Thanks dbreeze. Here are the 2 logs. Thank for your help.
Conrad
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by The Cross Family (administrator) on BALTHAZAAR on 23-01-2015 21:18:40
Running from C:\Users\The Cross Family\Desktop
Loaded Profiles: The Cross Family (Available profiles: The Cross Family)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\af65e71d-31c3-4462-81c1-ea97a71218ff.exe
(Farbar) C:\Users\The Cross Family\Desktop\FARBAR RECOVERY SCAN TOOL 64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-655021921-481352255-711363081-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-655021921-481352255-711363081-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-655021921-481352255-711363081-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=fp-yie11
HKU\S-1-5-21-655021921-481352255-711363081-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.yahoo.com/?fr=fp-yie11
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope {AEEB4D6E-F934-4B71-BE9D-D6D55C3B247B} URL =
SearchScopes: HKU\S-1-5-21-655021921-481352255-711363081-1001 -> DefaultScope {7F9E2D3B-70C9-41D8-B9EF-71DF17886010} URL = http://www.google.co...1I7ADRA_enUS466
SearchScopes: HKU\S-1-5-21-655021921-481352255-711363081-1001 -> {19AEF087-A8F4-4B52-82C4-4CE8C43118DA} URL = https://search.yahoo...-8&fr=chr-yie11
SearchScopes: HKU\S-1-5-21-655021921-481352255-711363081-1001 -> {56215151-D805-41CB-92D7-4859E56FD385} URL = https://delicious.co...?p={searchTerms}
SearchScopes: HKU\S-1-5-21-655021921-481352255-711363081-1001 -> {776228B8-FE0C-48BC-A99A-7D399A39B280} URL = http://search.yahoo....&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-655021921-481352255-711363081-1001 -> {7F9E2D3B-70C9-41D8-B9EF-71DF17886010} URL = http://www.google.co...1I7ADRA_enUS466
SearchScopes: HKU\S-1-5-21-655021921-481352255-711363081-1001 -> {FE698C3E-102A-4D42-94B3-E3EA0B1637F7} URL = https://www.flickr.c...?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-655021921-481352255-711363081-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-07]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-01-08]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-04]
FF HKU\S-1-5-21-655021921-481352255-711363081-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR DefaultSearchKeyword: Default -> search.conduit.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-24]
CHR Extension: (Google Drive) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24]
CHR Extension: (Google Search) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24]
CHR Extension: (Avast Online Security) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-04]
CHR Extension: (Skype Click to Call) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-24]
CHR Extension: (Google Wallet) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07]
CHR Extension: (Gmail) - C:\Users\The Cross Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24]
CHR HKU\S-1-5-21-655021921-481352255-711363081-1001\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\The Cross Family\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-13]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\The Cross Family\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-07-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-13] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-13] (Avast Software)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-13] ()
R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1212416 2010-11-11] (AVerMedia TECHNOLOGIES, Inc.)
R3 FintekCIR; C:\Windows\System32\DRIVERS\FintekCIR.sys [30248 2009-11-13] (Fintek)
R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [25080 2009-09-16] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-08-02] (Apple, Inc.) [File not signed]
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-13] (Avast Software)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 21:18 - 2015-01-23 21:19 - 00021462 _____ () C:\Users\The Cross Family\Desktop\FRST.txt
2015-01-23 21:17 - 2015-01-23 21:18 - 00000000 ____D () C:\FRST
2015-01-23 21:17 - 2015-01-23 21:17 - 02126848 _____ (Farbar) C:\Users\The Cross Family\Desktop\FARBAR RECOVERY SCAN TOOL 64.exe
2015-01-16 17:29 - 2015-01-16 17:29 - 00000000 ____D () C:\Users\The Cross Family\AppData\Local\{BE5D39E0-5A02-4458-AB01-E496200EAAC3}
2015-01-16 17:29 - 2015-01-16 17:29 - 00000000 ____D () C:\Users\The Cross Family\AppData\Local\{3EB7F060-DF77-4AE3-8624-152B6D8BD424}
2015-01-16 17:15 - 2015-01-16 17:15 - 00000000 ____D () C:\Users\The Cross Family\AppData\Local\{BAF76B97-AD35-406A-A5E3-2923109BAA1D}
2015-01-15 21:17 - 2015-01-15 21:23 - 00000000 ____D () C:\Users\The Cross Family\Desktop\VIDEO_TS
2015-01-15 21:17 - 2014-12-11 09:22 - 00000000 ____D () C:\Users\The Cross Family\Desktop\AUDIO_TS
2015-01-15 21:15 - 2015-01-15 21:15 - 02661201 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2015-01-15_211519.ZIP
2015-01-14 18:19 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 18:19 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 18:19 - 2014-12-11 23:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 18:19 - 2014-12-11 23:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 18:19 - 2014-12-11 11:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 18:19 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 18:19 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 18:19 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 18:18 - 2014-12-11 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 18:18 - 2014-12-11 23:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 18:18 - 2014-12-11 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 18:18 - 2014-12-11 23:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 18:18 - 2014-12-11 23:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-11 23:54 - 2015-01-11 23:54 - 02661201 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2015-01-11_235358.ZIP
2015-01-10 18:59 - 2015-01-10 18:59 - 02574289 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2015-01-10_185946.ZIP
2014-12-25 12:23 - 2014-12-25 12:24 - 00172032 _____ () C:\Users\The Cross Family\Documents\Christmas Menu-2014.sig
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 21:18 - 2009-07-13 22:45 - 00022576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:18 - 2009-07-13 22:45 - 00022576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:17 - 2012-01-14 13:32 - 02051265 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 21:17 - 2009-07-13 23:13 - 00795858 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 21:11 - 2013-11-04 19:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-23 21:11 - 2013-09-11 14:08 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 21:10 - 2014-01-05 15:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 21:10 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 21:10 - 2009-07-13 22:51 - 00430798 _____ () C:\Windows\setupact.log
2015-01-22 19:16 - 2012-01-07 19:36 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EEB956F7-701D-4F90-8997-5B37BB3CC214}
2015-01-22 19:14 - 2014-01-05 15:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-22 19:13 - 2014-05-05 17:38 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf68bb19efa59a.job
2015-01-22 19:13 - 2014-01-05 15:27 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-22 19:13 - 2014-01-05 15:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-21 13:38 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-16 17:29 - 2013-01-04 21:02 - 00000000 ____D () C:\Users\The Cross Family\AppData\Local\Windows Live
2015-01-16 17:28 - 2013-06-20 09:23 - 00000000 ____D () C:\Users\The Cross Family\AppData\Roaming\Real
2015-01-16 17:28 - 2013-06-20 09:23 - 00000000 ____D () C:\Program Files (x86)\Real
2015-01-16 17:28 - 2013-06-20 09:20 - 00000000 ____D () C:\ProgramData\Real
2015-01-16 17:28 - 2012-02-04 20:56 - 00000000 ____D () C:\Program Files (x86)\Web Publish
2015-01-16 17:06 - 2012-01-08 19:22 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-01-16 17:06 - 2012-01-08 19:22 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-01-16 17:06 - 2012-01-08 19:22 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2015-01-16 17:06 - 2012-01-08 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-01-15 21:15 - 2013-01-05 11:55 - 00000000 ____D () C:\Users\The Cross Family\AppData\Roaming\Blvd
2015-01-15 19:55 - 2014-12-13 13:04 - 00003366 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-655021921-481352255-711363081-1001
2015-01-15 19:55 - 2014-10-16 21:31 - 00003254 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-655021921-481352255-711363081-1001
2015-01-14 20:09 - 2013-08-18 21:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 19:59 - 2012-01-20 09:11 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-06 04:36 - 2012-01-07 20:01 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-25 12:06 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2012-01-15 13:19 - 2012-01-15 13:19 - 2842674 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-15_111923.zdb
2012-01-15 16:10 - 2012-01-15 16:10 - 2842675 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-15_141048.zdb
2012-01-16 00:49 - 2012-01-16 00:49 - 2850107 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-15_224944.zdb
2012-01-18 09:52 - 2012-01-18 09:52 - 2862537 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-18_075206.zdb
2012-01-20 09:08 - 2012-01-20 09:08 - 2888193 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-20_070804.zdb
2012-01-20 15:14 - 2012-01-20 15:14 - 2888191 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-20_131452.zdb
2012-01-21 15:27 - 2012-01-21 15:27 - 2899672 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-21_132717.zdb
2012-01-22 21:51 - 2012-01-22 21:51 - 2901671 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-22_215154.zdb
2012-01-23 17:42 - 2012-01-23 17:42 - 2901671 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-23_174230.zdb
2012-01-24 16:33 - 2012-01-24 16:33 - 2902379 _____ () C:\Users\The Cross Family\AppData\Roaming\Blvd Backup_2012-01-24_163317.zdb
2014-06-25 10:41 - 2014-06-25 10:41 - 2678327 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2014-06-25_114105.ZIP
2014-07-04 07:51 - 2014-07-04 07:51 - 2570326 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2014-07-04_085104.ZIP
2014-07-07 06:29 - 2014-07-07 06:29 - 2656454 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2014-07-07_072937.ZIP
2014-07-08 19:32 - 2014-07-08 19:32 - 2656454 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2014-07-08_203247.ZIP
2014-08-22 09:41 - 2014-08-22 09:41 - 2570396 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2014-08-22_104110.ZIP
2014-08-22 20:29 - 2014-08-22 20:29 - 2656543 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2014-08-22_212949.ZIP
2014-11-27 17:31 - 2014-11-27 17:31 - 2571016 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2014-11-27_173117.ZIP
2015-01-10 18:59 - 2015-01-10 18:59 - 2574289 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2015-01-10_185946.ZIP
2015-01-11 23:54 - 2015-01-11 23:54 - 2661201 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2015-01-11_235358.ZIP
2015-01-15 21:15 - 2015-01-15 21:15 - 2661201 _____ () C:\Users\The Cross Family\AppData\Roaming\BLVD BACKUP_2015-01-15_211519.ZIP
2012-12-09 07:35 - 2012-12-09 07:36 - 95023320 ____T () C:\ProgramData\06811000sm.pad
2012-02-01 20:10 - 2014-01-24 15:03 - 0013230 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\ProgramData\06811000sm.pad
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 18:44
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by The Cross Family at 2015-01-23 21:19:43
Running from C:\Users\The Cross Family\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3100_3200_3300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
3100_3200_3300trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
3300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro (HKLM-x32\...\{AC76BA86-1033-0000-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARIA Engine v1.5.0.4 (HKLM\...\ARIA Engine_is1) (Version: v1.5.0.4 - Plogue Art et Technologie, Inc)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Boulevard 2014 (HKLM-x32\...\{BA7B1397-786D-44FB-A1A4-702D7CCB60D5}) (Version: 19.03.102 - Main Street Software, Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-655021921-481352255-711363081-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Finale 2012 (HKLM-x32\...\Finale 2012) (Version: 2012.c.r13.3 - MakeMusic)
Finale PrintMusic 2010 (HKLM-x32\...\Finale PrintMusic 2010) (Version: 15.0.1.1 - MakeMusic)
Garritan ARIA Player vAppVersion=v1.504 (HKLM\...\__ARIA_1012___is1) (Version: v1.5.0.4 - Garritan)
Garritan Instruments for Finale (HKLM\...\__ARIA_1013___is1) (Version: v1.5.0.0 - Garritan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.11.31 - Intuit)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6053 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
The Print Shop 23 (HKLM-x32\...\{D49B0B95-DF54-40E9-9169-8BB6A6A1E03F}) (Version: 23.00 - Broderbund Software)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Yahoo Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-655021921-481352255-711363081-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-655021921-481352255-711363081-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-655021921-481352255-711363081-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-655021921-481352255-711363081-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\The Cross Family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
16-12-2014 15:55:31 Windows Update
18-12-2014 07:00:26 Windows Update
23-12-2014 13:17:52 Windows Update
28-12-2014 00:34:27 Windows Update
03-01-2015 15:11:15 Windows Update
09-01-2015 09:40:20 Windows Update
14-01-2015 18:18:38 Windows Update
14-01-2015 19:59:08 Windows Update
16-01-2015 17:25:25 Removed Bonjour
16-01-2015 17:26:32 Removed Apple Application Support
20-01-2015 15:44:34 Windows Update
23-01-2015 21:15:51 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2013-11-01 19:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B92C90E-7FA2-4F09-B88D-19E5DBE8D1E0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1A920554-D87C-466F-A15F-15556646A0CB} - System32\Tasks\{7F0DCDF9-6846-4B1D-8E5B-66831A14F3F7} => Chrome.exe http://ui.skype.com/...?LastError=1618
Task: {3DD5DAA2-FB61-4887-8FE9-798944FCE480} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-22] (Adobe Systems Incorporated)
Task: {4D06F294-5753-4DB7-8090-29FABE57ED18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {6066138C-9847-4C8C-B9F2-87EE5CBA4B7A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-655021921-481352255-711363081-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {66E60B70-0D43-4568-8871-5C408162CD20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {AAF40B51-FDAA-472B-90DF-4C4D3A7C6AE4} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {AFF6BE24-6F22-4848-8002-017E687B5F58} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-13] (AVAST Software)
Task: {BE29B335-F41F-4805-85BE-732F56E4B613} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: {C96D8DCF-E0BA-4181-8B93-A634AC645CE8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf68bb19efa59a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {D604579E-E5C7-48B2-ADA4-B194690B2324} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-655021921-481352255-711363081-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F52FB3C9-97F3-4235-8D95-38ACC7A91D53} - System32\Tasks\{FCADF5EA-83AF-4094-B9E9-7C6DEE31E223} => pcalua.exe -a "C:\Users\The Cross Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YW040QKI\sp45602.exe" -d "C:\Users\The Cross Family\Desktop"
Task: {FABE9D3E-4DA7-4A05-AB6A-A27F7309CAD0} - System32\Tasks\{89BA761E-972E-43CA-B3D3-0F121C213B59} => pcalua.exe -a E:\setup.exe -d E:\
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf68bb19efa59a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2015-01-22 19:13 - 2015-01-22 19:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012202\algo.dll
2015-01-23 21:11 - 2015-01-23 21:11 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012301\algo.dll
2014-12-13 08:48 - 2014-12-13 08:48 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\The Cross Family\Documents\GIANT BOX O' FUN.nws:OECustomProperty
AlternateDataStreams: C:\Users\The Cross Family\Documents\Recipes, September 2012.nws:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Reminder.lnk => C:\Windows\pss\Event Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
========================= Accounts: ==========================
Administrator (S-1-5-21-655021921-481352255-711363081-500 - Administrator - Disabled)
ASPNET (S-1-5-21-655021921-481352255-711363081-1006 - Limited - Enabled)
Guest (S-1-5-21-655021921-481352255-711363081-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-655021921-481352255-711363081-1004 - Limited - Enabled)
The Cross Family (S-1-5-21-655021921-481352255-711363081-1001 - Administrator - Enabled) => C:\Users\The Cross Family
==================== Faulty Device Manager Devices =============
Name: Photosmart 3300 series
Description: Photosmart 3300 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Buttons and OSDs ACPI driver gen2
Description: Buttons and OSDs ACPI driver gen2
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ACPI
Service: ACPIService
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/23/2015 09:10:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/21/2015 02:10:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (01/23/2015 09:10:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee AP Service service failed to start due to the following error:
%%2
Error: (01/23/2015 09:10:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%14001
Error: (01/21/2015 01:37:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee AP Service service failed to start due to the following error:
%%2
Error: (01/21/2015 01:37:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%14001
Error: (01/20/2015 07:23:46 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (01/20/2015 07:23:45 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (01/20/2015 07:23:45 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (01/20/2015 07:23:44 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (01/20/2015 07:22:44 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer KAPUSTALINI
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9AD6B9A8-E581-48E6-A247-C44C0395B8AD}.
The master browser is stopping or an election is being forced.
Error: (01/16/2015 05:27:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%14001
Microsoft Office Sessions:
=========================
Error: (01/23/2015 09:10:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Error: (01/21/2015 02:10:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\upgradedb.exe
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\syncli.exe
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.exe
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.exe
Error: (01/21/2015 02:10:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.exe
Error: (01/21/2015 02:10:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.exe
Error: (01/21/2015 02:10:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.exe
Error: (01/21/2015 02:10:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncUIHandler.exe
CodeIntegrity Errors:
===================================
Date: 2014-08-17 19:04:08.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-17 19:04:08.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-17 19:04:08.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-17 19:04:08.115
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 18:06:15.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 18:06:15.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 18:06:15.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 18:06:15.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\The Cross Family\Desktop\Dad's Music Stuff\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-11-01 20:16:51.675
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-11-01 20:16:51.495
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 52%
Total physical RAM: 3831.11 MB
Available physical RAM: 1820.12 MB
Total Pagefile: 7660.41 MB
Available Pagefile: 5152.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.66 GB) (Free:3.12 GB) NTFS
Drive d: () (Fixed) (Total:12.67 GB) (Free:4.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: () (Removable) (Total:7.6 GB) (Free:2.62 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB859069)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.6 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
==================== End Of Log ============================