: Microsoft eHome Infrared Transceiver
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service: HidIr

    Name: Dynamic Volume Manager
    Description: Dynamic Volume Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volmgrx

    Name: LDDM Graphics Subsystem
    Description: LDDM Graphics Subsystem
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: DXGKrnl

    Name: ATA Channel 5
    Description: IDE Channel
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard IDE ATA/ATAPI controllers)
    Service: atapi

    Name: WAN Miniport (SSTP)
    Description: WAN Miniport (SSTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasSstp

    Name: SiSRaid2
    Description: SiSRaid2
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SiSRaid2

    Name: Direct memory access controller
    Description: Direct memory access controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Microsoft Virtual WiFi Miniport Adapter
    Description: Microsoft Virtual WiFi Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: vwifimp

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: NSI proxy service driver.
    Description: NSI proxy service driver.
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: nsiproxy

    Name: megasas
    Description: megasas
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: megasas

    Name: avast! HardwareID
    Description: avast! HardwareID
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: aswHwid

    Name: Intel(R) 82801 PCI Bridge - 2448
    Description: Intel(R) 82801 PCI Bridge - 2448
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2937
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2937
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci

    Name: Intel(R) ICH9 Family PCI Express Root Port 4 - 2946
    Description: Intel(R) ICH9 Family PCI Express Root Port 4 - 2946
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: Storage volumes
    Description: Storage volumes
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volsnap

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:

    Name: Terminal Server Keyboard Driver
    Description: Terminal Server Keyboard Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD

    Name: SiSRaid4
    Description: SiSRaid4
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SiSRaid4

    Name: Standard PS/2 Keyboard
    Description: Standard PS/2 Keyboard
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard keyboards)
    Service: i8042prt

    Name: USB Composite Device
    Description: USB Composite Device
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbccgp

    Name: Microsoft 6to4 Adapter
    Description: Microsoft 6to4 Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: MegaSR
    Description: MegaSR
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: MegaSR

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: Terminal Server Mouse Driver
    Description: Terminal Server Mouse Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD

    Name: vsmraid
    Description: vsmraid
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: vsmraid

    Name: elxstor
    Description: elxstor
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: elxstor

    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: spldr

    Name: PCI bus
    Description: PCI bus
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: pci

    Name: Null
    Description: Null
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Null

    Name: Mount Point Manager
    Description: Mount Point Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mountmgr

    Name: aswRdr
    Description: aswRdr
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: aswRdr

    Name: Plug and Play Software Device Enumerator
    Description: Plug and Play Software Device Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: swenum

    Name: Microsoft eHome Remote Control Keyboard keys
    Description: Microsoft eHome Remote Control Keyboard keys
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: kbdhid

    Name: HP Webcam
    Description: USB Video Device
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: usbvideo

    Name: Microsoft ISATAP Adapter #3
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: Microsoft ISATAP Adapter #2
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: Virtual WiFi Filter Driver
    Description: Virtual WiFi Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: vwififlt

    Name: Intel(R) ICH9M LPC Interface Controller - 2919
    Description: Intel(R) ICH9M LPC Interface Controller - 2919
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: msisadrv

    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2938
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2938
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci

    Name: Intel(R) ICH9 Family PCI Express Root Port 5 - 2948
    Description: Intel(R) ICH9 Family PCI Express Root Port 5 - 2948
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: Microsoft AC Adapter
    Description: Microsoft AC Adapter
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: CmBatt

    Name: Generic PnP Monitor
    Description: Generic PnP Monitor
    Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard monitor types)
    Service: monitor

    Name: nvraid
    Description: nvraid
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: nvraid

    Name: System CMOS/real time clock
    Description: System CMOS/real time clock
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Consumer IR Devices
    Description: Consumer IR Devices
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: circlass

    Name: Windows Firewall Authorization Driver
    Description: Windows Firewall Authorization Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mpsdrv

    Name: Bitlocker Drive Encryption Filter Driver
    Description: Bitlocker Drive Encryption Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: fvevol

    Name: avast! Revert
    Description: avast! Revert
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: aswRvrt

    Name: Microsoft ISATAP Adapter #4
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: Microsoft ISATAP Adapter
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: Remote Access IPv6 ARP Driver
    Description: Remote Access IPv6 ARP Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wanarpv6

    Name: NWADI Bus Enumerator
    Description: NWADI Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Novatel Wireless Inc
    Service: NWADI

    Name: ENE CIR Receiver
    Description: ENE CIR Receiver
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: ENE
    Service: enecir

    Name: nvstor
    Description: nvstor
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: nvstor

    Name: Microsoft eHome MCIR Keyboard
    Description: Microsoft eHome MCIR Keyboard
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: kbdhid

    Name: Microsoft ISATAP Adapter #5
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: HpSAMD
    Description: HpSAMD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: HpSAMD

    Name: UMBus Root Bus Enumerator
    Description: UMBus Root Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus

    Name: Microsoft Watchdog Timer Driver
    Description: Microsoft Watchdog Timer Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wd

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: pciide
    Description: pciide
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: pciide

    Name: ACPI Fixed Feature Button
    Description: ACPI Fixed Feature Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929
    Description: Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: msahci

    Name: HTTP
    Description: HTTP
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: HTTP

    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2939
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2939
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Intel(R) ICH9 Family PCI Express Root Port 6 - 294A
    Description: Intel(R) ICH9 Family PCI Express Root Port 6 - 294A
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: Microsoft Virtual Drive Enumerator Driver
    Description: Microsoft Virtual Drive Enumerator Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: vdrvroot

    Name: Microsoft eHome MCIR 109 Keyboard
    Description: Microsoft eHome MCIR 109 Keyboard
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: kbdhid

    Name: Kernel Mode Driver Frameworks service
    Description: Kernel Mode Driver Frameworks service
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wdf01000

    Name: ACPI x64-based PC
    Description: ACPI x64-based PC
    Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard computers)
    Service: \Driver\ACPI_HAL

    Name: stexstor
    Description: stexstor
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: stexstor

    Name: Hardware Policy Driver
    Description: Hardware Policy Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: hwpolicy

    Name: Volume Manager
    Description: Volume Manager
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: volmgr

    Name: hp DVDRAM GT20L ATA Device
    Description: CD-ROM Drive
    Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard CD-ROM drives)
    Service: cdrom

    Name: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm

    Name: IDT High Definition Audio CODEC
    Description: IDT High Definition Audio CODEC
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: IDT
    Service: STHDA

    Name: Numeric data processor
    Description: Numeric data processor
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: aswStm
    Description: aswStm
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: aswStm

    Name: File as Volume Driver
    Description: File as Volume Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: blbdrive

    Name: WFP Lightweight Filter
    Description: WFP Lightweight Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WfpLwf

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: Performance Counters for Windows Driver
    Description: Performance Counters for Windows Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: pcw

    Name: Intel RAID Controller Windows 7
    Description: Intel RAID Controller Windows 7
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: iaStorV

    Name: HID-compliant mouse
    Description: HID-compliant mouse
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: mouhid

    Name: Microsoft Multi-Path Device Specific Module
    Description: Microsoft Multi-Path Device Specific Module
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: msdsm

    Name: avast! VM Monitor
    Description: avast! VM Monitor
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: aswVmm

    Name: Composite Bus Enumerator
    Description: Composite Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: CompositeBus

    Name: Microsoft ACPI-Compliant Embedded Controller
    Description: Microsoft ACPI-Compliant Embedded Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Intel(R) ICH9 Family SMBus Controller - 2930
    Description: Intel(R) ICH9 Family SMBus Controller - 2930
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:

    Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
    Description: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci

    Name: Mobile Intel(R) 4 Series Chipset Processor to DRAM Controller - 2A40
    Description: Mobile Intel(R) 4 Series Chipset Processor to DRAM Controller - 2A40
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:

    Name: Microsoft ACPI-Compliant Control Method Battery
    Description: Microsoft ACPI-Compliant Control Method Battery
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: CmBatt

    Name: PEAUTH
    Description: PEAUTH
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: PEAUTH

    Name: iirsp
    Description: iirsp
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: iirsp

    Name: IDE Channel
    Description: IDE Channel
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: atapi

    Name: Microsoft Composite Battery
    Description: Microsoft Composite Battery
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: Compbatt

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: ACPI Power Button
    Description: ACPI Power Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: User Mode Driver Frameworks Platform Driver
    Description: User Mode Driver Frameworks Platform Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WudfPf

    Name: QoS Packet Scheduler
    Description: QoS Packet Scheduler
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Psched

    Name: ST9250315AS ATA Device
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk

    Name: msisadrv
    Description: msisadrv
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: msisadrv

    Name: intelide
    Description: intelide
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: intelide

    Name: Intel(R) High Definition Audio HDMI
    Description: Intel(R) High Definition Audio HDMI
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel(R) Corporation
    Service: IntcHdmiAddService

    Name: adp94xx
    Description: adp94xx
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: adp94xx

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: ACPI Lid
    Description: ACPI Lid
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: UMBus Enumerator
    Description: UMBus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus

    Name: Intel(R) ICH9 Family Thermal Subsystem - 2932
    Description: Intel(R) ICH9 Family Thermal Subsystem - 2932
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:

    Name: QLogic Fibre Channel Miniport Driver
    Description: QLogic Fibre Channel Miniport Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ql2300

    Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
    Description: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci

    Name: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm

    Name: Mobile Intel(R) 4 Series Express Chipset Family
    Description: Mobile Intel(R) 4 Series Express Chipset Family
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: igfx

    Name: isapnp
    Description: isapnp
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: isapnp

    Name: Beep
    Description: Beep
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Beep

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: adpahci
    Description: adpahci
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: adpahci

    Name: Microsoft System Management BIOS Driver
    Description: Microsoft System Management BIOS Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: mssmbios

    Name: ACPI Sleep Button
    Description: ACPI Sleep Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: QLogic iSCSI Miniport Driver
    Description: QLogic iSCSI Miniport Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ql40xx

    Name: NativeWiFi Filter
    Description: NativeWiFi Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NativeWifiP

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: KSecDD
    Description: KSecDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecDD

    Name: adpu320
    Description: adpu320
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: adpu320

    Name: WAN Miniport (IKEv2)
    Description: WAN Miniport (IKEv2)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasAgileVpn

    Name: Microsoft Windows Management Interface for ACPI
    Description: Microsoft Windows Management Interface for ACPI
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: WmiAcpi

    Name: Norton Identity Safe Settings Manager
    Description: Norton Identity Safe Settings Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ccSet_NST

    Name: KSecPkg
    Description: KSecPkg
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecPkg

    Name: LSI HDA Modem
    Description: LSI HDA Modem
    Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
    Manufacturer: LSI
    Service: Modem

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: NDIS System Driver
    Description: NDIS System Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDIS

    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2934
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2934
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci

    Name: High Definition Audio Controller
    Description: High Definition Audio Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: HDAudBus

    Name: Mobile Intel(R) 4 Series Express Chipset Family
    Description: Mobile Intel(R) 4 Series Express Chipset Family
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: igfx

    Name: Direct Application Launch Button
    Description: Direct Application Launch Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Ancillary Function Driver for Winsock
    Description: Ancillary Function Driver for Winsock
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AFD

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: WAN Miniport (L2TP)
    Description: WAN Miniport (L2TP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: Rasl2tp

    Name: TCP/IP Protocol Driver
    Description: TCP/IP Protocol Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Tcpip

    Name: RDPCDD
    Description: RDPCDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPCDD

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: Direct Application Launch Button
    Description: Direct Application Launch Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: NDIS Usermode I/O Protocol
    Description: NDIS Usermode I/O Protocol
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Ndisuio

    Name: Link-Layer Topology Discovery Mapper I/O Driver
    Description: Link-Layer Topology Discovery Mapper I/O Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: lltdio

    Name: aliide
    Description: aliide
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: aliide

    Name: WAN Miniport (Network Monitor)
    Description: WAN Miniport (Network Monitor)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan

    Name: TCP/IP Registry Compatibility
    Description: TCP/IP Registry Compatibility
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tcpipreg

    Name: Direct Application Launch Button
    Description: Direct Application Launch Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: HP Mobile Data Protection Sensor
    Description: HP Mobile Data Protection Sensor
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Hewlett-Packard
    Service: Accelerometer

    Name: RDP Encoder Mirror Driver
    Description: RDP Encoder Mirror Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPENCDD

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: Common Log (CLFS)
    Description: Common Log (CLFS)
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CLFS

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: LSI_FC
    Description: LSI_FC
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: LSI_FC

    Name: NDProxy
    Description: NDProxy
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDProxy

    Name: amdide
    Description: amdide
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: amdide

    Name: Direct Application Launch Button
    Description: Direct Application Launch Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2935
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2935
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci

    Name: WAN Miniport (IP)
    Description: WAN Miniport (IP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan

    Name: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
    Description: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: NetIO Legacy TDI Support Driver
    Description: NetIO Legacy TDI Support Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tdx

    Name: ATA Channel 0
    Description: IDE Channel
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard IDE ATA/ATAPI controllers)
    Service: atapi

    Name: Intel(R) 82802 Firmware Hub Device
    Description: Intel(R) 82802 Firmware Hub Device
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:

    Name: Reflector Display Driver used to gain access to graphics data
    Description: Reflector Display Driver used to gain access to graphics data
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPREFMP

    Name: cmdide
    Description: cmdide
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: cmdide

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: LSI_SAS
    Description: LSI_SAS
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: LSI_SAS

    Name: Direct Application Launch Button
    Description: Direct Application Launch Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:

    Name: amdsata
    Description: amdsata
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: amdsata

    Name: WAN Miniport (IPv6)
    Description: WAN Miniport (IPv6)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan

    Name: Synaptics PS/2 Port TouchPad
    Description: Synaptics PS/2 Port TouchPad
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Synaptics
    Service: i8042prt

    Name: Programmable interrupt controller
    Description: Programmable interrupt controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Link-Layer Topology Discovery Responder
    Description: Link-Layer Topology Discovery Responder
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: rspndr

    Name: CNG
    Description: CNG
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CNG

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: LSI_SAS2
    Description: LSI_SAS2
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: LSI_SAS2

    Name: ATA Channel 1
    Description: IDE Channel
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard IDE ATA/ATAPI controllers)
    Service: atapi

    Name: NETBT
    Description: NETBT
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NetBT

    Name: RAS Async Adapter
    Description: RAS Async Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: AsyncMac

    Name: amdsbs
    Description: amdsbs
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: amdsbs

    Name: VgaSave
    Description: VgaSave
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: VgaSave

    Name: WAN Miniport (PPPOE)
    Description: WAN Miniport (PPPOE)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasPppoe

    Name: HID-compliant consumer control device
    Description: HID-compliant consumer control device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service:

    Name: ACPI Thermal Zone
    Description: ACPI Thermal Zone
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: SBP-2 Transport/Protocol Bus Driver
    Description: SBP-2 Transport/Protocol Bus Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: sbp2port

    Name: Broadcom 802.11b/g WLAN
    Description: Broadcom 802.11b/g WLAN
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Broadcom
    Service: BCM43XX

    Name: System timer
    Description: System timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2936
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2936
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci


    ========================= Memory info: ===================================

    Percentage of memory in use: 37%
    Total physical RAM: 3999.19 MB
    Available physical RAM: 2504.99 MB
    Total Pagefile: 7996.55 MB
    Available Pagefile: 6273.7 MB
    Total Virtual: 4095.88 MB
    Available Virtual: 3981.24 MB

    ========================= Partitions: =====================================

    1 Drive c: () (Fixed) (Total:219.97 GB) (Free:138.46 GB) NTFS
    2 Drive d: (RECOVERY) (Fixed) (Total:12.72 GB) (Free:2.13 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\ADMIN-PC

    Admin Administrator Guest

    ========================= Minidump Files ==================================

    No minidump file found


    **** End of log ****
     
  15. teddidit

    teddidit Thread Starter

    Joined:
    Dec 30, 2014
    Messages:
    15
    laptop seems to be working well.
    Thanks with help on powershell issue.
    Will keep you posted and await your response on the above crazy issue.

    Will be away from this laptop starting Wednesday for a week. Will have access to email but not the computer/laptop with the problems.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1140251

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice