Hi Brian, thanks for replying to the post and for being so clear in your instructions!
Here are the logs you wanted:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Jeanne at 2015-03-17 16:43:15
Running from C:\Users\Jeanne\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Disabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
BitLord 2.3 (HKLM\...\BitLord) (Version: 2.3.2-245 - House of Life)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM\...\{C354D7E2-C1F3-45AB-A547-BF500F2E0814}) (Version: 1.45.0 - Kovid Goyal)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.42.0.0 - Conexant)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 5.3.2.9 - Lenovo)
ETDWare PS/2-X86 8.0.4.1_WHQL (HKLM\...\Elantech) (Version: 8.0.4.1 - ELAN Microelectronic Corp.)
Free Window Registry Repair (HKLM\...\Free Window Registry Repair) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{51ED885E-78EC-4DBF-81E1-F7EF47174B5A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Deskjet 1000 J110 series Product Improvement Study (HKLM\...\{B3E3CA57-F7D2-424F-86CC-6FB4F1FC82AD}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo DirectShare (HKLM\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.96.2018.21 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo Games Console (HKLM\...\Lenovo Games Console) (Version: 0.38.389.2 - Oberon Media Inc.)
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2318.52 - CyberLink Corp.)
Lenovo PowerDVD 10 (Version: 10.0.2318.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.)
Lenovo YouCam (Version: 3.1.3603 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 (HKLM\...\OUTLOOK) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Reader (HKLM\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version: - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{98EFD8F0-08DE-48DB-B922-A2EBAB711033}) (Version: 7.03.1151 - Nero AG)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek USB 2.0 Reader Driver (HKLM\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Speltoetser Afrikaans (HKLM\...\Speltoetser Afrikaans) (Version: - )
Striata Reader (HKLM\...\{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}) (Version: 2.9-1 - Striata Communication Solutions)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UserGuide (HKLM\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (Version: 1.0.0.6 - Lenovo) Hidden
VeriFace (HKLM\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vodafone Mobile Broadband (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.405.45220 - Vodafone)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-611895501-4201313495-1634798728-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\windows\system32\msxml4.dll (Microsoft Corporation)
==================== Restore Points =========================
24-02-2015 10:24:33 Scheduled Checkpoint
27-02-2015 17:16:58 Installed Free MKV Player.
27-02-2015 17:55:09 Windows Update
02-03-2015 20:13:04 Removed Free MKV Player.
02-03-2015 20:13:54 Removed Free MKV Player.
04-03-2015 20:49:18 Windows Update
12-03-2015 22:07:40 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2014-03-06 17:43 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03FC9001-759F-4C68-966E-225E576D35D4} - System32\Tasks\{142BAEBF-1A0F-4FF8-97EE-75F3B579A669} => C:\Users\Jeanne\Downloads\avast_free_antivirus_setup.exe [2013-02-27] ()
Task: {0485B743-6603-412C-A017-37B2E71523E1} - System32\Tasks\{3693A334-015C-4B87-99C6-26B7E241B288} => C:\Users\Jeanne\Downloads\avast_free_antivirus_setup.exe [2013-02-27] ()
Task: {11091733-6598-4692-8AA9-84B11740F74C} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {11F05F9C-F31B-4D90-B0F8-F9330AC66912} - System32\Tasks\4774 => Wscript.exe C:\Users\Jeanne\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {320AB5DC-81B1-402E-898B-81E5738B47E9} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {5139A283-7191-4449-BD0B-52E6DE733D8F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {54485661-92FF-4DD7-9105-88BC881A4C12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-30] (Google Inc.)
Task: {5988B38E-7353-41C4-AB95-541655C7F890} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-26] (AVAST Software)
Task: {60E68C58-ED75-43E6-B79B-07A6B6F7548A} - System32\Tasks\MirageAgent => C:\Program Files\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink)
Task: {69E13F02-0E22-4C54-9612-725F7F009B08} - System32\Tasks\{6A9F8640-D99A-42F8-BF27-EE23A4BC2F88} => C:\Users\Jeanne\Downloads\avast_free_antivirus_setup.exe [2013-02-27] ()
Task: {ACFCE2E1-6994-4939-97A0-132512E6CD45} - System32\Tasks\avastBCLRestartS-1-5-21-611895501-4201313495-1634798728-1000 => Chrome.exe
Task: {B03D3B90-56D8-4331-BA67-551D9AC9E3AE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {DE764612-EF7D-445A-A10D-15A41151AA80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-30] (Google Inc.)
Task: {E0BF0B53-5649-4E18-892B-CAE6D9405A2F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-07 13:52 - 2015-03-07 13:52 - 02919424 _____ () C:\Program Files\AVAST Software\Avast\defs\15030700\algo.dll
2015-03-14 21:14 - 2015-03-14 21:14 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031401\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-19 23:25 - 2011-03-19 23:25 - 00013664 _____ () C:\Program Files\Lenovo\VeriFace\ChooseLang.dll
2011-03-19 23:35 - 2008-12-20 05:20 - 00051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2014-11-26 16:21 - 2014-11-26 16:21 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-02 15:45 - 2014-04-02 15:45 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-03-19 23:03 - 2010-09-13 20:28 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-03-19 23:25 - 2011-03-19 23:25 - 01410400 _____ () C:\windows\system32\IcnOvrly.dll
2014-04-05 18:37 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-04-05 18:37 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-04-05 18:37 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-04-05 18:37 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-04-05 18:37 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-04-05 18:37 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-04-05 18:37 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
2011-03-19 23:35 - 2008-12-20 05:20 - 00063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2014-11-27 15:21 - 2014-11-27 15:21 - 00018856 _____ () C:\Program Files\Java\jre7\bin\jp2native.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:792D4CF1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 196.207.32.83 - 196.207.32.69
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-611895501-4201313495-1634798728-500 - Administrator - Disabled)
Guest (S-1-5-21-611895501-4201313495-1634798728-501 - Limited - Disabled) => C:\Users\Guest
Jeanne (S-1-5-21-611895501-4201313495-1634798728-1000 - Administrator - Enabled) => C:\Users\Jeanne
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/17/2015 04:14:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 71285936
Error: (03/17/2015 04:14:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 71285936
Error: (03/17/2015 04:14:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/17/2015 04:14:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 71284797
Error: (03/17/2015 04:14:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 71284797
Error: (03/17/2015 04:14:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/17/2015 04:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 71283752
Error: (03/17/2015 04:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 71283752
Error: (03/17/2015 04:14:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/17/2015 04:14:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 71282551
System errors:
=============
Error: (03/17/2015 04:25:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/16/2015 04:25:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/15/2015 04:48:59 PM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume G: were aborted during detection because a critical control file could not be opened.
Error: (03/15/2015 03:53:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR8.
Error: (03/15/2015 03:53:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR8.
Error: (03/15/2015 03:53:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR8.
Error: (03/15/2015 03:53:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR8.
Error: (03/15/2015 03:53:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR8.
Error: (03/15/2015 03:53:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (03/15/2015 03:53:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
Microsoft Office Sessions:
=========================
Error: (06/21/2014 05:18:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 501707 seconds with 960 seconds of active time. This session ended with a crash.
Error: (03/20/2014 11:27:02 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/10/2011 03:10:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 79738 seconds with 60 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Celeron® Dual-Core CPU T3500 @ 2.10GHz
Percentage of memory in use: 58%
Total physical RAM: 2008.6 MB
Available physical RAM: 836.4 MB
Total Pagefile: 4017.2 MB
Available Pagefile: 1206.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:254.14 GB) (Free:187.35 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.06 GB) NTFS
Drive e: (10.2.103_RC1) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8ED69859)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Jeanne (administrator) on MELANY-PC on 17-03-2015 16:41:46
Running from C:\Users\Jeanne\Downloads
Loaded Profiles: Jeanne (Available profiles: Jeanne & Guest)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CyberLink) C:\Program Files\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files\Lenovo\VeriFace\PManage.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\VeriFace\VerifyHost.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jp2launcher.exe
(Lenovo) C:\Program Files\Lenovo\VeriFace\VerifyHost.exe
(Lenovo) C:\Program Files\Lenovo\VeriFace\VerifyHost.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UpdateP2GShortCut] => C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM\...\Run: [YouCam Mirage] => C:\Program Files\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-05] (CyberLink)
HKLM\...\Run: [YouCam Tray] => C:\Program Files\Lenovo\YouCam\YouCam.exe [224352 2010-12-05] (CyberLink Corp.)
HKLM\...\Run: [VeriFaceManager] => C:\Program Files\Lenovo\VeriFace\PManage.exe [329056 2011-03-19] (Lenovo)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-03-19] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4204448 2010-04-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [6285216 2011-01-10] (Lenovo (Beijing) Limited)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-05-28] (Nero AG)
HKLM\...\Run: [MobileBroadband] => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [76800 2013-05-14] (Vodafone)
HKLM\...\Run: [VmbNotifier] => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1862144 2013-05-14] (Vodafone)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-24] (AVAST Software)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\RunOnce: [Adobe Speed Launcher] => 1426422356
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: E - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {14f9904c-1f3a-11e2-9a84-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {2fb43a93-325b-11e3-9995-001e101fb4df} - H:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {2fb43a9a-325b-11e3-9995-001e101fb4df} - E:\AutoRun.exe
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {355b1164-2532-11e3-bb86-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {359ab5ec-26af-11e2-94fe-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {41e79a80-ba8c-11e0-917f-1c75086c389c} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {50d2e0de-d973-11e2-b71f-806e6f6e6963} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {567031e3-2533-11e3-aae8-1c75086c389c} - E:\AutoRun.exe
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {56703200-2533-11e3-aae8-001e101f1ed9} - E:\AutoRun.exe
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {59d5e4ed-a76d-11e2-b29d-806e6f6e6963} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {666137d2-87d4-11e2-bc1c-806e6f6e6963} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {735c9675-b940-11e0-b8c8-ec55f959923f} - E:\AutoRun.exe
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {735c9677-b940-11e0-b8c8-ec55f959923f} - E:\AutoRun.exe
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {7e972f50-2607-11e2-8acb-806e6f6e6963} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {81e665d4-b3ba-11e0-900d-ec55f959923f} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {81e665e3-b3ba-11e0-900d-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {9f79ee2f-3190-11e2-8b1a-806e6f6e6963} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {9fbd2865-367e-11e3-b1b0-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {a1e6ae23-36a5-11e3-a592-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {d79552d2-7636-11e4-a09d-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {ed8a1bc4-2530-11e3-b1ce-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {f8d98bfb-367f-11e3-991e-ec55f959923f} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {f8d98c05-367f-11e3-991e-1c75086c389c} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {f9bfecff-3682-11e3-bbd8-1c75086c389c} - E:\AutoRun.exe
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {f9bfed0f-3682-11e3-bbd8-001e101f82a0} - E:\AutoRun.exe
HKU\S-1-5-21-611895501-4201313495-1634798728-1000\...\MountPoints2: {f9bfed77-3682-11e3-bbd8-001e101f82a0} - E:\setup_vmb_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-611895501-4201313495-1634798728-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-01-07] (Google Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-01-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-611895501-4201313495-1634798728-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-01-07] (Google Inc.)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{08E22277-8F4C-4815-8419-301D2E0A4779}: [NameServer] 196.207.32.83 196.207.32.69
Tcpip\..\Interfaces\{D9E4A252-4D68-46CB-A7A8-36D3640B0F58}: [NameServer] 196.207.32.83 196.207.32.69
Tcpip\..\Interfaces\{DDF8B4DC-FB64-454C-AF01-A5EF7358D703}: [NameServer] 196.207.32.83 196.207.32.69
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll [2014-11-26] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-11-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [2014-04-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [2014-04-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-02]
Chrome:
=======
CHR Profile: C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-02]
CHR Extension: (Google Drive) - C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-02]
CHR Extension: (YouTube) - C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-21]
CHR Extension: (Google Search) - C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-21]
CHR Extension: (Google Wallet) - C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-21]
CHR Profile: C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (avast! WebRep) - C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-05-03]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-05-14] (Vodafone) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-11-26] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-11-26] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-11-26] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-11-26] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-11-26] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-11-26] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-11-26] ()
R1 BPntDrv; C:\windows\System32\drivers\BPntDrv.sys [19552 2011-03-19] (Lenovo)
R3 Cam5607; C:\windows\System32\Drivers\BisonC07.sys [1316304 2010-08-07] (Bison Electronics. Inc. )
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [116008 2010-11-23] (ELAN Microelectronics Corp.)
R0 fbfmon; C:\windows\System32\drivers\fbfmon.sys [45408 2011-03-19] (Lenovo)
R3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [97408 2013-04-09] (Huawei Technologies Co., Ltd.)
R3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [27776 2013-04-09] (Huawei Technologies Co., Ltd.)
R3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [207360 2013-04-09] (Huawei Technologies Co., Ltd.)
R0 LHDmgr; C:\windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S3 RSUSBVSTOR; C:\windows\System32\Drivers\RtsUVStor.sys [226408 2010-11-30] (Realtek Semiconductor Corp.)
R3 vodafone_K3805-z_dc_enum; C:\windows\System32\DRIVERS\vodafone_K3805-z_dc_enum.sys [61952 2010-09-01] (Vodafone)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerServic; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SoftwareService; No ImagePath
U2 Stereo Service; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 16:41 - 2015-03-17 16:42 - 00020928 _____ () C:\Users\Jeanne\Downloads\FRST.txt
2015-03-17 16:39 - 2015-03-17 16:41 - 00000000 ____D () C:\FRST
2015-03-17 16:38 - 2015-03-17 16:39 - 01135104 _____ (Farbar) C:\Users\Jeanne\Downloads\FRST.exe
2015-03-17 16:38 - 2015-03-17 16:39 - 01135104 _____ (Farbar) C:\Users\Jeanne\Downloads\FRST (1).exe
2015-03-15 16:47 - 2011-03-31 11:02 - 1047010971 _____ () C:\Users\Jeanne\Desktop\7- Harry Potter and the Deathly Hallows.mkv
2015-03-14 11:41 - 2015-03-14 11:41 - 00000984 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-14 11:41 - 2015-03-14 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-14 11:40 - 2015-03-14 11:40 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-14 11:38 - 2015-03-14 11:38 - 28509232 _____ () C:\Users\Jeanne\Downloads\vlc-2-2-0-win32.exe
2015-03-07 14:08 - 2015-03-07 14:08 - 00013198 _____ () C:\Users\Jeanne\Desktop\JRT.exe - Shortcut.lnk
2015-03-07 14:07 - 2015-03-07 14:07 - 00013537 _____ () C:\Users\Jeanne\Desktop\adwcleaner_4.111.exe - Shortcut.lnk
2015-03-07 14:06 - 2015-03-07 14:06 - 00001676 _____ () C:\Users\Jeanne\Desktop\JRT.txt
2015-03-07 14:00 - 2015-03-07 14:00 - 01388333 _____ (Thisisu) C:\Users\Jeanne\Downloads\JRT (1).exe
2015-03-07 13:50 - 2015-03-07 13:51 - 01388333 _____ (Thisisu) C:\Users\Jeanne\Downloads\JRT.exe
2015-03-07 13:49 - 2015-03-07 13:54 - 00000000 ____D () C:\AdwCleaner
2015-03-07 13:42 - 2015-03-07 13:42 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Jeanne\Downloads\SpyHunter-Installer.exe
2015-02-28 09:29 - 2015-02-28 09:29 - 00000218 _____ () C:\Users\Jeanne\AppData\Local\recently-used.xbel
2015-02-28 09:03 - 2015-02-28 09:28 - 942853273 _____ () C:\Users\Jeanne\Desktop\[ www.UsaBit.com ] - Harry Potter and the Deathly Hallows_ Part 2 (2011) BluRay 720p 900MB Ganool.mkv
2015-02-27 17:09 - 2015-02-27 17:09 - 00000000 ____D () C:\Users\Jeanne\AppData\Roaming\Opera Software
2015-02-27 17:09 - 2015-02-27 17:09 - 00000000 ____D () C:\Users\Jeanne\AppData\Local\Opera Software
2015-02-27 17:07 - 2015-02-27 17:05 - 30010917 _____ (Media Freeware ) C:\Users\Jeanne\Downloads\mkvplayer_setup [1].exe
2015-02-27 17:03 - 2015-02-27 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2015-02-27 17:03 - 2015-02-27 17:03 - 00000000 ____D () C:\Program Files\rSpark
2015-02-27 17:02 - 2015-02-27 17:02 - 00385776 _____ ( ) C:\Users\Jeanne\Downloads\mkvplayer_setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 16:41 - 2011-07-30 12:07 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-17 16:38 - 2014-05-28 19:40 - 01615099 _____ () C:\windows\WindowsUpdate.log
2015-03-17 16:32 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-17 16:32 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-17 16:17 - 2011-03-19 23:04 - 00792496 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-17 16:14 - 2014-11-26 16:00 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-17 16:14 - 2011-07-21 12:30 - 04057423 _____ () C:\FaceProv.log
2015-03-17 16:14 - 2011-03-19 23:25 - 00000000 ____D () C:\ProgramData\VeriFace
2015-03-16 18:41 - 2011-07-30 12:07 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 22:37 - 2012-01-14 21:48 - 00000000 ____D () C:\Users\Jeanne\AppData\Roaming\vlc
2015-03-15 15:45 - 2013-03-03 00:10 - 00000000 ____D () C:\Users\Jeanne\AppData\Local\CrashDumps
2015-03-07 13:57 - 2011-03-19 23:33 - 00593849 _____ () C:\windows\system32\fastboot.set
2015-03-07 13:56 - 2014-06-21 18:42 - 00012824 _____ () C:\windows\setupact.log
2015-03-07 13:56 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-07 13:55 - 2014-06-21 18:41 - 00102922 _____ () C:\windows\PFRO.log
2015-03-02 19:57 - 2009-07-14 04:04 - 00000604 _____ () C:\windows\win.ini
2015-02-28 13:38 - 2011-08-07 18:10 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-28 09:30 - 2013-05-13 13:53 - 00000000 ____D () C:\Users\Jeanne\Documents\BitLord
2015-02-27 17:36 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-02-24 03:23 - 2011-11-14 16:51 - 00246920 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2014-05-24 19:49 - 2014-06-21 16:58 - 0007626 _____ () C:\Users\Jeanne\AppData\Roaming\.freeciv-client-rc-2.3
2013-05-13 13:53 - 2015-02-28 08:59 - 0000000 _____ () C:\Users\Jeanne\AppData\Roaming\bitlord_log.txt
2011-11-13 21:08 - 2011-11-13 21:08 - 0000235 _____ () C:\Users\Jeanne\AppData\Roaming\fixpermissions.bat
2015-02-28 09:29 - 2015-02-28 09:29 - 0000218 _____ () C:\Users\Jeanne\AppData\Local\recently-used.xbel
2014-01-07 18:07 - 2014-01-07 18:09 - 0000386 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Jeanne\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jeanne\AppData\Local\Temp\EBU56C6.EXE
C:\Users\Jeanne\AppData\Local\Temp\EBU6612.DLL
C:\Users\Jeanne\AppData\Local\Temp\htmlayout.dll
C:\Users\Jeanne\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Jeanne\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Jeanne\AppData\Local\Temp\optprosetup.exe
C:\Users\Jeanne\AppData\Local\Temp\Quarantine.exe
C:\Users\Jeanne\AppData\Local\Temp\sqlite3.dll
C:\Users\Jeanne\AppData\Local\Temp\toolbar338897207.exe
C:\Users\Jeanne\AppData\Local\Temp\uninstall1110835572.exe
C:\Users\Jeanne\AppData\Local\Temp\uninstall1110858527.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-06 19:03
==================== End Of Log ============================