Below are the 2 logs from FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-07-2015
Ran by Administrator (administrator) on JOHN-A1D9946862 (27-07-2015 13:52:26)
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Documents and Settings\Administrator\My Documents\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [782008 2015-07-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\896\G2AWinLogon.dll [2013-12-03] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-1993962763-515967899-725345543-500\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIKLE.EXE [261696 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll [2012-02-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll [2012-02-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll [2012-02-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll [2012-02-14] (Dropbox, Inc.)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1993962763-515967899-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://advisorservices.com/
HKU\S-1-5-21-1993962763-515967899-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKU\S-1-5-21-1993962763-515967899-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1993962763-515967899-725345543-500 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
BHO: No Name -> {53707962-6F74-2D53-2644-206D7942484F} -> No File
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
DPF: {25D9AA40-ED39-11D2-A038-009027078284} https://www.advisors...lDownloader.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1272029577203
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://adventsoftwa...ort/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: {EB329BD2-7DC2-4F54-A6F2-634797C735C5} https://www.advisors...oScheduler2.CAB
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.242.0.12
Tcpip\..\Interfaces\{0F9C668B-672F-40FF-A711-C1713B1A10FA}: [DhcpNameServer] 192.168.1.1 71.242.0.12
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zopgorq4.default-1434168856046
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1993962763-515967899-725345543-500: @citrixonline.com/appdetectorplugin -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll [2015-06-10] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\atgpcdec.dll [2010-12-30] (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\atgpcext.dll [2010-12-30] (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\atmccli.dll [2010-12-30] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ieatgpc.dll [2010-07-06] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npatgpc.dll [2010-07-06] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-06-07] (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zopgorq4.default-1434168856046\searchplugins\avira-safesearch.xml [2015-07-27]
FF Extension: Avira Browser Safety - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zopgorq4.default-1434168856046\Extensions\[email protected] [2015-07-02]
FF Extension: Avira SafeSearch Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zopgorq4.default-1434168856046\Extensions\[email protected] [2015-06-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-21]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-05]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-05]
CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-06-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-05]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [887128 2015-07-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [461672 2015-07-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [461672 2015-07-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1212048 2015-07-25] (Avira Operations GmbH & Co. KG)
S2 APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [176193 2005-12-12] (American Power Conversion Corporation) [File not signed]
S2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [577008 2014-11-04] (SEIKO EPSON CORPORATION)
S2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\896\g2aservice.exe [13720 2013-12-03] (Citrix Online, a division of Citrix Systems, Inc.)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-07-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-07-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-27] (Avira Operations GmbH & Co. KG)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-27] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [193552 2012-08-30] (Microsoft Corporation)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-05-27] (Avira Operations GmbH & Co. KG)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-27 13:51 - 2015-07-27 13:52 - 00000000 ____D C:\FRST
2015-07-27 13:41 - 2015-07-27 13:41 - 00002999 _____ C:\Documents and Settings\Administrator\Desktop\JRT.txt
2015-07-27 13:09 - 2015-07-27 13:17 - 00000000 ____D C:\AdwCleaner
2015-07-26 21:49 - 2015-07-27 13:20 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-26 21:46 - 2015-07-26 21:46 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-26 21:46 - 2015-07-26 21:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-26 21:45 - 2015-07-26 21:46 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-26 21:45 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-26 21:45 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-26 20:53 - 2015-07-26 22:32 - 00000180 _____ C:\WINDOWS\setupact.log
2015-07-26 20:53 - 2015-07-26 20:53 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-23 09:53 - 2006-09-05 15:28 - 00038480 ____N (CANON INC.) C:\WINDOWS\system32\IJRMF.exe
2015-07-22 01:50 - 2015-07-22 01:50 - 00000000 _____ C:\WINDOWS\EEventManager.INI
2015-07-21 23:24 - 2015-07-21 23:24 - 00000045 _____ C:\WINDOWS\WF-4630.ini
2015-07-21 23:18 - 2015-07-27 12:18 - 00000917 _____ C:\WINDOWS\Tasks\EPSON WF-4630 Series Update {0F4A6D9A-2324-4AAE-8868-421933931469}.job
2015-07-21 23:18 - 2015-07-27 12:18 - 00000731 _____ C:\WINDOWS\Tasks\EPSON WF-4630 Series Invitation {0F4A6D9A-2324-4AAE-8868-421933931469}.job
2015-07-21 23:11 - 2015-07-21 23:11 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-07-21 23:11 - 2013-10-22 00:04 - 00142848 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_TLMBKLE.DLL
2015-07-21 23:11 - 2011-03-14 23:03 - 00081408 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_TD4BKLE.DLL
2015-07-21 23:11 - 2007-04-09 21:06 - 00008192 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_DCINST.DLL
2015-07-21 23:04 - 2015-07-21 23:04 - 00000159 _____ C:\Documents and Settings\All Users\Desktop\Epson WF-4630 User’s Guide.url
2015-07-21 23:01 - 2015-07-22 01:38 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Epson
2015-07-21 23:00 - 2015-07-22 01:38 - 00000000 ____D C:\Program Files\EPSON Software
2015-07-21 23:00 - 2015-07-22 01:38 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\EPSON Software
2015-07-21 23:00 - 2015-07-21 23:00 - 00000000 ____D C:\Program Files\EpsonNet
2015-07-21 23:00 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2015-07-21 23:00 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2015-07-21 23:00 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2015-07-21 23:00 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2015-07-21 23:00 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2015-07-21 23:00 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2015-07-21 23:00 - 2012-05-17 00:00 - 00126128 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
2015-07-21 23:00 - 2011-12-12 00:00 - 00342016 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\eswiaud.dll
2015-07-21 23:00 - 2010-11-22 13:27 - 00147472 _____ (TWAIN Working Group) C:\WINDOWS\system32\twaindsm.dll
2015-07-20 15:45 - 2015-07-20 15:45 - 00017920 _____ C:\Documents and Settings\Administrator\Desktop\Q2 2015 FeesInvoiceDetails.xls
2015-07-20 13:29 - 2015-07-20 13:41 - 00009539 _____ C:\Documents and Settings\Administrator\Desktop\Q2-2015Billings.xlsx
2015-07-16 22:26 - 2015-07-23 09:59 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\EPSON
2015-07-16 22:26 - 2015-07-21 23:00 - 00000665 _____ C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
2015-07-16 22:26 - 2015-07-16 22:26 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\EPSON Scan
2015-07-16 22:26 - 2007-03-27 00:00 - 00067072 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\escwiad.dll
2015-07-16 22:16 - 2015-07-23 09:57 - 00053521 _____ C:\WINDOWS\setupapi.log
2015-07-16 21:50 - 2015-07-16 21:50 - 00000604 _____ C:\Documents and Settings\Administrator\My Documents\cc_July 15 backkup.reg
2015-07-07 10:27 - 2015-07-07 10:27 - 00000841 _____ C:\Documents and Settings\All Users\Desktop\Avira.lnk
2015-07-04 14:39 - 2015-07-04 14:39 - 00000704 _____ C:\Documents and Settings\Administrator\Desktop\Quoizel Cortland Instrcutions.lnk
2015-07-04 14:25 - 2015-07-04 14:25 - 00000704 _____ C:\Documents and Settings\Administrator\Desktop\Quoizel Salem Instructions.lnk
2015-07-04 13:23 - 2015-07-17 12:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-27 13:52 - 2010-04-23 08:42 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2015-07-27 13:34 - 2014-03-05 12:47 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-27 13:20 - 2010-04-23 08:35 - 01575187 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-27 13:20 - 2004-08-04 06:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-07-27 13:19 - 2014-03-27 09:32 - 00000238 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-07-27 13:19 - 2014-03-05 12:47 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-27 13:19 - 2010-04-23 19:49 - 00215383 _____ C:\WINDOWS\system32\nvapps.xml
2015-07-27 13:19 - 2010-04-23 04:23 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-07-27 13:19 - 2010-04-23 04:23 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-07-27 13:18 - 2010-04-23 08:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-27 13:17 - 2014-10-15 05:26 - 00165274 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-07-27 13:17 - 2010-04-23 08:42 - 00032442 _____ C:\WINDOWS\SchedLgU.Txt
2015-07-27 13:17 - 2010-04-23 08:34 - 00000000 ____D C:\WINDOWS\Registration
2015-07-27 13:04 - 2010-04-23 13:02 - 00002515 _____ C:\Documents and Settings\Administrator\Desktop\Word 2007.lnk
2015-07-27 11:25 - 2015-06-13 21:34 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-07-27 01:41 - 2014-10-15 05:26 - 01073650 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-515967899-725345543-500-0.dat
2015-07-26 17:55 - 2013-03-05 13:35 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2015-07-26 14:17 - 2010-04-26 14:16 - 00000140 _____ C:\WINDOWS\datapo32.INI
2015-07-26 14:16 - 2010-04-23 17:54 - 00000000 ____D C:\Axys3
2015-07-26 09:59 - 2012-02-01 04:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2585542$
2015-07-25 17:35 - 2014-03-05 12:48 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-07-25 13:55 - 2015-06-13 21:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Avira
2015-07-25 13:54 - 2015-06-13 21:27 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-07-25 13:54 - 2015-06-13 21:27 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-25 02:27 - 2010-04-23 08:42 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2015-07-25 02:27 - 2010-04-23 08:42 - 00000000 ____D C:\Documents and Settings\Administrator
2015-07-23 09:52 - 2010-04-23 20:27 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Canon
2015-07-23 09:52 - 2010-04-23 04:17 - 00000000 ____D C:\WINDOWS\twain_32
2015-07-22 10:31 - 2010-05-16 13:44 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Re-Orgs of Holdings
2015-07-22 00:20 - 2010-09-09 22:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\EPSON
2015-07-21 23:03 - 2010-09-09 22:34 - 00000000 ____D C:\Program Files\epson
2015-07-21 23:03 - 2010-04-23 09:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-07-17 12:01 - 2010-04-23 20:15 - 00000000 _____ C:\WINDOWS\system32\NEWSOFT
2015-07-16 21:59 - 2010-04-23 04:21 - 00000211 ___SH C:\boot.ini
2015-07-16 21:59 - 2004-08-04 06:00 - 00000507 _____ C:\WINDOWS\win.ini
2015-07-16 21:59 - 2004-08-04 06:00 - 00000227 _____ C:\WINDOWS\system.ini
2015-07-15 20:29 - 2014-08-10 15:20 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2015-07-15 20:26 - 2012-04-04 10:37 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-15 20:26 - 2011-05-18 10:03 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-07-15 09:47 - 2013-07-19 05:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-15 09:38 - 2010-04-23 12:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-07-08 15:00 - 2014-03-27 09:32 - 00000232 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-07-08 10:01 - 2015-06-13 21:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-07-07 10:26 - 2015-06-13 21:19 - 00000000 ____D C:\Program Files\Avira
2015-07-05 12:17 - 2010-06-28 18:15 - 00000000 ____D C:\Program Files\Defraggler
2015-07-05 12:09 - 2012-11-13 06:27 - 00000000 ____D C:\Program Files\CCleaner
2015-07-05 09:26 - 2014-11-24 18:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-03 08:49 - 2010-04-23 11:07 - 127070192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-29 16:17 - 2014-06-04 15:38 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Chimicles Case
==================== Files in the root of some directories =======
2013-05-07 11:04 - 2013-03-13 13:58 - 6533200 _____ (AVAST Software) C:\Program Files\AVAST Soft
2010-04-23 19:21 - 2014-10-29 21:35 - 0003584 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\_is28E.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-07-2015
Ran by Administrator at 2015-07-27 13:53:01
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1993962763-515967899-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1993962763-515967899-725345543-1003 - Limited - Enabled)
Guest (S-1-5-21-1993962763-515967899-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1993962763-515967899-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1993962763-515967899-725345543-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
APC PowerChute Personal Edition (HKLM\...\{5A0C892E-FD1C-4203-941E-0956AED20A6A}) (Version: 2.0 - American Power Conversion Corporation)
ArcSoft PhotoImpression 6 (HKLM\...\{D03E7B00-CA85-4684-9321-1888873C34BD}) (Version: 6 - ArcSoft)
ArcSoft Print Creations (HKLM\...\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}) (Version: - ArcSoft)
Avira (HKLM\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Axys Report Writer Pro (Version: - ) Hidden
Canon Auto Update Service (HKLM\...\Auto Update Service) (Version: 1.1.2.18 - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.9.0.8 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.8.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon MP Navigator 2.2 (HKLM\...\MP Navigator 2.2) (Version: - )
Canon MP830 User Registration (HKLM\...\Canon MP830 User Registration) (Version: - )
Canon Utilities Easy-PhotoPrint (HKLM\...\Easy-PhotoPrint) (Version: - )
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.6.0.15 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.10.0000 - Dell Inc.)
Document Capture Pro (HKLM\...\{8930DCE5-510D-4476-A879-835188F7B6F4}) (Version: 1.06.0011 - Seiko Epson Corporation)
Document Capture Pro OneNote Connector (HKLM\...\{65FC2F65-FCD4-495C-B250-1F7C049E4A39}) (Version: 1.00.0000 - Seiko Epson Corporation)
Dropbox (HKU\S-1-5-21-1993962763-515967899-725345543-500\...\Dropbox) (Version: 1.2.52 - Dropbox, Inc.)
DX (HKLM\...\DX) (Version: - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{E4631929-CBD3-49A1-9BB7-F36E701F7C34}) (Version: 3.10.0040 - Seiko Epson Corporation)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.53.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-4630 Series Printer Uninstall (HKLM\...\EPSON WF-4630 Series) (Version: - SEIKO EPSON Corporation)
Epson WF-4630 User’s Guide version 1.0 (HKLM\...\UsersGuideEpson WF-4630 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
GoToAssist Corporate (HKLM\...\GoToAssist) (Version: 10.4.0.896 - Citrix Online, a division of Citrix Systems, Inc.)
GoToMeeting 4.5.0.457 (HKU\S-1-5-21-1993962763-515967899-725345543-500\...\GoToMeeting) (Version: - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Java 7 Update 76 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
Java 8 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSN (HKLM\...\MSNINST) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0 - Webroot Software, Inc.) Hidden
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
NexDef Plug-in (HKLM\...\Autobahn) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
pipes (HKLM\...\5227-6584-8232-0004) (Version: - )
Presto! PageManager 7.15.14 (HKLM\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.14E - NewSoft)
QuickBooks 2000 (HKLM\...\QuickBooks 2000) (Version: - )
ScanSoft OmniPage SE 4.0 (HKLM\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
SMPlayer 0.6.9 (HKLM\...\SMPlayer) (Version: 0.6.9 - RVM)
Software Updater (HKLM\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
TD AMERITRADE Statements/Confirmations Manager (HKLM\...\{812A8682-4387-11D7-B10D-0001022C9950}) (Version: 1.11.0.0 - TD AMERITRADE, Inc.)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows PowerShell 1.0 MUI pack (HKLM\...\KB926141) (Version: 2 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\457\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\WINDOWS\system32\mscomctl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1993962763-515967899-725345543-500_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
==================== Restore Points =========================
26-07-2015 22:31:16 July 26 2015Restore Point
27-07-2015 13:35:19 JRT Pre-Junkware Removal
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 06:00 - 2010-10-21 06:26 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON WF-4630 Series Invitation {0F4A6D9A-2324-4AAE-8868-421933931469}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TTSKLE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-4630 Series Update {0F4A6D9A-2324-4AAE-8868-421933931469}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TTSKLE.EXE:/EXE:{0F4A6D9A-2324-4AAE-8868-421933931469} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => 0x01050100CAB242AF436BA44B9FB20F57C4EF841A46004E0100000000F0000100200000000014730F000000000313040050028821000000000000000000000000000000000000380063003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F0066007400200053006500630075007200690074007900200043006C00690065006E0074005C004D00700043006D006400520075006E002E00650078006500000026005300630061006E0020002D005300630068006500640075006C0065004A006F00620020002D0052006500730074007200690063007400500072006900760069006C006500670065007300000000000700530059005300540045004D000000140050006500720069006F0064006900630020007300630061006E0020007400610073006B002E000000000008000200078000000000010030000000DD070300050000000000000011002B0000000000000000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1993962763-515967899-725345543-500\...\advisorservices.com -> advisorservices.com
IE trusted site: HKU\S-1-5-21-1993962763-515967899-725345543-500\...\advisorservices.com -> hxxps://advisorservices.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1993962763-515967899-725345543-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1 - 71.242.0.12
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Dropbox.lnk => C:\WINDOWS\pss\Dropbox.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^NexDef Plug-in.lnk => C:\WINDOWS\pss\NexDef Plug-in.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^APC UPS Status.lnk => C:\WINDOWS\pss\APC UPS Status.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Fabrik Ultimate Backup Status.lnk => C:\WINDOWS\pss\Fabrik Ultimate Backup Status.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Delivery Agent.lnk => C:\WINDOWS\pss\QuickBooks Delivery Agent.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: atchk => "C:\Program Files\Intel\AMT\atchk.exe"
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ctfmon.exe => "C:\WINDOWS\system32\ctfmon.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: KernelFaultCheck => "%systemroot%\system32\dumprep" 0 -k
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MSConfig => C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NvCplDaemon => "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: nwiz => "nwiz.exe" /install
MSCONFIG\startupreg: OpwareSE4 => "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
MSCONFIG\startupreg: Persistence => "C:\WINDOWS\system32\igfxpers.exe"
MSCONFIG\startupreg: SoundMAXPnP => "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
MSCONFIG\startupreg: Spotify => "C:\Documents and Settings\Administrator\Application Data\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Documents and Settings\Administrator\Application Data\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
MSCONFIG\startupreg: SpySweeper => "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\program files\real\realplayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: WrtMon.exe => "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE] => Disabled:Microsoft Office OneNote
StandardProfile\AuthorizedApplications: [C:\WINDOWS\Network Diagnostic\xpnetdiag.exe] => Disabled:@xpsp3res.dll,-20000
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe] => Disabled:Dropbox
StandardProfile\AuthorizedApplications: [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe] => Disabled:Yahoo! Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe] => Disabled:Opera Internet Browser - Plugin wrapper
StandardProfile\AuthorizedApplications: [C:\Program Files\pipes\pipes.exe] => Enabled:pipes
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe] => :LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Disabled:Microsoft Management Console
StandardProfile\AuthorizedApplications: [C:\Program Files\pandasecuritytb\ToolbarCleaner.exe] => Enabled:ToolbarCleaner
StandardProfile\AuthorizedApplications: [C:\Spotify.exe] => Disabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe] => Disabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\Opera\opera.exe] => Disabled:Opera Internet Browser
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\EPSON Software\Event Manager\EEventManager.exe] => Enabled:EEventManager.exe
StandardProfile\AuthorizedApplications: [D:\Common\EpsonNet Setup\ENEasyApp.exe] => Enabled:EpsonNet Setup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/27/2015 01:17:40 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/27/2015 01:17:40 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/27/2015 01:17:40 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\RECENT\VIRUS STUFF.DOC.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/27/2015 01:17:40 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\RECENT\VIRUS STUFF.DOC.LNK> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/27/2015 12:11:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.exe, version 15.0.12.402, faulting module msvcp120.dll, version 12.0.21005.1, fault address 0x0000e5a8.
Processing media-specific event for [update.exe!ws!]
Error: (07/25/2015 07:54:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.exe, version 15.0.12.402, faulting module msvcp120.dll, version 12.0.21005.1, fault address 0x0000e5a8.
Processing media-specific event for [update.exe!ws!]
Error: (07/25/2015 03:54:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.exe, version 15.0.12.402, faulting module msvcp120.dll, version 12.0.21005.1, fault address 0x0000e5a8.
Processing media-specific event for [update.exe!ws!]
Error: (07/24/2015 08:18:52 AM) (Source: $(ProductName) Service Host) (EventID: 0) (User: )
Description: Failed to process session change. System.InvalidOperationException: Collection was modified; enumeration operation may not execute.
at System.ThrowHelper.ThrowInvalidOperationException(ExceptionResource resource)
at System.Collections.Generic.Dictionary`2.ValueCollection.Enumerator.MoveNext()
at Avira.OE.ServiceHost.ServiceModelListStorage.InvokeServiceModelCreated(ServiceModelDictionary serviceModelDictionary, String userSid)
at Avira.OE.ServiceHost.ServiceModelListStorage.GetServiceModelDictionary(String userId)
at Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
at Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, IntPtr eventData)
Error: (06/14/2015 09:34:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application spybotsd.exe, version 1.6.2.46, faulting module spybotsd.exe, version 1.6.2.46, fault address 0x000049ee.
Processing media-specific event for [spybotsd.exe!ws!]
Error: (06/02/2015 07:10:10 PM) (Source: MsiInstaller) (EventID: 11706) (User: JOHN-A1D9946862)
Description: Product: TD AMERITRADE Statements/Confirmations Manager -- Error 1706. No valid source could be found for product TD AMERITRADE Statements/Confirmations Manager. The Windows installer cannot continue.(NULL)(NULL)(NULL)(NULL)
System errors:
=============
Error: (07/27/2015 01:35:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 4.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (07/27/2015 01:35:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/27/2015 01:35:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/27/2015 01:35:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Active Management Technology User Notification Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/27/2015 01:35:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).
Error: (07/27/2015 01:35:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/27/2015 01:35:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
Error: (07/27/2015 01:35:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Error: (07/27/2015 01:35:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Epson Scanner Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/27/2015 01:35:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The EpsonCustomerParticipation service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office:
=========================
Error: (03/20/2014 04:35:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22910 seconds with 60 seconds of active time. This session ended with a crash.
Error: (09/30/2012 07:26:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 62 seconds with 0 seconds of active time. This session ended with a crash.
Error: (08/13/2012 03:27:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/14/2011 03:48:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/14/2011 02:06:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/14/2011 03:16:51 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10578 seconds with 60 seconds of active time. This session ended with a crash.
Error: (06/11/2010 02:00:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/11/2010 02:00:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/11/2010 01:53:49 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 21%
Total physical RAM: 3325.54 MB
Available physical RAM: 2608.12 MB
Total Virtual: 6488.33 MB
Available Virtual: 5532.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149 GB) (Free:92.56 GB) NTFS ==>[drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 41AB2316)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End of log ============================