Here are FRST and Addition:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by gismeu (administrator) on GIAMEU on 23-01-2015 13:36:21
Running from C:\Users\gismeu\Desktop
Loaded Profiles: gismeu (Available profiles: gismeu & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
( ) C:\Windows\System32\lxducoms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_287.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_287.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft) C:\Program Files (x86)\Common Files\Lenovo\SUP\sup_wermonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63376 2012-09-07] (Lenovo)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\...\MountPoints2: {52d012e3-d5ad-11e1-b991-e89a8f581443} - E:\AutoRun.exe
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\...\MountPoints2: {64e851e3-d31e-11e1-b5fa-e89a8f581443} - E:\AutoRun.exe
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\...\MountPoints2: {64e851ea-d31e-11e1-b5fa-e89a8f581443} - E:\AutoRun.exe
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\...\MountPoints2: {84b1a606-d4a6-11e1-a63d-e89a8f581443} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\...\MountPoints2: {84b1a654-d4a6-11e1-a63d-e89a8f581443} - F:\setup_vmb_lite.exe /checkApplicationPresence
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {7509B7B2-6F1B-4301-A12D-B8FA3B44D1C9} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB319545-1E2A-4CCE-B6B8-B88FFC6327EC} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4102688973-2130496443-4087980055-1000 -> {F50431DE-C870-49C9-B89B-3F6947D72D32} URL = http://search.yahoo....02,20028,0,85,0
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\gismeu\AppData\Roaming\Mozilla\Firefox\Profiles\apobfhff.default-1419554762374
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4102688973-2130496443-4087980055-1000: @citrixonline.com/appdetectorplugin -> C:\Users\gismeu\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-4102688973-2130496443-4087980055-1000: tdameritrade.com/thinkorswim -> C:\Program Files (x86)\thinkorswim\npthinkorswim.dll (TD Ameritrade)
FF Plugin HKU\S-1-5-21-4102688973-2130496443-4087980055-1000: tdameritrade.com/tossc -> C:\Program Files (x86)\thinkorswim\nptossc.dll (TD Ameritrade)
FF Plugin ProgramFiles/Appdata: C:\Users\gismeu\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: Adblock Plus - C:\Users\gismeu\AppData\Roaming\Mozilla\Firefox\Profiles\apobfhff.default-1419554762374\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-29]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21]
Chrome:
=======
CHR Profile: C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-06]
CHR Extension: (Google Docs) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Google Drive) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-24]
CHR Extension: (YouTube) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-06]
CHR Extension: (Google Search) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-06]
CHR Extension: (Google Sheets) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-06]
CHR Extension: (Google Wallet) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-24]
CHR Extension: (Gmail) - C:\Users\gismeu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432592 2014-11-04] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4942384 2014-10-17] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-21] (IObit)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-05-07] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2013-05-07] (Alcatel-Lucent) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-15] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S4 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited) [File not signed]
S4 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-29] (Lenovo Group Limited)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-14] (AVG Technologies)
S3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [143320 2009-05-18] (JMicron Technology Corporation) [File not signed]
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2013-05-07] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2013-05-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2013-05-07] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2013-05-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys [845464 2015-01-14] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2014-12-22] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2014-12-22] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2014-12-22] (IBM Corp.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-01-01] ()
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2010-08-24] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 12:09 - 2015-01-23 12:09 - 00565252 _____ () C:\Users\gismeu\Downloads\10.mpg
2015-01-22 19:14 - 2015-01-22 19:14 - 03353776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-01-21 19:46 - 2015-01-21 19:46 - 00000000 ____D () C:\Users\gismeu\AppData\Roaming\PCDr
2015-01-21 18:53 - 2015-01-21 18:53 - 00002888 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_gismeu
2015-01-21 18:53 - 2015-01-21 18:53 - 00000000 ____D () C:\Users\gismeu\AppData\Roaming\ProductData
2015-01-21 18:52 - 2015-01-21 18:53 - 00000000 ____D () C:\Users\gismeu\AppData\Roaming\IObit
2015-01-21 18:52 - 2015-01-21 18:53 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-21 18:52 - 2015-01-21 18:53 - 00000000 ____D () C:\ProgramData\IObit
2015-01-21 18:52 - 2015-01-21 18:53 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-21 18:52 - 2015-01-21 18:52 - 00001227 _____ () C:\Users\gismeu\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-01-21 18:52 - 2015-01-21 18:52 - 00001203 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-01-21 18:40 - 2015-01-21 18:41 - 15971616 _____ (IObit) C:\Users\gismeu\Downloads\iobituninstaller.exe
2015-01-19 09:52 - 2015-01-19 09:53 - 00031978 _____ () C:\Users\gismeu\Desktop\Addition.txt
2015-01-19 09:50 - 2015-01-23 13:41 - 00018600 _____ () C:\Users\gismeu\Desktop\FRST.txt
2015-01-19 09:49 - 2015-01-19 09:49 - 02126848 _____ (Farbar) C:\Users\gismeu\Desktop\FRST64.exe
2015-01-19 09:49 - 2015-01-19 09:49 - 00000000 ____D () C:\Users\gismeu\Desktop\FRST-OlderVersion
2015-01-17 13:18 - 2015-01-17 13:19 - 00852504 _____ () C:\Users\gismeu\Desktop\SecurityCheck.exe
2015-01-15 12:45 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 12:45 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 12:45 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 12:45 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-15 12:45 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 18:39 - 2015-01-14 18:39 - 00000796 _____ () C:\Users\gismeu\Desktop\ESET.txt
2015-01-14 16:49 - 2015-01-14 16:49 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-14 15:16 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:16 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:16 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:15 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:15 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:15 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:15 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:15 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 15:12 - 2015-01-14 15:12 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-14 14:37 - 2015-01-14 14:37 - 00000000 __SHD () C:\Users\gismeu\AppData\Local\EmieBrowserModeList
2015-01-14 14:23 - 2015-01-14 14:23 - 00448512 _____ (OldTimer Tools) C:\Users\gismeu\Desktop\TFC.exe
2015-01-12 17:20 - 2015-01-12 17:26 - 00000000 ____D () C:\Users\gismeu\Desktop\LINDA
2015-01-10 14:15 - 2015-01-10 14:15 - 00945937 _____ () C:\Users\gismeu\Downloads\TFTD_TF_sm_chunk_DH.wmv
2015-01-02 21:00 - 2015-01-02 21:00 - 00025988 _____ () C:\Users\gismeu\Desktop\AMEX Tax 2014.odt
2015-01-02 00:16 - 2015-01-02 00:16 - 00000000 ____D () C:\Windows\ERUNT
2015-01-01 23:42 - 2015-01-01 23:51 - 00000000 ____D () C:\AdwCleaner
2015-01-01 23:38 - 2015-01-01 23:38 - 02173952 _____ () C:\Users\gismeu\Desktop\adwcleaner_4.106.exe
2015-01-01 23:38 - 2015-01-01 23:38 - 01707939 _____ (Thisisu) C:\Users\gismeu\Desktop\JRT.exe
2015-01-01 23:23 - 2015-01-23 13:36 - 00000000 ____D () C:\FRST
2014-12-30 15:12 - 2014-12-30 15:13 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-30 15:11 - 2014-12-31 11:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-30 15:11 - 2014-12-30 15:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-29 10:47 - 2014-12-29 13:31 - 00000000 ____D () C:\Users\gismeu\Desktop\USA TAX 2
2014-12-29 07:42 - 2014-12-29 07:42 - 00007142 _____ () C:\Users\gismeu\Desktop\smile recent items.htm
2014-12-29 07:42 - 2014-12-29 07:42 - 00000000 ____D () C:\Users\gismeu\Desktop\smile recent items_files
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 13:39 - 2011-06-10 13:47 - 01913289 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 13:33 - 2014-02-20 12:30 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4102688973-2130496443-4087980055-1000.job
2015-01-23 13:18 - 2014-11-21 17:46 - 00000000 ____D () C:\ProgramData\MCShield
2015-01-23 13:17 - 2014-06-14 20:38 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 13:16 - 2014-02-20 23:09 - 00077426 _____ () C:\Windows\setupact.log
2015-01-23 13:16 - 2011-11-30 22:25 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-23 13:16 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 13:11 - 2011-07-28 23:47 - 00000000 ____D () C:\Users\gismeu
2015-01-23 13:10 - 2014-05-28 22:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 13:10 - 2012-03-27 06:02 - 00000000 ____D () C:\Users\gismeu\AppData\Local\CrashDumps
2015-01-23 13:05 - 2014-06-14 20:38 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 13:00 - 2011-11-30 22:25 - 00003490 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-01-23 13:00 - 2011-11-30 22:25 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-01-23 12:14 - 2009-07-13 23:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 12:14 - 2009-07-13 23:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 11:55 - 2013-07-02 09:47 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-22 22:26 - 2009-07-14 00:13 - 00868630 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 21:27 - 2011-07-29 14:03 - 00000000 ____D () C:\Users\gismeu\AppData\Roaming\Skype
2015-01-22 19:27 - 2014-06-14 20:39 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-22 19:15 - 2014-05-28 22:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-22 19:15 - 2014-05-28 22:14 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-22 19:15 - 2014-05-28 22:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 19:02 - 2012-10-12 12:00 - 00000106 _____ () C:\Users\gismeu\MASTER
2015-01-22 19:02 - 2012-09-28 23:48 - 00000384 _____ () C:\Users\gismeu\EMASTER
2015-01-22 15:10 - 2014-02-20 23:09 - 00358038 _____ () C:\Windows\PFRO.log
2015-01-22 15:10 - 2011-11-30 22:25 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-01-21 19:27 - 2011-11-30 22:25 - 00004230 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-01-21 19:27 - 2011-11-07 02:05 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-21 19:27 - 2011-06-10 14:12 - 00000000 ____D () C:\ProgramData\PCDr
2015-01-21 18:49 - 2014-12-09 10:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-20 14:16 - 2011-08-07 11:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-20 14:16 - 2011-07-29 14:02 - 00000000 ____D () C:\ProgramData\Skype
2015-01-19 22:20 - 2013-04-14 20:45 - 00000000 ____D () C:\Users\gismeu\.thinkorswim
2015-01-19 22:20 - 2011-07-29 00:31 - 00000000 ____D () C:\Program Files (x86)\thinkorswim
2015-01-19 19:14 - 2013-08-06 01:31 - 00000000 ____D () C:\Users\gismeu\Desktop\EMIN
2015-01-19 14:49 - 2014-02-20 12:30 - 00003592 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4102688973-2130496443-4087980055-1000
2015-01-14 21:18 - 2013-08-03 02:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 21:03 - 2011-07-30 12:05 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 19:08 - 2011-07-29 00:48 - 00000000 ____D () C:\Jts
2015-01-14 14:49 - 2013-08-01 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-01-13 13:59 - 2011-06-10 14:00 - 00000000 ____D () C:\swshare
2015-01-13 13:22 - 2013-12-17 11:02 - 00000000 ____D () C:\Users\gismeu\Desktop\GLOBAL SSN_files
2015-01-13 13:22 - 2013-11-12 18:56 - 00000000 ____D () C:\Users\gismeu\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
2015-01-13 13:22 - 2013-01-30 13:21 - 00000000 ____D () C:\Users\DefaultAppPool
2015-01-13 13:22 - 2011-07-30 19:08 - 00000000 ____D () C:\Users\gismeu\Matrix
2015-01-13 13:22 - 2011-06-10 14:14 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2015-01-13 13:22 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-13 13:20 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2015-01-13 13:19 - 2013-12-21 10:13 - 00000000 ____D () C:\Users\gismeu\Desktop\Old Firefox Data
2015-01-13 13:18 - 2011-08-02 00:22 - 00000000 ____D () C:\Users\gismeu\AppData\Roaming\SoftGrid Client
2015-01-12 17:32 - 2014-06-11 07:20 - 00000000 ____D () C:\Users\gismeu\Desktop\GANN
2015-01-12 17:29 - 2012-08-17 11:06 - 00000000 ____D () C:\Users\gismeu\Desktop\USA TAX
2015-01-12 17:27 - 2013-08-28 15:09 - 00000000 ____D () C:\Users\gismeu\Desktop\MAYBE
2015-01-10 17:38 - 2013-11-01 07:46 - 00605257 _____ () C:\Users\gismeu\Desktop\AAA 2014.ods
2015-01-07 13:38 - 2012-10-15 08:25 - 00134656 ___SH () C:\Users\gismeu\Thumbs.db
2015-01-05 18:31 - 2012-07-24 04:14 - 00078493 _____ () C:\Users\gismeu\Desktop\FFO 2014.odt
2015-01-05 17:44 - 2011-07-30 03:16 - 00159680 _____ () C:\Users\gismeu\Desktop\REFERENCE 3-9-08 April 09.ods
2015-01-01 22:36 - 2014-09-14 07:13 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-12-31 11:31 - 2010-11-21 02:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-31 11:30 - 2013-01-30 13:21 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-31 11:30 - 2013-01-30 13:21 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Local\Trusteer
2014-12-31 11:27 - 2014-11-30 21:53 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-12-31 11:27 - 2011-08-02 00:27 - 00000000 __RHD () C:\MSOCache
2014-12-30 23:07 - 2013-07-02 09:47 - 00000000 ____D () C:\Users\gismeu\AppData\Local\Avg2013
2014-12-25 21:36 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-25 19:11 - 2009-07-14 00:08 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2011-08-04 13:21 - 2011-06-07 14:49 - 0004871 _____ () C:\Program Files (x86)\SLV 11.portfolio
2014-12-17 19:54 - 2014-12-17 19:54 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2014-12-17 19:54 - 2014-12-17 19:54 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2013-07-05 10:45 - 2013-07-07 19:50 - 0000960 _____ () C:\Users\gismeu\AppData\Roaming\.starmoon_kst.cfg
2013-02-12 08:56 - 2013-02-12 08:56 - 0007606 _____ () C:\Users\gismeu\AppData\Local\Resmon.ResmonCfg
2014-09-12 03:27 - 2014-09-12 03:27 - 0000000 _____ () C:\Users\gismeu\AppData\Local\{9A0E4B64-F871-4096-9115-58A4617EFA3B}
2013-09-05 13:30 - 2013-09-05 13:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-08-24 19:33 - 2013-08-24 19:33 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2012-09-27 20:35 - 2012-09-27 20:35 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-21 19:22
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by gismeu at 2015-01-23 13:42:47
Running from C:\Users\gismeu\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Registry Patch to arrange icons in Device and Printers folder of Windows 7 (HKLM\...\W7DevOR) (Version: 1.00 - )
Access Help (HKLM-x32\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Anvil Studio (HKLM-x32\...\{B2D2B7EF-2D0F-4E54-97DE-ED1445501B52}) (Version: 14.02.03 - Willow Software)
Anvil Studio 2012 (HKLM-x32\...\{29DFE555-55E2-48EC-BB5B-64E4B277674F}) (Version: 12.09.02 - Willow Software)
Anvil Studio 2015 (HKLM-x32\...\{CB7212EA-21F9-4EF4-B289-9D69E28EE68D}) (Version: 15.01.11 - Willow Software)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies)
AVG 2013 (Version: 13.0.3495 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4257 - AVG Technologies) Hidden
AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4000.108 - AVG Technologies) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DriverUpdate (HKLM-x32\...\{E2A3A216-9DFE-4EC1-AA69-162588FEF014}) (Version: 2.2.36929 - SlimWare Utilities, Inc.)
Gannalyst Professional 5.0 (HKLM-x32\...\Gannalyst Professional 5.0_is1) (Version: - Gannalyst.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 6.4.10.2185 (HKU\S-1-5-21-4102688973-2130496443-4087980055-1000\...\GoToMeeting) (Version: 6.4.10.2185 - CitrixOnline)
HQuote (HKLM-x32\...\HQuote) (Version: - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband (HKLM-x32\...\{986AB50A-A527-4F6D-8E8B-87FC3F0C2DBA}) (Version: 3.6.0006 - Lenovo)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
QTrader (HKLM-x32\...\{41E28620-030B-4961-B4F5-8FB8E690582B}) (Version: 15.7.802 - CQG)
Rapport (Version: 3.5.1205.12 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1404.61 - Trusteer) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6146 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
SE_Aspectarian v1.26 (HKLM-x32\...\SE_Aspectarian_is1) (Version: - Allen Edwall/AstroWin)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Icons for Lenovo (HKLM-x32\...\{B334D9AE-1393-423E-97C0-3BDC3360E692}) (Version: 2.0.0 - Lenovo)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
StarFisher (HKLM-x32\...\{21C17FA8-28CA-4F00-80F1-1F96FACEC060}_is1) (Version: 0.8.5.4 - Tomas Kubec - OrionSoft)
thinkorswim (HKLM-x32\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.15 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.30 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.97 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.72 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 1.42 - Lenovo)
Timing Solution Demo Version (HKLM-x32\...\Timing Solution Demo Version) (Version: - )
Trader Excel Add-In 3.3 (HKLM-x32\...\Trader Excel Add-In_is1) (Version: - Open E Cry, LLC)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Driver Package - Intel (iaStor) hdc (01/15/2010 9.5.7.1002) (HKLM\...\C39A7AFB5CAF49F10B9573FFE2E981F1AB2074B6) (Version: 01/15/2010 9.5.7.1002 - Intel)
Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (HKLM\...\114EB224AD576F278686036AA9E1EFB7847E3935) (Version: 11/18/2009 1.60.0.4 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Wise Program Uninstaller 1.65 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 1.65 - WiseCleaner.com, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4102688973-2130496443-4087980055-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\gismeu\AppData\Local\Citrix\GoToMeeting\2031\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
==================== Restore Points =========================
02-01-2015 00:14:19 Installed Rapport
12-01-2015 19:36:10 Restore Point Created by FRST
12-01-2015 20:02:01 Installed Rapport
14-01-2015 14:48:13 Installed Rapport
14-01-2015 21:01:46 Windows Update
15-01-2015 12:48:38 Windows Update
21-01-2015 19:25:38 Removed AVG PC TuneUp 2014
21-01-2015 19:27:11 Removed AVG PC TuneUp 2014 (en-US)
23-01-2015 13:10:40 Restore Point Created by FRST
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01BD4E26-55E1-4F64-A5B7-7BE8CCC58C7F} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {147478B3-293E-46BF-B3BA-F0E4624189FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-14] (Google Inc.)
Task: {19E4F08B-6F45-4DA3-AFDC-82EBC3FB5FC9} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)
Task: {1C11B708-2EAC-4C4C-BEB7-12E972593D0F} - System32\Tasks\{461E9536-DC2A-4586-B52E-AD3DC3ACDDEE} => Firefox.exe http://ui.skype.com/...all?page=tsBing
Task: {1E5DA755-3AC4-4A80-AEDB-D66D899830A0} - System32\Tasks\{D48658BC-119B-4EE2-B4BC-3F743CE316F3} => Firefox.exe http://ui.skype.com/...?LastError=1603
Task: {2AAE27B3-8E01-4F5B-B1B3-539CC89318F3} - System32\Tasks\G2MUpdateTask-S-1-5-21-4102688973-2130496443-4087980055-1000 => C:\Users\gismeu\AppData\Local\Citrix\GoToMeeting\2185\g2mupdate.exe [2015-01-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {349D0914-E27A-40E7-91EA-E41AEEBF1514} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-02-21] ()
Task: {41555BD1-F810-401A-9588-CEF2DB8C2C6D} - System32\Tasks\{3FCE6A68-FD74-4753-B886-321A23DBD7A6} => pcalua.exe -a C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE
Task: {464FB591-1A29-443F-A4A6-0B274ED07034} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {480EEA42-2AE7-40BD-9D0F-7BD98812C179} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {490B67E5-A0C6-4D4B-8CF7-9C7F7A9CDB53} - System32\Tasks\RunSmartLeapServiceCenter => C:\Users\gismeu\Downloads\ServiceCenter.exe
Task: {5BE35628-9A9E-4B25-A002-D4B0A6FD4E26} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {6283A799-2A08-42B1-8366-73F1C2ACECED} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {670BC3EA-8C7A-42B2-B6CF-C3908B9C662A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2010-08-24] (Lenovo Group Limited)
Task: {695244D2-9FC2-4885-962A-B66039EF1556} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe
Task: {6E860934-FD7A-4877-91B4-02C9A52ED227} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Task: {6FFD2AE0-FE74-41D7-A013-467AF8A55D12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-14] (Google Inc.)
Task: {809CDCC8-01C7-48C5-A681-46F5668C3403} - System32\Tasks\Trader Workstation Update => C:\Jts\WiseUpdt.exe
Task: {9721A84D-BC35-41D5-92A1-329312F71F10} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {9FB5B7AD-C22D-4BA1-9505-93776C4C9C54} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {A5169FF6-1BF6-4260-8019-B3B630965D19} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-22] (Adobe Systems Incorporated)
Task: {A6B698F0-4533-4944-80CF-E465149EEA4A} - System32\Tasks\{340124C1-FB07-4F34-A3AE-B6C9FA5F6778} => pcalua.exe -a "C:\Program Files (x86)\MetaTrader 4\Uninstall.exe"
Task: {B06A406B-B5CB-4592-85A8-EB2CA4A89803} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {B76104BB-182B-45BB-AA97-F0F5A96544EA} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()
Task: {BB937074-419E-4BFF-ADF5-99F7D6CF68AC} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {DCD9FD18-D5D5-46DC-9334-7A1A437D3098} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DEF1B57B-E5CE-4801-8D9B-32B4E2664242} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {E9009AD7-5EC2-4ADA-ACFD-41BB62DE1F44} - System32\Tasks\Message Center plus => C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {EAD8C249-30C2-4330-ACF0-EA73FC4DE603} - System32\Tasks\Uninstaller_SkipUac_gismeu => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-21] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4102688973-2130496443-4087980055-1000.job => C:\Users\gismeu\AppData\Local\Citrix\GoToMeeting\2185\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2009-09-21 17:04 - 2009-09-21 17:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2012-09-06 22:18 - 2012-09-06 22:18 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2014-12-09 10:00 - 2014-12-09 10:00 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-22 19:15 - 2015-01-22 19:15 - 16844464 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: RapportMgmtService => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SUService => 3
MSCONFIG\Services: ThinkVantage Registry Monitor Service => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: TVT Backup Service => 3
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
MSCONFIG\startupfolder: C:^Users^gismeu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^gismeu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: HP Officejet 4620 series (NET) => "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN35T3403D05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Launch Backup Service Once => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe -start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-4102688973-2130496443-4087980055-500 - Administrator - Disabled)
gismeu (S-1-5-21-4102688973-2130496443-4087980055-1000 - Administrator - Enabled) => C:\Users\gismeu
Guest (S-1-5-21-4102688973-2130496443-4087980055-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4102688973-2130496443-4087980055-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/23/2015 01:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 01:10:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {0c0bdbb7-01fc-4481-8930-0e813f9a2f58}
Error: (01/23/2015 01:10:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 34.0.5.5443, time stamp: 0x5475dd5d
Faulting module name: mozalloc.dll, version: 34.0.5.5443, time stamp: 0x5475d664
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x1234
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (01/23/2015 01:01:13 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7028) Asapi: (13:01:13:5410)(7028) S3LogPusherPlugin.Helper - Error -- 340 Unable to storage the test log to medium
Error: (01/23/2015 01:01:05 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7028) Asapi: (13:01:05:8350)(7028) libTonopahClient.UploadManager - Error -- 920 uploadPacket() S3 returned an error(AccessDenied: Invalid according to Policy: Policy expired.) http(403): <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Invalid according to Policy: Policy expired.</Message><RequestId>4D1635C2E15364B9</RequestId><HostId>W/baTE0kzHJ+VwhLWGwvL2rzQFudrIvnYEbL3gIyG4baiypU3NWZJofdHq6szQOpZYosVAeIDLg=</HostId></Error>
Error: (01/23/2015 00:54:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcSvc.exe, version: 5.9.7.95, time stamp: 0x50487c7e
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000326f1
Faulting process id: 0xc78
Faulting application start time: 0xAcSvc.exe0
Faulting application path: AcSvc.exe1
Faulting module path: AcSvc.exe2
Report Id: AcSvc.exe3
Error: (01/23/2015 11:50:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 06:20:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/22/2015 11:12:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcSvc.exe, version: 5.9.7.95, time stamp: 0x50487c7e
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000326f1
Faulting process id: 0xe48
Faulting application start time: 0xAcSvc.exe0
Faulting application path: AcSvc.exe1
Faulting module path: AcSvc.exe2
Report Id: AcSvc.exe3
Error: (01/22/2015 10:22:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/23/2015 01:36:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1070
Error: (01/23/2015 01:36:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Server service hung on starting.
Error: (01/23/2015 01:35:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4991D34B-80A1-4291-83B6-3328366B9097}
Error: (01/23/2015 01:34:08 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (01/23/2015 01:34:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Volume Shadow Copy service failed to start due to the following error:
%%1053
Error: (01/23/2015 01:33:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
Error: (01/23/2015 01:33:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Server service hung on starting.
Error: (01/23/2015 01:15:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (01/23/2015 01:15:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (01/23/2015 01:15:15 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5
Microsoft Office Sessions:
=========================
Error: (01/23/2015 01:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 01:10:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {0c0bdbb7-01fc-4481-8930-0e813f9a2f58}
Error: (01/23/2015 01:10:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425123401d037374824c97cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll21c251f1-a32b-11e4-b51b-e89a8f581443
Error: (01/23/2015 01:01:13 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7028) Asapi: (13:01:13:5410)(7028) S3LogPusherPlugin.Helper - Error -- 340 Unable to storage the test log to medium
Error: (01/23/2015 01:01:05 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7028) Asapi: (13:01:05:8350)(7028) libTonopahClient.UploadManager - Error -- 920 uploadPacket() S3 returned an error(AccessDenied: Invalid according to Policy: Policy expired.) http(403): <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Invalid according to Policy: Policy expired.</Message><RequestId>4D1635C2E15364B9</RequestId><HostId>W/baTE0kzHJ+VwhLWGwvL2rzQFudrIvnYEbL3gIyG4baiypU3NWZJofdHq6szQOpZYosVAeIDLg=</HostId></Error>
Error: (01/23/2015 00:54:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcSvc.exe5.9.7.9550487c7entdll.dll6.1.7601.18247521ea8e7c0000005000326f1c7801d0372cadb18f34C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dlle7a31358-a328-11e4-b51b-e89a8f581443
Error: (01/23/2015 11:50:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 06:20:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/22/2015 11:12:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcSvc.exe5.9.7.9550487c7entdll.dll6.1.7601.18247521ea8e7c0000005000326f1e4801d036bbbfcb2bd4C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Windows\SysWOW64\ntdll.dll04718fbc-a2b6-11e4-a11c-e89a8f581443
Error: (01/22/2015 10:22:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T6670 @ 2.20GHz
Percentage of memory in use: 64%
Total physical RAM: 1912.86 MB
Available physical RAM: 671.02 MB
Total Pagefile: 3825.72 MB
Available Pagefile: 1887.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:221.95 GB) (Free:152.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:2.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 6D47215F)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Thanks Sven