Step 4 results
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Owner (administrator) on OWNER-PC on 01-02-2015 17:21:58
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Windows\System32\DTS.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\System32\rpcnetp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2011-05-31] (AuthenTec, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [384344 2014-02-17] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2015-02-01] (AVAST Software)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53947;https=127.0.0.1:53947
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3197909458-829259112-1465450475-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?r...opt=0&ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3197909458-829259112-1465450475-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-01]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-01]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-01]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2011-05-31] () [File not signed]
R2 ATService; C:\Windows\system32\ATService.exe [2715976 2011-05-31] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-01] (AVAST Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-06-25] (Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2011-05-31] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-04-24] ()
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-01] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-01] (AVAST Software)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2015-02-01] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-01] ()
U3 aswMBR; \??\C:\Users\Owner\AppData\Local\Temp\aswMBR.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-01 17:09 - 2015-02-01 17:09 - 00001953 _____ () C:\Users\Owner\Desktop\aswMBR.txt
2015-02-01 17:09 - 2015-02-01 17:09 - 00000512 _____ () C:\Users\Owner\Desktop\MBR.dat
2015-02-01 17:07 - 2015-02-01 17:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 17:06 - 2015-02-01 17:06 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-01 17:06 - 2015-02-01 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-01 17:06 - 2015-02-01 17:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 17:06 - 2015-02-01 17:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-01 17:06 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-01 17:06 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-01 17:06 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-01 17:04 - 2015-02-01 17:04 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-01 17:02 - 2015-02-01 17:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2015-02-01 17:01 - 2015-02-01 17:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-01 17:01 - 2015-02-01 17:01 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-01 17:01 - 2015-02-01 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-01 16:59 - 2015-02-01 17:01 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-01 16:59 - 2015-02-01 17:01 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-01 16:59 - 2015-02-01 16:58 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1422828081687
2015-02-01 16:59 - 2015-02-01 16:58 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-02-01 16:59 - 2015-02-01 16:58 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-01 16:59 - 2015-02-01 16:58 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-01 16:59 - 2015-02-01 16:58 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-01 16:59 - 2015-02-01 16:58 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1422828084526
2015-02-01 16:59 - 2015-02-01 16:58 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-01 16:59 - 2015-02-01 16:58 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-01 16:58 - 2015-02-01 16:59 - 05198336 _____ (AVAST Software) C:\Users\Owner\Desktop\aswMBR.exe
2015-02-01 16:58 - 2015-02-01 16:58 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-01 16:58 - 2015-02-01 16:58 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-01 16:57 - 2015-02-01 16:57 - 05006864 _____ (AVAST Software) C:\Users\Owner\Desktop\avast_free_antivirus_setup_online.exe
2015-02-01 16:52 - 2015-02-01 16:52 - 00005554 _____ () C:\Users\Owner\Desktop\ListChkdskResult.txt
2015-02-01 15:07 - 2015-02-01 15:07 - 00197679 _____ () C:\Users\Owner\Desktop\ListChkdskResult.exe
2015-02-01 14:48 - 2015-02-01 14:48 - 00000633 _____ () C:\Users\Owner\Desktop\JRT.txt
2015-02-01 14:45 - 2015-02-01 14:45 - 00000000 ____D () C:\Windows\ERUNT
2015-02-01 14:43 - 2015-02-01 14:44 - 01707939 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2015-02-01 13:41 - 2015-02-01 13:42 - 00021320 _____ () C:\Users\Owner\Desktop\Addition.txt
2015-02-01 13:39 - 2015-02-01 17:22 - 00014030 _____ () C:\Users\Owner\Desktop\FRST.txt
2015-02-01 13:32 - 2015-02-01 17:22 - 00000000 ____D () C:\FRST
2015-02-01 13:32 - 2015-02-01 13:32 - 02131456 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2015-02-01 13:12 - 2015-02-01 13:35 - 00000000 ____D () C:\AdwCleaner
2015-02-01 13:11 - 2015-02-01 13:12 - 02194432 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2015-02-01 13:10 - 2015-02-01 13:10 - 00000000 ____D () C:\_OTL
2015-02-01 12:33 - 2015-02-01 12:33 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Desktop\OTL.exe
2015-02-01 10:35 - 2015-02-01 12:31 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Downloads\OTL (1).exe
2015-02-01 10:21 - 2015-02-01 10:21 - 00000000 ____D () C:\Users\Owner\Downloads\UFC.183.Silva.vs.Diaz.HDTV.x264-Streamsbay[rartv]
2015-01-31 14:47 - 2015-02-01 10:44 - 00086806 _____ () C:\Users\Owner\Downloads\OTL.Txt
2015-01-31 14:47 - 2015-01-31 14:47 - 00049670 _____ () C:\Users\Owner\Downloads\Extras.Txt
2015-01-31 14:37 - 2015-01-31 14:37 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Downloads\OTL.exe
2015-01-31 13:39 - 2015-01-31 13:39 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-31 13:39 - 2015-01-31 13:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-31 12:25 - 2015-01-31 12:31 - 441555769 ____R () C:\Users\Owner\Downloads\Banshee.S03E04.HDTV.x264-KILLERS.mp4
2015-01-25 11:18 - 2015-01-25 11:20 - 476189528 ____R () C:\Users\Owner\Downloads\Black.Sails.S02E01.HDTV.x264-KILLERS.mp4
2015-01-24 10:58 - 2015-01-24 10:59 - 00000000 ____D () C:\Users\Owner\Downloads\Banshee.S03E03.HDTV.x264-KILLERS[ettv]
2015-01-19 19:19 - 2015-01-19 19:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-18 10:28 - 2015-01-18 10:31 - 330803399 ____R () C:\Users\Owner\Downloads\Banshee.S03E02.HDTV.x264-KILLERS.mp4
2015-01-13 17:43 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 17:43 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 17:43 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:43 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:43 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:43 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:43 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:43 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:43 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 17:43 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 17:43 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 17:43 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 17:43 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-10 10:09 - 2015-01-10 10:13 - 377366600 ____R () C:\Users\Owner\Downloads\Banshee.S03E01.HDTV.x264-KILLERS.mp4
2015-01-07 16:24 - 2015-01-07 16:24 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WebTest
2015-01-05 16:33 - 2015-01-05 16:56 - 00001716 _____ () C:\Windows\SysWOW64\${LOGFILE}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-01 17:04 - 2014-12-15 17:25 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-01 17:03 - 2014-12-15 17:25 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2015-02-01 17:01 - 2014-12-15 17:26 - 00000000 ____D () C:\Program Files\Google
2015-02-01 16:58 - 2014-11-28 19:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-01 16:57 - 2009-07-13 23:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-01 16:57 - 2009-07-13 23:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-01 16:53 - 2013-07-29 15:05 - 02072624 _____ () C:\Windows\WindowsUpdate.log
2015-02-01 16:50 - 2014-10-01 14:02 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2015-02-01 16:50 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-01 16:49 - 2014-10-01 10:56 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2015-02-01 16:49 - 2014-10-01 10:56 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2015-02-01 16:49 - 2009-07-13 23:51 - 00033245 _____ () C:\Windows\setupact.log
2015-02-01 16:13 - 2009-07-14 00:13 - 00729392 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-01 15:39 - 2013-07-30 10:20 - 00493816 _____ () C:\Windows\PFRO.log
2015-02-01 11:34 - 2014-11-28 19:17 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2015-02-01 10:34 - 2014-11-28 21:23 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\uTorrent
2015-01-31 13:39 - 2014-09-30 10:46 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2015-01-19 18:22 - 2014-09-29 14:01 - 00766100 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-18 10:31 - 2014-12-06 20:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\PokerStars
2015-01-16 21:01 - 2013-07-29 18:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 20:56 - 2013-07-29 16:04 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-06 04:36 - 2013-07-29 15:31 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 16:49 - 2014-11-28 20:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-05 16:29 - 2009-07-13 21:34 - 00000505 _____ () C:\Windows\win.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-24 15:08
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Owner at 2015-02-01 17:22:42
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3197909458-829259112-1465450475-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Access Help (HKLM-x32\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0007 - Lenovo)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 en-US)) (Version: 31.3.0 - Mozilla)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version: - PokerStars.net)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.66.1 - Lenovo Group Limited)
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.4.0 - Lenovo Group Limited)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-01-2015 18:39:02 Windows Update
30-01-2015 19:24:22 Windows Defender Checkpoint
31-01-2015 12:20:45 avast! antivirus system restore point
31-01-2015 13:22:37 avast! antivirus system restore point
01-02-2015 10:16:08 avast! antivirus system restore point
01-02-2015 10:22:03 avast! antivirus system restore point
01-02-2015 12:16:53 Removed Java 7 Update 71
01-02-2015 12:17:29 Removed Java 7 Update 71
01-02-2015 12:18:44 Removed Java 7 Update 71
01-02-2015 12:21:03 Removed Java 7 Update 71
01-02-2015 12:53:54 Removed Java 7 Update 71
01-02-2015 13:03:11 Removed Java 7 Update 71
01-02-2015 13:10:30 OTL Restore Point - 2/1/2015 1:10:30 PM
01-02-2015 13:23:40 OTL Restore Point - 2/1/2015 1:23:37 PM
01-02-2015 13:51:12 Removed Java 7 Update 71
01-02-2015 14:38:43 Restore Point Created by FRST
01-02-2015 14:55:38 avast! antivirus system restore point
01-02-2015 16:11:43 Windows Update
01-02-2015 16:56:29 Removed Java 7 Update 71
01-02-2015 16:57:54 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A8FA264-6DBA-457A-99EB-7E3500FFB033} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-29] (Synaptics Incorporated)
Task: {5F5351DF-B18A-4FF2-B76F-B70CE272958F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-01] (AVAST Software)
Task: {B2151E45-D193-4BE6-86B9-7EE9A1FC3B98} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-06-25] (Lenovo Group Limited)
Task: {CD295AC8-2093-4030-A847-7B71C524F6E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {EB22FFB6-B057-4CBA-8EF4-F9215645A2F9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-04-24] ()
Task: {F9C4FF0D-E81D-43FF-B0D5-7ED8582FBCD6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
==================== Loaded Modules (whitelisted) =============
2011-05-31 05:29 - 2011-05-31 05:29 - 00117760 _____ () C:\Windows\system32\DTS.exe
2011-01-24 12:28 - 2011-01-24 12:28 - 00173344 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2014-09-27 15:15 - 2014-06-25 05:06 - 00104960 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2014-10-01 10:56 - 2015-02-01 16:49 - 00017920 _____ () C:\Windows\System32\rpcnetp.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-14 16:47 - 2014-03-14 16:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2015-02-01 16:59 - 2015-02-01 16:59 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
2015-02-01 16:58 - 2015-02-01 16:58 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3197909458-829259112-1465450475-500 - Administrator - Disabled)
Guest (S-1-5-21-3197909458-829259112-1465450475-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3197909458-829259112-1465450475-1004 - Limited - Enabled)
Owner (S-1-5-21-3197909458-829259112-1465450475-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/01/2015 05:01:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: msiexec.exe, version: 5.0.7601.17514, time stamp: 0x4ce79d93
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x0000000000018e5d
Faulting process id: 0x96c
Faulting application start time: 0xmsiexec.exe0
Faulting application path: msiexec.exe1
Faulting module path: msiexec.exe2
Report Id: msiexec.exe3
Error: (02/01/2015 04:57:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (02/01/2015 04:56:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: consent.exe, version: 6.1.7601.18493, time stamp: 0x538d8c78
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x0000000000018e5d
Faulting process id: 0xc90
Faulting application start time: 0xconsent.exe0
Faulting application path: consent.exe1
Faulting module path: consent.exe2
Report Id: consent.exe3
Error: (02/01/2015 04:56:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (02/01/2015 03:09:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 4bc
Start Time: 01d03e59788a0a30
Termination Time: 32
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:
Error: (02/01/2015 02:55:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (02/01/2015 02:54:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avastui.exe, version: 10.0.2208.726, time stamp: 0x547764ec
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xc06d007e
Fault offset: 0x0000c42d
Faulting process id: 0xb7c
Faulting application start time: 0xavastui.exe0
Faulting application path: avastui.exe1
Faulting module path: avastui.exe2
Report Id: avastui.exe3
System errors:
=============
Error: (02/01/2015 05:02:36 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
Error: (02/01/2015 05:02:17 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
Error: (02/01/2015 05:02:13 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
Error: (02/01/2015 05:02:13 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
Error: (02/01/2015 05:02:13 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
Error: (02/01/2015 05:02:13 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
Error: (02/01/2015 05:02:07 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
Error: (02/01/2015 05:02:03 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
Error: (02/01/2015 05:01:39 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
Error: (02/01/2015 05:01:34 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
Microsoft Office Sessions:
=========================
Error: (02/01/2015 05:01:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: msiexec.exe5.0.7601.175144ce79d93ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d96c01d03e69eb291d6bC:\Windows\system32\msiexec.exeC:\Windows\SYSTEM32\ntdll.dlld2389376-aa5d-11e4-9d71-904ce5da9a54
Error: (02/01/2015 04:57:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (02/01/2015 04:56:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: consent.exe6.1.7601.18493538d8c78ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5dc9001d03e69f9b6aca1C:\Windows\system32\consent.exeC:\Windows\SYSTEM32\ntdll.dll38a4b3f9-aa5d-11e4-9d71-904ce5da9a54
Error: (02/01/2015 04:56:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (02/01/2015 03:09:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174964bc01d03e59788a0a3032C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (02/01/2015 02:55:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (02/01/2015 02:54:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avastui.exe10.0.2208.726547764ecKERNELBASE.dll6.1.7601.1840953159a86c06d007e0000c42db7c01d03e58c092c45cC:\Program Files\AVAST Software\Avast\avastui.exeC:\Windows\syswow64\KERNELBASE.dll2c17b7db-aa4c-11e4-97aa-904ce5da9a54
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 39%
Total physical RAM: 3992.03 MB
Available physical RAM: 2415.35 MB
Total Pagefile: 7982.24 MB
Available Pagefile: 6264.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:57.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 75B04FE5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End Of Log ============================