Hi,
here is is (hopefully).
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by r (administrator) on REBECCA on 08-02-2015 21:52:18
Running from C:\Users\r\Desktop
Loaded Profiles: r (Available profiles: r)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Marvell Semiconductors, Inc.) C:\Windows\System32\mvbtrcsvcx64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Spotify Ltd) C:\Users\r\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\r\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-01-10] (LogMeIn, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Run: [SkyDrive] => C:\Users\r\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-24] (Microsoft Corporation)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Run: [Spotify] => C:\Users\r\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-09] (Spotify Ltd)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Run: [Facebook Update] => C:\Users\r\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-14] (Facebook Inc.)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Run: [Spotify Web Helper] => C:\Users\r\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-09] (Spotify Ltd)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\MountPoints2: {89022983-0294-11e4-beb7-6045bde99481} - "D:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\MountPoints2: {97ed781e-f976-11e2-be6f-6045bde99481} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\MountPoints2: {ce47e6a6-d3a9-11e3-beae-6045bde99481} - "D:\LaunchU3.exe" -a
Startup: C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://t.ca.msn.com/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SeaverAidedOn -> {9ec91c84-306d-4daf-a58a-225ceec1857a} -> C:\Program Files (x86)\SeaverAidedOn\3R66sWSGa0z2ox.x64.dll ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: saver box -> {ea7d823d-d571-4b09-8e32-ba53cbc85a42} -> C:\Program Files (x86)\saver box\sOAv8OD1ratgIo.x64.dll ()
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: SeaverAidedOn -> {9ec91c84-306d-4daf-a58a-225ceec1857a} -> C:\Program Files (x86)\SeaverAidedOn\3R66sWSGa0z2ox.dll ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: saver box -> {ea7d823d-d571-4b09-8e32-ba53cbc85a42} -> C:\Program Files (x86)\saver box\sOAv8OD1ratgIo.dll ()
Toolbar: HKU\S-1-5-21-3972895398-2692782183-784820064-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3972895398-2692782183-784820064-1001 -> No Name - {1ADDAC21-D2DB-4C6A-8DD6-9E88D42BB035} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\r\AppData\Roaming\Mozilla\Firefox\Profiles\z693s1u3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=13.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2012\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=13.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2012\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3972895398-2692782183-784820064-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\r\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\r\AppData\Roaming\Mozilla\Firefox\Profiles\z693s1u3.default\user.js
FF SearchPlugin: C:\Users\r\AppData\Roaming\Mozilla\Firefox\Profiles\z693s1u3.default\searchplugins\yahoo-1.xml
FF Extension: CoupScaaNunnEer - C:\Users\r\AppData\Roaming\Mozilla\Firefox\Profiles\z693s1u3.default\Extensions\
[email protected] [2015-02-04]
FF Extension: SaverAddoNN - C:\Users\r\AppData\Roaming\Mozilla\Firefox\Profiles\z693s1u3.default\Extensions\
[email protected] [2015-02-04]
FF Extension: Adblock Plus - C:\Users\r\AppData\Roaming\Mozilla\Firefox\Profiles\z693s1u3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-24]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Bio3D) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2012\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
CHR Plugin: (ChemDraw) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2012\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DIRECTV Player) - C:\Users\r\AppData\Local\DIRECTV Player\npPlayerPlugin.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\r\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\r\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-20]
CHR Extension: (Google Drive) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-25]
CHR Extension: (YouTube) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-20]
CHR Extension: (Google Search) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-20]
CHR Extension: (Google Wallet) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Gmail) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-04-09] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [377704 2015-01-10] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2015-01-10] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-01-10] (LogMeIn, Inc.)
S3 Marvell AVASTAR Bluetooth Radio Adapter; C:\Windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.) [File not signed]
R2 Marvell Bluetooth Radio Control Service; C:\WINDOWS\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
U3 mvbtradio; C:\WINDOWS\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.) [File not signed]
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
S2 372ab9f0; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.31\OptProMon.dll",ENT
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-02-05] ()
S3 kbfilter; C:\Windows\System32\drivers\SurfaceTouchCover.sys [29256 2012-12-11] (Microsoft Corporation)
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-09-27] (Microsoft Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-01-10] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-26] (Intel Corporation)
R3 mwlu97w8; C:\Windows\system32\DRIVERS\mwlu97w8x64.sys [1602560 2014-05-28] (Marvell Semiconductors, Inc.)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R3 SurfaceAccessoryDevice; C:\Windows\System32\drivers\SurfaceAccessoryDevice.sys [1614768 2014-05-15] (Microsoft Corporation)
R3 TrackpadSettingsDriver; C:\Windows\System32\drivers\TrackpadSettingsDriver.sys [46168 2013-03-25] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 21:52 - 2015-02-08 21:52 - 00020145 _____ () C:\Users\r\Desktop\FRST.txt
2015-02-08 21:51 - 2015-02-08 21:52 - 00000000 ____D () C:\FRST
2015-02-08 21:50 - 2015-02-08 21:50 - 02132992 _____ (Farbar) C:\Users\r\Downloads\FRST64 (1).exe
2015-02-08 21:50 - 2015-02-08 21:50 - 02132992 _____ (Farbar) C:\Users\r\Desktop\FRST64 (1).exe
2015-02-08 17:48 - 2015-02-08 17:49 - 01085424 _____ (Download Manager) C:\Users\r\Downloads\Unconfirmed 178667.crdownload
2015-02-08 13:00 - 2015-02-08 13:00 - 00046712 _____ () C:\Users\r\Downloads\Thermal Data.xlsx
2015-02-08 12:35 - 2015-02-08 12:36 - 11252224 _____ () C:\Users\r\Downloads\hemophilia_VWD (1).ppt
2015-02-08 12:24 - 2015-02-08 12:24 - 11252224 _____ () C:\Users\r\Downloads\hemophilia_VWD.ppt
2015-02-08 12:24 - 2015-02-08 12:24 - 00664064 _____ () C:\Users\r\Downloads\309_33147_KofiAtsinaAbnormalBleedingAmbulatory.ppt
2015-02-08 11:05 - 2015-02-08 11:05 - 00001106 _____ () C:\Users\r\Downloads\FSS.txt
2015-02-08 11:03 - 2015-02-08 11:03 - 00415232 _____ (Farbar) C:\Users\r\Desktop\FSS.exe
2015-02-08 11:02 - 2015-02-08 11:02 - 01124352 _____ (Farbar) C:\Users\r\Downloads\FRST (1).exe
2015-02-08 10:59 - 2015-02-08 10:59 - 02132992 _____ (Farbar) C:\Users\r\Downloads\FRST64.exe
2015-02-08 10:58 - 2015-02-08 10:58 - 01124352 _____ (Farbar) C:\Users\r\Downloads\FRST.exe
2015-02-05 10:50 - 2015-02-05 10:50 - 00000000 ____D () C:\Users\r\AppData\Local\LogMeInIgnition
2015-02-05 10:47 - 2015-02-08 00:20 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-05 10:47 - 2015-02-06 13:36 - 00001027 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-02-05 10:47 - 2015-02-06 13:36 - 00001011 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-02-05 10:47 - 2015-02-05 10:52 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-02-05 10:47 - 2015-02-05 10:47 - 27684864 _____ () C:\Users\r\Downloads\LogMeIn.msi
2015-02-05 10:47 - 2015-02-05 10:47 - 00001024 _____ () C:\.rnd
2015-02-05 10:47 - 2015-02-05 10:47 - 00000000 ____D () C:\Users\r\AppData\Local\LogMeIn
2015-02-05 10:47 - 2015-01-10 10:46 - 00107392 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-02-05 10:47 - 2015-01-10 10:46 - 00092520 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2015-02-05 10:47 - 2015-01-10 10:46 - 00035688 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIport.dll
2015-02-05 10:47 - 2015-01-10 10:38 - 00072216 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIRfsDriver.sys
2015-02-05 10:31 - 2015-02-05 10:31 - 00002194 _____ () C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIDELITY IT (3).lnk
2015-02-05 10:30 - 2015-02-05 10:30 - 00043664 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-02-05 10:28 - 2015-02-05 10:28 - 00027228 _____ () C:\WINDOWS\system32\.crusader
2015-02-05 10:25 - 2015-02-05 10:28 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-05 10:24 - 2015-02-05 10:25 - 11225840 _____ (SurfRight B.V.) C:\Users\r\Downloads\HitmanPro_x64 (1).exe
2015-02-05 10:21 - 2015-02-05 10:22 - 11225840 _____ (SurfRight B.V.) C:\Users\r\Downloads\HitmanPro_x64.exe
2015-02-05 10:00 - 2015-02-05 10:00 - 00002194 _____ () C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIDELITY IT (2).lnk
2015-02-05 09:39 - 2015-02-08 18:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-05 09:39 - 2015-02-05 09:39 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-05 09:39 - 2015-02-05 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-05 09:39 - 2015-02-05 09:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-05 09:39 - 2015-02-05 09:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-05 09:39 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-05 09:39 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-05 09:39 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-05 09:38 - 2015-02-05 09:38 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\r\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-02-05 09:34 - 2015-02-05 09:34 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\r\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-05 09:32 - 2015-02-06 02:59 - 00000000 ____D () C:\Users\r\AppData\Local\LogMeIn Rescue Applet
2015-02-05 09:32 - 2015-02-05 09:32 - 00002220 _____ () C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIDELITY IT.lnk
2015-02-04 19:07 - 2015-02-08 10:51 - 00000020 _____ () C:\Users\r\AppData\Roaming\appdataFr3.bin
2015-02-03 19:12 - 2015-02-03 19:13 - 00000000 ____D () C:\Program Files (x86)\SaverAddoNN
2015-02-03 19:12 - 2015-02-03 19:13 - 00000000 ____D () C:\Program Files (x86)\saver box
2015-02-03 19:12 - 2015-02-03 19:12 - 00000000 ____D () C:\Program Files (x86)\Holmes
2015-02-03 08:20 - 2015-02-03 08:20 - 00000000 ____D () C:\ProgramData\occplolinipgdpodomnciceljmmiepog
2015-02-03 08:20 - 2015-02-03 08:20 - 00000000 ____D () C:\Program Files (x86)\Tumblr Shortcuts
2015-02-03 08:20 - 2015-02-03 08:20 - 00000000 ____D () C:\Program Files (x86)\realDealo
2015-02-03 03:20 - 2015-02-03 03:20 - 00000000 ____D () C:\Program Files (x86)\CoupScaaNunnEer
2015-02-02 23:17 - 2015-02-05 10:28 - 00000000 ____D () C:\Program Files (x86)\deaL4real
2015-02-02 23:17 - 2015-02-04 23:46 - 00000000 ____D () C:\ProgramData\10368842916747477957
2015-02-02 23:17 - 2015-02-02 23:17 - 00000000 ____D () C:\Program Files (x86)\SeaverAidedOn
2015-01-26 16:05 - 2015-01-26 16:05 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2015-01-21 07:59 - 2015-02-05 10:14 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-01-14 17:57 - 2015-01-20 15:16 - 00000000 ____D () C:\Users\r\AppData\Roaming\vlc
2015-01-14 17:56 - 2015-01-14 17:56 - 00003810 _____ () C:\WINDOWS\System32\Tasks\UpdateAdmin
2015-01-14 17:56 - 2015-01-14 17:56 - 00001089 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-14 17:56 - 2015-01-14 17:56 - 00000064 _____ () C:\Users\r\AppData\Local\bcafdfcff6a9e262160d7dea8733e42e
2015-01-14 17:56 - 2015-01-14 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-14 17:56 - 2015-01-14 17:56 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-01-14 00:15 - 2014-12-18 22:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 00:15 - 2014-12-11 18:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 00:15 - 2014-12-11 16:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 00:15 - 2014-12-08 17:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 00:15 - 2014-12-08 11:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 00:15 - 2014-12-08 11:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 00:15 - 2014-12-08 11:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 00:15 - 2014-12-08 11:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 00:15 - 2014-12-08 11:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 00:15 - 2014-12-08 11:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 00:15 - 2014-12-08 11:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 00:15 - 2014-12-08 11:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 00:15 - 2014-12-05 19:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 00:15 - 2014-12-05 17:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 00:15 - 2014-12-05 17:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 00:15 - 2014-10-28 20:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 00:15 - 2014-10-28 20:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 00:15 - 2014-10-28 19:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 00:15 - 2014-10-28 19:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 00:15 - 2014-10-28 19:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 00:15 - 2014-10-28 19:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 00:15 - 2014-10-28 19:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 00:15 - 2014-10-28 19:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 00:15 - 2014-10-28 19:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 00:15 - 2014-10-28 19:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 00:15 - 2014-10-28 19:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 00:15 - 2014-10-28 18:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 00:15 - 2014-10-28 17:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 00:15 - 2014-10-28 17:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 00:15 - 2014-10-28 17:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 00:15 - 2014-10-28 17:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-10 13:08 - 2015-01-10 13:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-10 12:59 - 2013-11-07 11:51 - 787751712 _____ () C:\Users\r\Desktop\Friday.Night.Lights.2004.720p.BrRip.x264.YIFY.mp4
2015-01-10 12:58 - 2015-01-10 13:00 - 00000000 ____D () C:\Users\r\Desktop\New Jack City (1991)
2015-01-10 12:58 - 2015-01-10 12:58 - 00000000 ____D () C:\Users\r\Desktop\The Other Woman (2014)
2015-01-10 12:57 - 2015-01-10 13:00 - 00000000 ____D () C:\Users\r\Desktop\In.Time.2011.R5.DVDRip.XVID.Clear.AC3.5.1.HQ.Hive-CM8
2015-01-10 12:44 - 2015-01-10 12:54 - 00000000 ____D () C:\Users\r\Desktop\Entourage
2015-01-10 10:38 - 2015-01-10 10:38 - 00035616 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\lmimirr.dll
2015-01-10 10:38 - 2015-01-10 10:38 - 00014624 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\lmimirr2.dll
2015-01-10 10:38 - 2015-01-10 10:38 - 00011552 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\lmimirr.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 21:46 - 2013-09-20 18:00 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 21:11 - 2013-08-22 06:46 - 00321358 _____ () C:\WINDOWS\setupact.log
2015-02-08 21:08 - 2014-03-18 23:31 - 01862151 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-08 21:08 - 2013-08-14 21:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-08 21:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-08 20:55 - 2014-11-09 13:47 - 00000346 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-02-08 19:27 - 2013-08-14 21:22 - 00000928 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3972895398-2692782183-784820064-1001UA.job
2015-02-08 18:15 - 2013-09-04 13:19 - 00175906 _____ () C:\Users\r\AppData\Local\CDXLExtendedShim.log
2015-02-08 18:15 - 2013-08-01 12:55 - 00004952 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for REBECCA-r Rebecca
2015-02-08 17:42 - 2014-04-12 19:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-08 17:00 - 2014-03-19 10:53 - 00003906 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C01D50BD-1025-4B42-8DEA-6F3A43570E7F}
2015-02-08 13:00 - 2013-07-30 16:17 - 00000000 ____D () C:\Users\r\AppData\Local\Packages
2015-02-08 11:19 - 2014-12-16 20:48 - 00003612 _____ () C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3972895398-2692782183-784820064-1001
2015-02-08 11:04 - 2013-08-06 23:24 - 00000000 ____D () C:\Users\r\AppData\Roaming\Spotify
2015-02-08 10:53 - 2013-07-30 16:28 - 00000000 ___DO () C:\Users\r\SkyDrive
2015-02-08 10:50 - 2013-09-20 18:00 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-07 22:27 - 2013-08-14 21:22 - 00000906 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3972895398-2692782183-784820064-1001Core.job
2015-02-07 20:58 - 2013-07-30 16:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3972895398-2692782183-784820064-1001
2015-02-07 17:09 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-07 11:17 - 2013-11-13 23:29 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-06 13:35 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-06 13:35 - 2013-08-22 05:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-06 12:42 - 2012-07-25 23:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-06 02:59 - 2013-08-06 23:24 - 00000000 ____D () C:\Users\r\AppData\Local\Spotify
2015-02-05 10:30 - 2013-11-13 23:20 - 00048762 _____ () C:\WINDOWS\PFRO.log
2015-02-05 10:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-02-04 13:08 - 2013-08-14 21:52 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-04 11:20 - 2014-03-28 11:12 - 00000000 ____D () C:\Users\r\Documents\ATLAS
2015-02-03 11:31 - 2013-08-22 07:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 11:31 - 2013-08-22 07:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-21 18:29 - 2014-09-22 15:14 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-21 17:38 - 2014-09-22 15:13 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-21 17:38 - 2014-09-22 15:13 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-21 17:38 - 2014-09-22 15:13 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-21 17:38 - 2014-09-22 15:13 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-21 17:38 - 2013-08-26 21:27 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-17 13:38 - 2014-08-12 18:17 - 00000000 ____D () C:\Users\r\AppData\Roaming\HpUpdate
2015-01-17 11:09 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-15 23:13 - 2014-03-18 23:25 - 00000000 ____D () C:\WINDOWS\Firmware
2015-01-14 06:18 - 2013-08-17 08:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 06:15 - 2013-08-04 19:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 14:46 - 2013-09-20 18:01 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-11 22:12 - 2013-08-22 06:44 - 00497904 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2015-02-04 19:07 - 2015-02-08 10:51 - 0000020 _____ () C:\Users\r\AppData\Roaming\appdataFr3.bin
2014-01-09 19:53 - 2014-11-17 15:53 - 0000240 _____ () C:\Users\r\AppData\Roaming\WB.CFG
2015-01-14 17:56 - 2015-01-14 17:56 - 0000064 _____ () C:\Users\r\AppData\Local\bcafdfcff6a9e262160d7dea8733e42e
2013-09-04 13:19 - 2015-02-08 18:15 - 0175906 _____ () C:\Users\r\AppData\Local\CDXLExtendedShim.log
2014-08-12 18:16 - 2014-08-12 18:16 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\r\AppData\Local\Temp\optprosetup.exe
C:\Users\r\AppData\Local\Temp\Sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-06 13:46
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by r at 2015-02-08 21:53:08
Running from C:\Users\r\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Amazon Kindle) (Version: - Amazon)
ATLAS.ti (HKLM-x32\...\{251659B0-5D87-41EC-B00B-D414E3713375}) (Version: 7.1.07.0 - ATLAS.ti Scientific Software Development GmbH)
Brain Explorer 2 (HKLM-x32\...\{544E11B3-59BA-4B15-BCDC-6A23337F0DD4}) (Version: 2.3.2.2376 - Allen Institute)
CambridgeSoft ChemBioDraw Ultra 13.0 (HKLM-x32\...\{8A6A245D-D0CE-477F-A5D0-8F339B4FF921}) (Version: 13.0 - CambridgeSoft Corporation)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Font Installer Packages (HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Font Installer Packages) (Version: - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Help (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LogMeIn (HKLM-x32\...\{72B46C07-7EB2-4146-9B03-422296E12C4E}) (Version: 4.1.4830 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MestReNova LITE 5.2.5-5780 (HKLM-x32\...\MestReNova LITE) (Version: 5.2.5-5780 - Mestrelab Research S.L.)
Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
POWERPREP II (HKLM-x32\...\{2687340C-C114-47DC-9F0E-C1BA85FEB001}) (Version: 2.1.0000 - ETS)
Spotify (HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3972895398-2692782183-784820064-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\r\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
21-01-2015 07:58:45 Removed UpdateAdmin
27-01-2015 19:04:21 Windows Update
03-02-2015 21:22:10 Scheduled Checkpoint
05-02-2015 10:14:44 Removed UpdateAdmin
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AA79391-133F-46A4-82BC-35571DBBD5B6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {0EC2FADF-46A7-44C7-8F10-F8EAFF9E37E4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {30FFABDE-A936-4B07-9A13-E09E65E26574} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-02-21] ()
Task: {43AEF627-47EE-43CE-8352-17A5BFCD3158} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3972895398-2692782183-784820064-1001
Task: {47A14AAF-AB53-421F-9C8F-AA84725351BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.)
Task: {57DEB4E9-97FA-463E-827E-31B18C87FED6} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {7DF0A397-65DF-4548-BAA8-B741825B9BFA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3972895398-2692782183-784820064-1001UA => C:\Users\r\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-14] (Facebook Inc.)
Task: {89639624-9FAE-4C14-B78A-CEB316F2BCBC} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3972895398-2692782183-784820064-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {A0BC1556-A083-47EB-A989-993C8E35CC6D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-14] (Microsoft Corporation)
Task: {B196BFC7-E7FF-4F74-9768-519A6CA5E3B6} - System32\Tasks\UpdateAdmin => C:\Users\r\AppData\Local\UpdateAdmin\UpdateAdmin.exe
Task: {B53CF219-3FD6-419F-A906-1453EB8034C6} - System32\Tasks\Microsoft Office 15 Sync Maintenance for REBECCA-r Rebecca => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-14] (Microsoft Corporation)
Task: {D680639B-BCDB-4E4C-801E-27AEC7AE6002} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3972895398-2692782183-784820064-1001
Task: {E43B347A-AC5F-4029-8B0F-6C355D67C945} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E6762194-4594-4295-A6C8-3CA2731CC79F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {FA140229-8410-42D2-88AE-69EBC324FCAE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3972895398-2692782183-784820064-1001Core => C:\Users\r\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-14] (Facebook Inc.)
Task: {FB42EF57-B5FA-4BB3-8311-26E895134E0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-20] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3972895398-2692782183-784820064-1001Core.job => C:\Users\r\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3972895398-2692782183-784820064-1001UA.job => C:\Users\r\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) ==============
2013-07-30 16:26 - 2013-10-31 09:07 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-07-30 16:26 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-07-30 16:26 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-12-07 08:27 - 2012-12-07 08:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-01-14 15:55 - 2014-01-14 15:55 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-19 10:06 - 2013-11-12 23:21 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-12-11 15:57 - 2014-01-14 15:49 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-09-19 10:09 - 2013-11-12 23:22 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2013-12-11 16:00 - 2014-01-14 15:55 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll
2013-09-19 10:06 - 2013-11-12 23:21 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2013-12-11 15:57 - 2014-01-14 15:49 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
2014-09-24 21:35 - 2014-09-24 21:35 - 00081056 _____ () C:\Users\r\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-04-12 19:59 - 2014-04-12 19:59 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-13 14:46 - 2015-01-08 16:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-13 14:46 - 2015-01-08 16:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-13 14:46 - 2015-01-08 16:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-13 14:46 - 2015-01-08 16:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-13 14:46 - 2015-01-08 16:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
2013-07-30 16:26 - 2013-07-30 16:27 - 01286256 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\PPRESOURCES.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\r\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CatWSw8 => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\r\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\internet explorer wallpaper.bmp
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3972895398-2692782183-784820064-1001\...\StartupApproved\StartupFolder: => "StickyNote.lnk"
==================== Accounts: =============================
Administrator (S-1-5-21-3972895398-2692782183-784820064-500 - Administrator - Disabled)
Guest (S-1-5-21-3972895398-2692782183-784820064-501 - Limited - Disabled)
r (S-1-5-21-3972895398-2692782183-784820064-1001 - Administrator - Enabled) => C:\Users\r
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:31:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2015 08:31:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (02/08/2015 10:50:30 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (02/08/2015 09:30:30 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (02/08/2015 00:20:07 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (02/07/2015 08:33:27 PM) (Source: DCOM) (EventID: 10010) (User: REBECCA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/07/2015 08:33:27 PM) (Source: DCOM) (EventID: 10010) (User: REBECCA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/07/2015 08:31:27 PM) (Source: DCOM) (EventID: 10010) (User: REBECCA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/07/2015 08:30:10 PM) (Source: DCOM) (EventID: 10010) (User: REBECCA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/07/2015 08:29:26 PM) (Source: DCOM) (EventID: 10010) (User: REBECCA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/07/2015 08:29:26 PM) (Source: DCOM) (EventID: 10010) (User: REBECCA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (02/07/2015 08:29:26 PM) (Source: DCOM) (EventID: 10010) (User: REBECCA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Microsoft Office Sessions:
=========================
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:33:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:31:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (02/07/2015 08:31:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: REBECCA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
CodeIntegrity Errors:
===================================
Date: 2015-02-03 18:17:55.259
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:55.127
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:54.990
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:54.842
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:54.695
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:54.551
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:54.399
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:54.256
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:54.123
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-03 18:17:52.994
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 84%
Total physical RAM: 3979.71 MB
Available physical RAM: 623.21 MB
Total Pagefile: 8426.95 MB
Available Pagefile: 2161.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:110.08 GB) (Free:29.73 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 317BAFE4)
Partition: GPT Partition Type.
==================== End Of Log ============================
Thanks.