Grandpa's computer seems to have a virus. It's slow to connect to the internet on startup and IE won't go to Yahoo.
Farbar Scan Results:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01
Ran by Cheplic (administrator) on CHEPLIC-PC on 03-07-2015 12:46:53
Running from C:\Users\Cheplic\Downloads
Loaded Profiles: Cheplic (Available Profiles: Cheplic)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\21.7.0.11\n360.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7420448 2009-04-21] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [703008 2009-06-23] (Acer Incorporated)
HKLM\...\Run: [Acer Assist Launcher] => C:\Program Files\Acer\Acer Assist\launcher.exe [1261568 2007-11-19] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-05-05] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [221184 2009-06-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [862728 2009-02-11] (Dritek System Inc.)
HKLM\...\Run: [Acer Product Registration] => C:\Program Files\Acer\Acer Registration\ACE1.exe [3387392 2007-11-26] (Leader Technologies)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-04-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-846162872-2123034892-513307770-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-846162872-2123034892-513307770-1000\...\MountPoints2: {10398a65-9a4a-11e2-b9c9-00262228c1e1} - E:\TL_Bootstrap.exe
Startup: C:\Users\Cheplic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-03-04]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security Suite\Engine\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security Suite\Engine\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security Suite\Engine\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-846162872-2123034892-513307770-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/
HKU\S-1-5-21-846162872-2123034892-513307770-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://global.acer.com
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{346153D0-CAF9-456C-BD1E-219436036584}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{7894FE78-9737-40E9-80A9-6AEB99A2997D}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-05] (Oracle Corporation)
FF Plugin: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2010-01-04] (Logitech Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-12]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-06-30]
Chrome:
=======
CHR Profile: C:\Users\Cheplic\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Cheplic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cheplic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\Cheplic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-29]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-08]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [723488 2009-06-23] (Acer Incorporated)
R2 N360; C:\Program Files\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [183312 2008-10-02] (Advanced Micro Devices, Inc)
R1 BHDrvx86; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150625.001\BHDrvx86.sys [1181424 2015-06-16] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1507000.00B\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R1 DPMemGridVista; C:\Program Files\GridVista\DPMemGridVista.sys [10504 2008-09-30] (Dritek System Inc.)
R1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [380720 2015-06-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [113456 2015-05-28] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150629.001\IDSvix86.sys [523512 2015-06-20] (Symantec Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [50176 2009-04-27] (Atheros Communications, Inc.)
R3 NAVENG; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150630.004\NAVENG.SYS [104440 2015-06-24] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150630.004\NAVEX15.SYS [1645432 2015-06-24] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360\1507000.00B\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1507000.00B\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1507000.00B\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1507000.00B\SYMEFA.SYS [936152 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-12-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1507000.00B\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1507000.00B\SYMTDIV.SYS [384728 2014-08-25] (Symantec Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-03 12:46 - 2015-07-03 12:50 - 00014637 _____ C:\Users\Cheplic\Downloads\FRST.txt
2015-07-03 12:43 - 2015-07-03 12:47 - 00000000 ____D C:\FRST
2015-07-03 12:42 - 2015-07-03 12:43 - 01636352 _____ (Farbar) C:\Users\Cheplic\Downloads\FRST.exe
2015-06-29 15:53 - 2015-06-30 15:36 - 00001531 _____ C:\Windows\comsetup.log
2015-06-25 07:38 - 2015-06-25 07:39 - 17582768 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2015-06-11 07:51 - 2015-04-24 08:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 07:49 - 2015-05-21 07:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 07:48 - 2015-05-08 16:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 06:20 - 2015-05-04 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 06:20 - 2015-05-04 15:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 06:20 - 2015-05-04 15:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 06:19 - 2015-05-04 15:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 06:19 - 2015-05-04 14:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 07:53 - 2015-05-30 17:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 07:53 - 2015-05-30 16:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 07:53 - 2015-05-30 16:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 07:53 - 2015-05-30 16:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 07:53 - 2015-05-30 16:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 07:53 - 2015-05-30 16:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 07:53 - 2015-05-30 16:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 07:53 - 2015-05-30 16:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 07:53 - 2015-05-30 16:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 07:53 - 2015-05-30 16:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 07:53 - 2015-05-30 16:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 07:53 - 2015-05-30 16:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 07:53 - 2015-05-30 16:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-10 07:53 - 2015-05-30 16:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 07:53 - 2015-05-30 16:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 07:53 - 2015-05-30 16:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 07:53 - 2015-05-30 16:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-10 07:53 - 2015-05-30 16:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 07:53 - 2015-05-30 16:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 07:53 - 2015-05-30 16:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 07:53 - 2015-05-30 16:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-10 07:53 - 2015-05-30 16:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-03 12:48 - 2009-09-09 15:58 - 01401199 _____ C:\Windows\WindowsUpdate.log
2015-07-03 12:41 - 2013-10-28 07:29 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-03 12:38 - 2013-07-10 12:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-03 12:35 - 2006-11-02 05:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-03 12:35 - 2006-11-02 05:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-03 12:27 - 2013-10-28 07:29 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 15:35 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\registration
2015-06-30 15:27 - 2008-01-20 19:47 - 00895556 _____ C:\Windows\PFRO.log
2015-06-30 15:27 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 08:24 - 2006-11-02 06:01 - 00032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-25 07:40 - 2013-07-10 12:51 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-25 07:40 - 2011-07-23 20:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-17 07:35 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2015-06-11 15:12 - 2006-11-02 05:47 - 00319632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 06:28 - 2013-08-16 06:55 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 06:27 - 2006-11-02 03:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Files in the root of some directories =======
2013-11-27 08:19 - 2013-11-27 08:19 - 49940480 _____ () C:\Program Files\GUT9D39.tmp
2014-05-10 07:40 - 2014-05-10 07:40 - 6103040 _____ () C:\Program Files\GUTA007.tmp
2011-08-13 12:40 - 2011-08-13 12:40 - 0024206 _____ () C:\Users\Cheplic\AppData\Roaming\UserTile.png
2012-01-02 18:03 - 2013-08-03 17:53 - 0000680 _____ () C:\Users\Cheplic\AppData\Local\d3d9caps.dat
2011-08-07 11:50 - 2011-08-14 11:20 - 0005120 _____ () C:\Users\Cheplic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-05 19:21 - 2013-07-05 19:23 - 0006098 _____ () C:\Users\Cheplic\AppData\Local\MyWinLockerInstaller.txt-20130705.log
2011-05-21 19:26 - 2011-10-23 08:04 - 0001940 _____ () C:\Users\Cheplic\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2009-09-09 16:06 - 2009-09-09 16:09 - 0007254 _____ () C:\ProgramData\ArcadeDeluxe2.log
2014-04-26 15:18 - 2014-04-26 15:20 - 0000091 _____ () C:\ProgramData\PS.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-30 15:34
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01
Ran by Cheplic at 2015-07-03 12:51:35
Running from C:\Users\Cheplic\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-846162872-2123034892-513307770-500 - Administrator - Disabled)
Cheplic (S-1-5-21-846162872-2123034892-513307770-1000 - Administrator - Enabled) => C:\Users\Cheplic
Guest (S-1-5-21-846162872-2123034892-513307770-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Suite (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Assist (HKLM\...\Acer Assist) (Version: - Acer Incorporated)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.00.3009 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.00.3008 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: - Acer - Leader Technologies)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: Version 7.2.2002.207 - Alps Electric)
AMD USB Audio Driver Filter (HKLM\...\{C2F62AF2-8748-4CAE-BE53-1AF4763CFC15}) (Version: 1.0.8.73 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.19 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{B2A3C27B-8D7A-ACF4-C193-EC6FC43885DE}) (Version: 3.0.723.0 - ATI Technologies, Inc.)
ccc-core-static (Version: 2009.0505.2131.36820 - ATI) Hidden
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000223 - esobi Inc.)
eSobi v2 (Version: 2.0.3.000223 - esobi Inc.) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
GridVista (HKLM\...\GridVista) (Version: 2.77.0507 - Dritek System Inc.)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Launch Manager (HKLM\...\LManager) (Version: 2.0.00 - Acer Inc.)
Logitech Harmony Remote Software (HKLM\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 1.0.110307 - Logitech)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-846162872-2123034892-513307770-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
Norton Security Suite (HKLM\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.616 - NewTech Infosystems)
NTI Backup Now Standard (Version: 5.1.2.616 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6509 - NewTech Infosystems)
NTI Media Maker 8 (Version: 8.0.2.6509 - NewTech Infosystems) Hidden
OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.5.0 - Convesoft)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5837 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20125 - Realtek Semiconductor Corp.)
Windows Live Sync (HKLM\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-846162872-2123034892-513307770-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-846162872-2123034892-513307770-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-846162872-2123034892-513307770-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
==================== Restore Points =========================
14-02-2015 08:24:20 Windows Update
01-03-2015 14:32:33 Norton_Power_Eraser_20150301133233763
12-03-2015 22:09:27 Windows Update
15-03-2015 12:10:06 Scheduled Checkpoint
16-04-2015 06:26:57 Windows Update
14-05-2015 06:54:02 Windows Update
15-05-2015 03:41:47 Windows Update
23-05-2015 08:26:22 Windows Update
11-06-2015 06:17:06 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {005AEADB-277B-4BE7-8E83-9C2E29B08216} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2FB3E3F4-860C-4AB6-AD79-77443200536D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-28] (Google Inc.)
Task: {45FC4FFF-E79D-49A2-BFD8-F1CBCE9D6381} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-25] (Adobe Systems Incorporated)
Task: {48CF8020-112A-4DE9-BD80-BBB5B1548A44} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security Suite\Engine\21.7.0.11\WSCStub.exe [2015-03-06] (Symantec Corporation)
Task: {4FCCC014-EF0F-4CBB-9350-BF865A0440DB} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-04-20] (Acer)
Task: {559ACBC0-620B-437E-8876-2FEE7A7DCEC3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {57674D77-EB48-43C4-8E08-8CDF7AFC63AC} - System32\Tasks\Microsoft\Windows\RestartManager\{DA6D7B6C-FA56-4d50-8CB7-38F970AE3B4C} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {66CC95F9-9219-4943-9B7B-916E129FBFA6} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8391AB4F-2F5B-4EDE-AF0B-CBDC79EE0F8E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-28] (Google Inc.)
Task: {C3890864-73D4-42A0-BFA2-A8A7378DB53B} - System32\Tasks\Microsoft\Windows\RestartManager\{15615A04-2F3E-407c-A29A-D91A728743BD} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2009-07-02 08:17 - 2009-05-05 04:06 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2009-09-09 15:58 - 2009-09-09 15:58 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-01-26 14:56 - 2009-01-26 14:56 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-09-09 15:58 - 2009-09-09 15:58 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-07-02 08:17 - 2003-06-06 22:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll
2011-01-17 17:19 - 2011-02-06 20:05 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-846162872-2123034892-513307770-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img19.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{38AF13CF-7F7F-4221-9085-069DFD9F7AF7}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{A92BCE9B-5534-44C0-A184-56C94E92A71F}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{5A92B06F-7CBD-4C23-9205-7C2EC7B8ABD9}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{A8B3DCA3-1E1B-4083-8FBB-6A5CDD92920F}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{F60AB5C3-F1F5-484D-BFCD-CA4122E62F71}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{03022820-466E-4C26-8E2E-63F5FE958B56}] => (Allow) LPort=80
FirewallRules: [{8A53148F-4200-4121-A8B5-3A94F15688E9}] => (Allow) LPort=80
FirewallRules: [{3CB59947-4D2A-4133-A3C4-4EF0612FA488}] => (Allow) LPort=80
FirewallRules: [{668A36BF-D917-414C-A366-98792905A2C9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{1720BDE4-22A5-4E1B-9A36-A3ED9EC1F2DE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/30/2015 03:28:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2015 03:27:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/30/2015 08:05:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2015 08:05:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/29/2015 08:28:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 08:27:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/29/2015 04:51:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 04:51:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/29/2015 04:49:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbamscheduler.exe, version 3.1.3.0, time stamp 0x55252bff, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000,
process id 0x1210, application start time 0xmbamscheduler.exe0.
Error: (06/29/2015 03:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/03/2015 00:27:20 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 10.0.0.2 for the Network Card with network address 0C607636CFC7 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
Error: (07/03/2015 00:25:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error: (06/29/2015 04:51:43 PM) (Source: Microsoft-Windows-ResourcePublication) (EventID: 1002) (User: NT AUTHORITY)
Description: Provider\Microsoft.Base.Publication/Publication/Computer
Error: (06/29/2015 07:25:31 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Windows Update
Error: (06/28/2015 05:06:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86
Error: (06/28/2015 00:44:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86
Error: (06/28/2015 00:43:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Media Player Network Sharing Service%%1053
Error: (06/28/2015 00:43:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Media Player Network Sharing Service
Error: (06/28/2015 00:42:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}
Error: (06/28/2015 11:30:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Media Player Network Sharing Service%%1053
Microsoft Office:
=========================
Error: (06/30/2015 03:28:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2015 03:27:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe
Error: (06/30/2015 08:05:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2015 08:05:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe
Error: (06/29/2015 08:28:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 08:27:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe
Error: (06/29/2015 04:51:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 04:51:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe
Error: (06/29/2015 04:49:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe3.1.3.055252bffunknown0.0.0.000000000c000000500000000121001d0b2c2418a1e02
Error: (06/29/2015 03:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-07-03 12:50:22.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-07-03 12:50:20.358
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-07-03 12:50:19.047
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-07-03 12:50:17.846
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-07-03 12:49:43.532
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-03 12:49:42.190
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-03 12:49:40.849
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-07-03 12:49:39.507
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-29 16:33:08.246
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-29 16:33:06.624
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon Processor TF-20
Percentage of memory in use: 53%
Total physical RAM: 2811.3 MB
Available physical RAM: 1301.86 MB
Total Virtual: 5849.16 MB
Available Virtual: 4314.38 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:139.04 GB) (Free:70.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 8CAB1037)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=139 GB) - (Type=07 NTFS)
==================== End of log ============================