Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Am I a spam relay?


  • Please log in to reply

#1
rw1950merritt

rw1950merritt

    Member

  • Member
  • PipPip
  • 22 posts

Every month or so, a large portion of my contact list receives junk email from me with embedded http links. 

I have scanned my pc with AVG internet security many times and it comes up clean.

I have a message header that indicates the messages are sent from sweden by a user in sweden. The messages do not appear in my sent items folder. They do not even have my name correct as the sender. 

I called my email hosting company and the messages were not sent through their servers. They have since added an spf entry to my dns records.

I use godaddy and their servers are imap.secureserver.net and smtpout.secureserver.net

 

Thanks for your help,

Bob Merritt

 

 

Message header.

 

X-ASG-Debug-ID: 1447085889-050b25614199970001-TpLqb7
Received: from smtprelay-h11.telenor.se (smtprelay-h11.telenor.se [62.127.194.4]) by barracuda.responsiblemetal.com with ESMTP id yppuV0jKC8qc2FXX; Mon, 09 Nov 2015 08:18:09 -0800 (PST)
X-Barracuda-Envelope-From: [email protected]
X-ASG-Whitelist: Sender
X-Barracuda-Effective-Source-IP: smtprelay-h11.telenor.se[62.127.194.4]
X-Barracuda-Apparent-Source-IP: 62.127.194.4
Received: from ipb3.telenor.se (ipb3.telenor.se [195.54.127.166])
by smtprelay-h11.telenor.se (Postfix) with ESMTP id 3F37B48741;
Mon,  9 Nov 2015 17:04:27 +0100 (CET)
X-SMTPAUTH-B2: [[email protected]]
X-SENDER-IP: [151.249.166.191]
X-LISTENER: [smtp.bredband.net]
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2D9/wBQw0BWOr+m+ZcrCgUBAQgzAQEBAQ8BAQEBgV4BAQNbZTsQUY0SCQKiCoZuAYR7GIUREoFWhCIEghABAQEBAQIGAQEBASoEEz8fIgECAgICAQEBAwICgUsBAYIjIAUnAjAFBgMEWyAKCgsBBAEdBYgiAUPARYtSh1+PcIg3jwJJg3eDJYsch2kRhHcdgTohOIEEMicFBzuBYwEBAQ
X-IPAS-Result: A2D9/wBQw0BWOr+m+ZcrCgUBAQgzAQEBAQ8BAQEBgV4BAQNbZTsQUY0SCQKiCoZuAYR7GIUREoFWhCIEghABAQEBAQIGAQEBASoEEz8fIgECAgICAQEBAwICgUsBAYIjIAUnAjAFBgMEWyAKCgsBBAEdBYgiAUPARYtSh1+PcIg3jwJJg3eDJYsch2kRhHcdgTohOIEEMicFBzuBYwEBAQ
X-Suspected-Spam: Yes
X-IronPort-AV: E=Sophos;i="5.20,266,1444687200"; 
   d="scan'208,217";a="1003955487"
Received: from 151-249-166-191.ie.iptv.by (HELO WIN-NPPN1JPV75J) ([151.249.166.191])
  by ipb3.telenor.se with ESMTP; 09 Nov 2015 17:03:43 +0100
From: Cass Forrington <[email protected]>
To: "RMERRITT" <[email protected]>, "monika" <[email protected]>, "Dan Martin" <[email protected]>, "Cande Arreola" 
Subject: Fw: new message
Date: Mon, 9 Nov 2015 08:03:32 -0800
X-ASG-Orig-Subj: Fw: new message
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0001_789EAB47.49AEBA6A"
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AdEi86MwnMWdlB+npvMJyAJWxYIyNQ==
Content-Language: en-us
X-Barracuda-Connect: smtprelay-h11.telenor.se[62.127.194.4]
X-Barracuda-Start-Time: 1447085889
X-Barracuda-Orig-Rcpt: [email protected],[email protected]
X-Barracuda-Scan-Msg-Size: 2255
X-Virus-Scanned: by bsmtpd at responsiblemetal.com
X-Barracuda-BRTS-Status: 1
X-Barracuda-BRTS-URL-Found: softcraftltd.co.uk (*Spam.Unknown)
 
 
frst.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
Ran by admin (administrator) on P6110Y (09-11-2015 12:47:52)
Running from C:\Documents and Settings\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin & LogMeInRemoteUser)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Cyberlink Corp.) C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter2\brctrcen.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\admin\Local Settings\Application Data\Akamai\netsession_win.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Acresso Corporation) C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\admin\Local Settings\Application Data\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\dgnsvc.exe
(BUFFALO INC.) C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
(BUFFALO INC.) C:\Program Files\BUFFALO\NASNAVI\nassche.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe
(BUFFALO INC.) C:\Program Files\BUFFALO\NASNAVI\nassvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~2\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20117648 2012-10-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Tracker] => C:\Program Files\MySoftware\MyInvoices\tracker.exe [102400 2002-11-25] ()
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768 2003-10-31] (Cyberlink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4431848 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2012-11-29] (LogMeIn, Inc.)
HKLM\...\Run: [EaseUs Watch] => C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe [70792 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Run: [EaseUs Tray] => C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe [743560 2011-12-26] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [ControlCenter2.0] => C:\Program Files\Brother\ControlCenter2\brctrcen.exe [995328 2005-11-11] (Brother Industries, Ltd.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [DNS7reminder] => C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM\...\Run: [RUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll [2015-11-02] (LogMeIn, Inc.)
HKU\S-1-5-21-73586283-583907252-682003330-1003\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\admin\Local Settings\Application Data\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-73586283-583907252-682003330-1003\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-73586283-583907252-682003330-1003\...\Run: [ISUSPM] => C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [222496 2011-06-05] (Acresso Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll [2010-11-30] (EldoS Corporation)
Startup: C:\Documents and Settings\admin\Start Menu\Programs\Startup\Billminder.lnk [2013-03-21]
ShortcutTarget: Billminder.lnk -> C:\QUICKENW\billmind.exe (Intuit)
Startup: C:\Documents and Settings\admin\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk [2014-01-19]
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Documents and Settings\admin\Start Menu\Programs\Startup\NAS Scheduler.lnk [2014-01-19]
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2013-03-21]
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk [2014-06-23]
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{F6D90AC0-1B08-4665-A242-38DA3DEFCA82}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{F6D90AC0-1B08-4665-A242-38DA3DEFCA82}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKU\S-1-5-21-73586283-583907252-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-73586283-583907252-682003330-1003 -> {7BD76FAF-F996-4399-88D2-DA746437052B} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20130418,19890,0,8,0
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Virtual Storage Mount Notification -> {5FF49FE8-B332-4CB9-B102-FB6951629E55} -> C:\WINDOWS\system32\CbFsMntNtf3.dll [2010-11-30] (EldoS Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Toolbar: HKU\S-1-5-21-73586283-583907252-682003330-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Toolbar: HKU\S-1-5-21-73586283-583907252-682003330-1003 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363737874531
DPF: {8B3512EF-4FF5-4AA4-9CDE-56BB03E04B9F} hxxps://dbsicee01.infor.com/public/cab/DbSICEE.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1100
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\3svmx30y.default
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll [2014-08-19] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll [2004-01-13] ()
FF Plugin: @vmware.com/vmrc,version=5.1.0.00000 -> C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.1\Firefox\np-vmware-vmrc.dll [2013-12-06] (VMware, Inc.)
FF Plugin: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-73586283-583907252-682003330-1003: @citrixonline.com/appdetectorplugin -> C:\Documents and Settings\admin\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll [2013-07-30] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\cgpcfg.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CgpCore.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\confmgr.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxlogging.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxmui.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icafile.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icalogon.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\msvcm80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\msvcp80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\msvcr80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npicaN.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\TcpPServ.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\admin\Application Data\mozilla\plugins\npatgpc.dll [2015-01-26] (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-06-09] [not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-08-20]
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
CHR Extension: (Google Docs) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-01]
CHR Extension: (Cisco WebEx Extension) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-01-26]
CHR Extension: (FromDocToPDF) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2015-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
R2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1442344 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DragonSvc; C:\Program Files\Common Files\Nuance\dgnsvc.exe [296808 2011-06-05] (Nuance Communications, Inc.)
R2 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [61064 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Guard Agent; C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe [23176 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 NasPmService; C:\Program Files\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [674008 2013-12-06] (VMware, Inc.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [122320 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [32672 2015-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [172856 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [278992 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [159648 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [191440 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 cbfs3; C:\WINDOWS\system32\drivers\cbfs3.sys [273552 2010-11-30] (EldoS Corporation)
R1 cdrbsvsd; C:\WINDOWS\system32\Drivers\cdrbsvsd.sys [13056 2003-07-16] (B.H.A Corporation) [File not signed]
S2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) [File not signed]
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [50312 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [43784 2011-12-22] () [File not signed]
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [16008 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [185864 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 FRIdrv; C:\WINDOWS\System32\drivers\FRIdrv.sys [3968 2015-08-21] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
R2 hcmon; C:\WINDOWS\system32\drivers\hcmon.sys [39384 2013-12-06] (VMware, Inc.)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed]
S3 rusb3hub; C:\WINDOWS\System32\DRIVERS\rusb3hub.sys [90248 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\WINDOWS\System32\DRIVERS\rusb3xhc.sys [180744 2012-08-27] (Renesas Electronics Corporation)
S0 cerc6; no ImagePath
S4 IntelIde; no ImagePath
S4 LMIRfsClientNP; no ImagePath
U1 WS2IFSL; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-09 12:47 - 2015-11-09 12:48 - 00023487 _____ C:\Documents and Settings\admin\Desktop\FRST.txt
2015-11-09 12:46 - 2015-11-09 12:47 - 00000000 ____D C:\FRST
2015-11-09 12:46 - 2015-11-09 12:46 - 01702400 _____ (Farbar) C:\Documents and Settings\admin\Desktop\FRST.exe
2015-11-05 06:07 - 2015-11-05 08:18 - 00000000 ____D C:\Documents and Settings\admin\Desktop\attachments
2015-11-03 09:53 - 2015-11-03 09:53 - 00000949 _____ C:\WINDOWS\setupapi.log
2015-11-03 09:53 - 2015-11-03 09:53 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2015-10-20 19:17 - 2015-10-20 19:17 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-10-20 19:17 - 2015-10-20 19:17 - 00000000 ____D C:\Program Files\CCleaner
2015-10-20 19:17 - 2015-10-20 19:17 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2015-10-13 12:14 - 2015-10-14 06:04 - 00000000 ____D C:\Documents and Settings\admin\My Documents\retirement
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-09 12:48 - 2013-03-19 14:43 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Temp
2015-11-09 12:41 - 2013-10-25 11:28 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-09 12:39 - 2013-03-30 07:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\LogMeIn
2015-11-09 12:37 - 2014-06-08 07:11 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2015-11-09 12:26 - 2013-03-19 05:58 - 00000311 _____ C:\WINDOWS\wiadebug.log
2015-11-09 12:25 - 2013-03-22 15:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2015-11-09 10:30 - 2013-03-19 14:39 - 01516116 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-09 09:29 - 2014-11-03 08:38 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MCShield
2015-11-09 09:29 - 2014-03-27 15:16 - 00000222 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-11-09 09:29 - 2014-01-28 15:08 - 00000735 _____ C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Client.lnk
2015-11-09 09:29 - 2014-01-28 15:08 - 00000719 _____ C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-11-09 09:29 - 2013-10-25 11:28 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-09 09:29 - 2013-03-31 16:15 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-11-09 09:29 - 2013-03-19 14:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-09 09:29 - 2008-04-13 23:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-09 08:29 - 2014-05-16 09:53 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2015-11-09 08:29 - 2013-03-19 14:43 - 00000278 ___SH C:\Documents and Settings\admin\ntuser.ini
2015-11-09 08:29 - 2013-03-19 14:42 - 00032504 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-08 19:13 - 2013-03-21 10:36 - 00001168 _____ C:\WINDOWS\QUICKEN.INI
2015-11-08 15:00 - 2014-03-27 15:16 - 00000216 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-11-08 09:45 - 2013-03-21 17:42 - 00000002 _____ C:\temphtm.HTM
2015-11-06 16:31 - 2013-03-30 18:27 - 00000178 ___SH C:\Documents and Settings\LogMeInRemoteUser\ntuser.ini
2015-11-03 16:27 - 2013-03-19 05:56 - 00596130 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-03 07:30 - 2013-03-21 17:49 - 00011032 _____ C:\Documents and Settings\admin\My Documents\savingsbonds.sbw.bak
2015-11-03 07:30 - 2013-03-21 17:49 - 00011032 _____ C:\Documents and Settings\admin\My Documents\savingsbonds.sbw
2015-11-02 17:56 - 2013-03-30 07:46 - 00000000 ____D C:\Program Files\LogMeIn
2015-11-02 17:55 - 2013-03-30 07:46 - 00102944 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-11-02 17:55 - 2013-03-30 07:46 - 00097792 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2015-11-02 17:55 - 2013-03-30 07:46 - 00031232 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIport.dll
2015-11-01 16:50 - 2013-03-21 17:33 - 00000000 ____D C:\Documents and Settings\admin\Desktop\Laurelindorinan
2015-10-31 14:44 - 2013-03-19 14:43 - 00000000 ____D C:\Documents and Settings\admin
2015-10-31 05:37 - 2014-04-29 18:18 - 00000426 _____ C:\WINDOWS\BRWMARK.INI
2015-10-27 15:36 - 2013-03-21 10:23 - 00000000 ____D C:\PrintMusic! 2001
2015-10-22 21:42 - 2013-10-25 11:29 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-10-20 19:17 - 2015-03-22 07:39 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-20 12:10 - 2013-03-21 17:00 - 00000000 ____D C:\download
2015-10-14 06:21 - 2014-12-04 20:28 - 00000000 ____D C:\Documents and Settings\admin\My Documents\rlapiertrust
2015-10-13 16:58 - 2014-05-16 09:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-10-13 16:56 - 2013-07-11 12:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 16:50 - 2013-03-19 16:17 - 141105520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-13 16:49 - 2008-04-13 23:00 - 00000573 _____ C:\WINDOWS\win.ini
 
==================== Files in the root of some directories =======
 
2013-03-21 10:40 - 2004-03-11 12:27 - 0040960 _____ () C:\Program Files\Uninstall_CDS.exe
2014-12-26 13:12 - 2014-12-26 13:12 - 0001914 _____ () C:\Documents and Settings\admin\Application Data\SAS7_000.DAT
2013-09-06 09:11 - 2015-06-08 18:53 - 0000600 _____ () C:\Documents and Settings\admin\Application Data\winscp.rnd
2015-04-29 10:16 - 2015-04-29 10:16 - 0003584 _____ () C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
Ran by admin (2015-11-09 12:48:13)
Running from C:\Documents and Settings\admin\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2013-03-19 22:41:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
admin (S-1-5-21-73586283-583907252-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\admin
Administrator (S-1-5-21-73586283-583907252-682003330-500 - Administrator - Enabled)
Guest (S-1-5-21-73586283-583907252-682003330-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-73586283-583907252-682003330-1000 - Limited - Disabled)
LogMeInRemoteUser (S-1-5-21-73586283-583907252-682003330-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\LogMeInRemoteUser
SUPPORT_388945a0 (S-1-5-21-73586283-583907252-682003330-1002 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG update module (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG update module (Disabled) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AccessData Forensic Toolkit (Version: 1.81.6 - AccessData) Hidden
AccessData Forensic Toolkit 1.81.6 (HKLM\...\{801B359F-D437-4668-94FA-76E925F2CBA9}) (Version: 1.81.6 - AccessData)
AccessData FTK Imager (HKLM\...\{9DC4C53B-5C6A-4AAF-BC10-AD30D3C5EEEB}) (Version: 3.3.0.5 - AccessData)
Adobe Acrobat - Reader 6.0.2 Update (HKLM\...\{AC76BA86-0000-0000-0000-6028747ADE01}) (Version: 6.0.2 - Adobe Systems)
Adobe Acrobat 6.0.1 Standard (HKLM\...\{AC76BA86-1033-0000-BA7E-000000000001}) (Version: 006.000.001 - Adobe Systems)
Adobe Acrobat and Reader 6.0.3 Update (HKLM\...\{AC76BA86-0000-7EC8-7489-000000000603}) (Version: 6.0.3 - Adobe Systems)
Adobe Acrobat and Reader 6.0.4 Update (HKLM\...\{AC76BA86-0000-7EC8-7489-000000000604}) (Version: 6.0.4 - Adobe Systems)
Adobe Acrobat and Reader 6.0.5 Update (HKLM\...\{AC76BA86-0000-7EC8-7489-000000000605}) (Version: 6.0.5 - Adobe Systems)
Adobe Acrobat and Reader 6.0.6 Update (HKLM\...\{AC76BA86-0000-7EC8-7489-000000000606}) (Version: 6.0.6 - Adobe Systems)
Adobe Atmosphere Player for Acrobat and Adobe Reader (HKLM\...\Adobe Atmosphere Player) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-73586283-583907252-682003330-1003\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM\...\AmUStor) (Version: 3.10.142.72249 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 3.10.142.72249 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3544 - AVG Technologies)
AVG 2013 (Version: 13.0.3544 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4447 - AVG Technologies) Hidden
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite (HKLM\...\{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}) (Version: 1.00.000 - )
BUFFALO LinkStation(LS-XL Series) Setup Guide (HKLM\...\UN110525) (Version:  - )
BUFFALO NAS Navigator2 (HKLM\...\UN060501) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
Citrix Online Launcher (HKLM\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Citrix XenApp Plugin for Hosted Apps (HKLM\...\{C1CCF2E9-4851-4783-8076-D9C3F7DDD487}) (Version: 11.0.150.5357 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DBF Viewer 2000 3.25 (HKLM\...\DBF Viewer 2000) (Version: 3.25 - HiBase Group)
Documents To Go Desktop for iPhone (HKLM\...\DTGDesktop) (Version: 2.0000.006 - DataViz, Inc.)
Dragon NaturallySpeaking 11 (HKLM\...\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}) (Version: 11.50.100 - Nuance Communications Inc.)
Driver Genius (HKLM\...\Driver Genius_is1) (Version: 12.0 - Driver-Soft Inc.)
DVD Solution (HKLM\...\{B97CF5C3-0487-11D8-A36E-0050BAE317E1}) (Version:  - )
EaseUS Todo Backup Free 4.0 (HKLM\...\EaseUS Todo Backup Free 4.0_is1) (Version: 4.0.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
Envelopes From Outlook (HKLM\...\{12BAE046-DC64-4AC6-BB11-E1DC1DCA5C41}_is1) (Version:  - Tools4Contacts)
GetDataBack for FAT (HKLM\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 2.31.007 - Runtime Software)
GetDataBack for NTFS (HKLM\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 2.31.007 - Runtime Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HL-4150CDN (HKLM\...\{123DE6D6-9566-4777-AC81-E6D86FFA95DA}) (Version: 1.0.6.0 - Brother Industries, Ltd.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 0.0.0.0000 - Intel Corporation)
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Jewel Quest (HKLM\...\BFG-Jewel Quest) (Version:  - )
Jewel Quest Solitaire II (HKLM\...\BFG-Jewel Quest Solitaire II) (Version:  - )
Kernel Exchange EDB Viewer ver 11.05.01 (HKLM\...\Kernel Exchange EDB Viewer_is1) (Version:  - Lepide Software Pvt. ltd.)
KNCTR (HKLM\...\Itibiti_is1) (Version:  - Itibiti Inc.)
LogMeIn (HKLM\...\{0330FC8D-EDB2-455E-A3DC-B56DD107E4BC}) (Version: 4.1.2694 - LogMeIn, Inc.)
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.96 - LSI Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity)
[email protected] (HKLM\...\MediaShow) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Launcher (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version:  - )
MyDeluxeInvoices & Estimates 5.5.0.0 (HKLM\...\{A22CF42D-023D-4A7B-9033-802F666F6F44}) (Version:  - )
Orca (HKLM\...\{85F4CBCB-9BBC-4B50-A7D8-E1106771498D}) (Version: 3.1.3790.0000 - Microsoft Corporation)
Power2Go 3.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
PrintMusic! 2001 (HKLM\...\PrintMusic! 2001) (Version:  - )
Quicken Basic 98 (HKLM\...\Quicken Basic 98) (Version:  - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6782 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Samsung SCX-4100 Series (HKLM\...\Samsung SCX-4100 Series) (Version:  - )
Savings Bond Wizard (HKLM\...\Savings Bond Wizard) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}) (Version: 11.0.200 - Nuance Communications Inc.)
VMware vSphere Client 5.1 (HKLM\...\{09DC364B-A77A-49A0-972B-E43F0DACC5E3}) (Version: 5.1.0.3577 - VMware, Inc.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
WinSCP 5.1.5 (HKLM\...\winscp3_is1) (Version: 5.1.5 - Martin Prikryl)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-73586283-583907252-682003330-1003_Classes\CLSID\{B2C192C7-4005-4A8A-8485-BC7932DE3800}\localserver32 -> C:\Program Files\LogMeIn\Ignition\LMIIgnition.exe (LogMeIn, Inc.)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2008-04-13 23:00 - 2008-04-13 23:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-13 13:00 - 2011-12-22 22:08 - 00051848 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll
2013-05-13 13:00 - 2008-11-25 16:18 - 01291264 _____ () C:\Program Files\EaseUS\Todo Backup\bin\libxml2.dll
2013-05-13 13:00 - 2004-10-05 02:08 - 00055808 _____ () C:\Program Files\EaseUS\Todo Backup\bin\zlib1.dll
2013-05-13 13:00 - 2011-12-22 22:08 - 00114312 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-05-13 13:00 - 2011-12-22 22:08 - 00245896 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExImage.dll
2013-05-13 13:00 - 2011-12-22 22:08 - 00069768 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-05-13 13:00 - 2011-12-22 22:08 - 00064648 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-05-13 13:00 - 2011-12-23 14:15 - 00023176 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AccountManager.dll
2013-05-13 13:00 - 2011-12-22 22:08 - 00093832 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBFireWall.dll
2014-04-29 18:18 - 2002-11-26 12:43 - 00106496 ____N () C:\WINDOWS\system32\BrMuSNMP.dll
2008-04-13 23:00 - 2008-04-13 23:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-13 23:00 - 2008-04-13 23:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-05-03 07:45 - 2014-02-10 12:44 - 04592128 _____ () C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-05-03 07:45 - 2014-02-10 12:44 - 00112128 _____ () C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0FF263E8
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:1AC933DC
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2CB9631F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:BDD83DC4
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-73586283-583907252-682003330-1003\...\infor.com -> hxxps://dbsicee01.infor.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-73586283-583907252-682003330-1003\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2013\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe] => Enabled:Agent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe] => Enabled:BUFFALO NAS Navigator2
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\GROOVE.EXE] => Enabled:Microsoft SharePoint Workspace
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Itibiti Soft Phone\Itibiti.exe] => Enabled:Itibiti.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe] => :LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server
StandardProfile\AuthorizedApplications: [C:\Program Files\TeamViewer\TeamViewer.exe] => Enabled:Teamviewer Remote Control Application
StandardProfile\AuthorizedApplications: [C:\Program Files\TeamViewer\TeamViewer_Service.exe] => Enabled:Teamviewer Remote Control Service
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2013\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2013\avgdiagex.exe] => Enabled:AVG Diagnostics 2013
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2013\avgemcx.exe] => Enabled:Personal Email Scanner
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [1059:TCP] => Enabled:Akamai NetSession Interface
StandardProfile\GloballyOpenPorts: [5000:UDP] => Enabled:Akamai NetSession Interface
 
==================== Faulty Device Manager Devices =============
 
Name: Renesas Electronics USB 3.0 Host Controller
Description: Renesas Electronics USB 3.0 Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Renesas Electronics
Service: rusb3xhc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/01/2015 04:44:40 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMIN\MY DOCUMENTS\CLIENTS\HOLIDAYINN\2015\11-15\HI-OCT-15.PDF> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (11/01/2015 04:44:40 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMIN\MY DOCUMENTS\CLIENTS\HOLIDAYINN\2015\11-15\HI-OCT-15.PDF> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (11/01/2015 04:44:01 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMIN\MY DOCUMENTS\CLIENTS\HOLIDAYINN\2015\11-15\HI INVOICE -- BOB MERRITT 11-01-15.PDF> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (11/01/2015 04:44:01 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ADMIN\MY DOCUMENTS\CLIENTS\HOLIDAYINN\2015\11-15\HI INVOICE -- BOB MERRITT 11-01-15.PDF> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (10/27/2015 03:36:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application printmusic.exe, version 6.0.0.0, faulting module printmusic.exe, version 6.0.0.0, fault address 0x0002ce66.
Processing media-specific event for [printmusic.exe!ws!]
 
Error: (10/27/2015 03:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application printmusic.exe, version 6.0.0.0, faulting module printmusic.exe, version 6.0.0.0, fault address 0x0002ce66.
Processing media-specific event for [printmusic.exe!ws!]
 
Error: (10/27/2015 03:24:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application printmusic.exe, version 6.0.0.0, faulting module printmusic.exe, version 6.0.0.0, fault address 0x0002ce66.
Processing media-specific event for [printmusic.exe!ws!]
 
Error: (10/27/2015 02:57:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application printmusic.exe, version 6.0.0.0, faulting module printmusic.exe, version 6.0.0.0, fault address 0x0002ce66.
Processing media-specific event for [printmusic.exe!ws!]
 
Error: (10/22/2015 08:06:08 AM) (Source: Microsoft Office 14) (EventID: 1000) (User: )
Description: Faulting application outlook.exe, version 14.0.7160.5000, stamp 55fb0b2c, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address 0x002e0020.
 
 
System errors:
=============
Error: (11/03/2015 04:25:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
 
Error: (11/03/2015 04:25:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {5F4BAAD0-4D59-4FCD-B213-783CE7A92F22} did not register with DCOM within the required timeout.
 
Error: (10/13/2015 05:27:17 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (10/13/2015 04:49:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (10/13/2015 04:49:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
 
Error: (10/13/2015 04:49:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (10/06/2015 09:01:25 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (10/06/2015 06:29:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (10/06/2015 06:29:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (10/04/2015 07:29:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The VMware USB Arbitration Service service hung on starting.
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 41%
Total physical RAM: 3318.16 MB
Available physical RAM: 1947.62 MB
Total Virtual: 5201.16 MB
Available Virtual: 3734.66 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.79 GB) (Free:59.98 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (DESSANGE002DISC01) (CDROM) (Total:3.93 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP