Jump to content

Cibirochka

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Cibirochka
    Thank you. Malwarebytes can't find anything now. I'm sorry for wasting your time. Previously I was running scans on my non-admin account and it kept finding things after restart. But before posting I only ran it once as an admin and did not check after that if it was finding anything. I will do so in the future.
  2. Cibirochka
    Malwarebytes is finding trojan threats on my computer, and I remove them. However, they show up again on restart. I appreciate your help. The Farbar log contents are below: ------------------------------------ FRST.txt -------------------------------------------- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015Ran by irina_admin (administrator) on X220 on 22-03-2015 09:06:16Running from C:\Users\irina_admin\DesktopLoaded Profiles: irina_admin (Available profiles: admin & sergey & Irina & irina_admin & maxim & reserve)Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 10 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Lenovo.) C:\Windows\System32\TpShocks.exe(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-25] ()HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [384344 2014-02-17] (Lenovo.)HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (Lenovo Group Limited)HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (Lenovo Group Limited)HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitorHKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [113656 2013-07-02] (Intel Corporation)HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)HKLM-x32\...\Run: [hogu] => "C:\Users\irina_admin\AppData\Local\hogu\hogu.exe"Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)HKLM\...\Policies\Explorer\Run: [hogu] => "C:\Users\irina_admin\AppData\Local\hogu\hogu.exe" No FileHKU\S-1-5-21-2418754909-3486107267-4277394310-1003\...A8F59079A8D5}\localserver32: <==== ATTENTION!HKU\S-1-5-18\...A8F59079A8D5}\localserver32: <==== ATTENTION!Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGinaStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnkShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnkShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19] (Oracle Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19] (Oracle Corporation)Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-06] ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-06] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2014-07-09] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2014-07-09] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-19] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-19] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No FileFF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\irina_admin\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-2418754909-3486107267-4277394310-1003: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No FileFF HKU\.DEFAULT\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-09-03]FF HKU\S-1-5-21-2418754909-3486107267-4277394310-1003\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 Chrome: =======CHR Profile: C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-22]CHR Extension: (Google Docs) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-22]CHR Extension: (Google Drive) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-22]CHR Extension: (YouTube) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-22]CHR Extension: (Google Search) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-22]CHR Extension: (Google Sheets) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-22]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-22]CHR Extension: (ThinkVantage Password Manager) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2015-03-22]CHR Extension: (Google Wallet) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-22]CHR Extension: (Gmail) - C:\Users\irina_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-22]CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-06-25] (Lenovo.)R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79872 2012-11-01] (VMware, Inc.) [File not signed]S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-11-15] (Synaptics Incorporated)R2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2013-05-12] () [File not signed]S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)U3 awkvow91; C:\Windows\System32\Drivers\awkvow91.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-22 09:06 - 2015-03-22 09:06 - 00020558 _____ () C:\Users\irina_admin\Desktop\FRST.txt2015-03-22 08:52 - 2015-03-22 08:52 - 00000000 ____D () C:\Users\irina_admin\AppData\Roaming\Apple Computer2015-03-22 08:42 - 2015-03-22 08:42 - 00050550 _____ () C:\Users\Irina\Desktop\FRST.txt2015-03-22 08:42 - 2015-03-22 08:42 - 00026237 _____ () C:\Users\Irina\Desktop\Addition.txt2015-03-22 08:40 - 2015-03-22 09:06 - 00000000 ____D () C:\FRST2015-03-22 08:40 - 2015-03-22 08:40 - 02095616 _____ (Farbar) C:\Users\irina_admin\Desktop\FRST64.exe2015-03-21 18:44 - 2015-03-22 08:53 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-03-21 18:43 - 2015-03-21 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-03-21 18:43 - 2015-03-21 18:43 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-03-21 18:43 - 2015-03-21 18:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-03-21 18:43 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-03-21 18:43 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-03-21 18:43 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-03-21 18:42 - 2015-03-21 18:42 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Irina\Downloads\mbam-setup-2.1.4.1018.exe2015-03-21 12:41 - 2015-03-21 12:41 - 97766744 _____ (Lenovo Group Limited ) C:\Users\Irina\Downloads\83d640ww.exe2015-03-20 18:27 - 2015-03-21 21:41 - 00000000 ____D () C:\Program Files (x86)\LOLReplay2015-03-20 18:27 - 2015-03-20 18:30 - 00000000 ____D () C:\Users\irina_admin\AppData\Local\hogu2015-03-20 18:27 - 2015-03-20 18:27 - 01528537 _____ () C:\Users\Irina\Downloads\LOLReplay-0.8.9.30.exe2015-03-20 18:27 - 2015-03-20 18:27 - 00000000 ____D () C:\Users\irina_admin\Documents\LOLReplay2015-03-17 18:52 - 2015-03-17 18:52 - 00000000 ____D () C:\Users\Irina\Desktop\Copies Skyrim Saves2015-03-12 23:18 - 2015-03-12 23:45 - 00000000 ____D () C:\Users\Irina\AppData\Roaming\Audacity2015-03-12 23:18 - 2015-03-12 23:18 - 00001023 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk2015-03-12 23:18 - 2015-03-12 23:18 - 00001011 _____ () C:\Users\Public\Desktop\Audacity.lnk2015-03-12 23:18 - 2015-03-12 23:18 - 00000000 ____D () C:\Program Files (x86)\Audacity2015-03-12 23:17 - 2015-03-12 23:17 - 22892794 _____ (Audacity Team ) C:\Users\Irina\Downloads\audacity-win-2.0.6.exe2015-03-07 16:32 - 2015-03-07 16:40 - 00000000 ____D () C:\Users\Irina\Documents\Futon2015-03-06 13:29 - 2015-03-06 13:30 - 00000000 ____D () C:\Users\irina_admin\AppData\Local\Adobe2015-03-05 19:34 - 2015-03-05 19:34 - 03611014 _____ () C:\Users\Irina\Downloads\Engineering Professionalism.pptx2015-03-04 14:34 - 2015-03-10 13:46 - 00000000 ____D () C:\Users\Irina\AppData\Local\Microsoft Games2015-03-01 15:49 - 2015-03-01 15:49 - 07150971 _____ () C:\Users\Irina\Downloads\Ethics Class Presentation.pptx2015-03-01 11:03 - 2015-03-01 11:03 - 00000000 ____D () C:\Users\reserve\AppData\Roaming\Apple Computer2015-02-28 23:22 - 2015-02-28 23:22 - 00000000 ____D () C:\Users\Irina\AppData\Local\Steam2015-02-28 12:48 - 2015-03-22 08:54 - 00000124 _____ () C:\Users\irina_admin\Documents\ax_files.xml2015-02-28 10:41 - 2015-03-22 08:57 - 00747778 _____ () C:\Windows\system32\perfh00A.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00742470 _____ () C:\Windows\system32\perfh010.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00692842 _____ () C:\Windows\system32\perfh00C.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00481696 _____ () C:\Windows\system32\perfh001.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00395262 _____ () C:\Windows\system32\perfh00D.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00159368 _____ () C:\Windows\system32\perfc00A.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00147832 _____ () C:\Windows\system32\perfc010.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00130988 _____ () C:\Windows\system32\perfc00C.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00095834 _____ () C:\Windows\system32\perfc001.dat2015-02-28 10:41 - 2015-03-22 08:57 - 00085944 _____ () C:\Windows\system32\perfc00D.dat2015-02-28 10:41 - 2015-02-28 01:02 - 00341432 _____ () C:\Windows\system32\perfi00A.dat2015-02-28 10:41 - 2015-02-28 01:02 - 00041390 _____ () C:\Windows\system32\perfd00A.dat2015-02-28 10:41 - 2015-02-28 00:42 - 00229316 _____ () C:\Windows\system32\perfi00D.dat2015-02-28 10:41 - 2015-02-28 00:42 - 00032166 _____ () C:\Windows\system32\perfd00D.dat2015-02-28 10:41 - 2015-02-28 00:30 - 00335478 _____ () C:\Windows\system32\perfi010.dat2015-02-28 10:41 - 2015-02-28 00:30 - 00037534 _____ () C:\Windows\system32\perfd010.dat2015-02-28 10:41 - 2015-02-28 00:25 - 00344522 _____ () C:\Windows\system32\perfi00C.dat2015-02-28 10:41 - 2015-02-28 00:25 - 00289060 _____ () C:\Windows\system32\perfi001.dat2015-02-28 10:41 - 2015-02-28 00:25 - 00042056 _____ () C:\Windows\system32\perfd001.dat2015-02-28 10:41 - 2015-02-28 00:25 - 00038160 _____ () C:\Windows\system32\perfd00C.dat2015-02-28 01:04 - 2015-02-28 01:04 - 00000000 ____D () C:\Windows\SysWOW64\es2015-02-28 01:04 - 2015-02-28 01:04 - 00000000 ____D () C:\Windows\SysWOW64\0C0A2015-02-28 01:04 - 2015-02-28 01:04 - 00000000 ____D () C:\Windows\system32\es2015-02-28 01:04 - 2015-02-28 01:04 - 00000000 ____D () C:\Windows\system32\0C0A2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\it2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\he2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\fr2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\sl-SI2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\he-IL2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\ar-SA2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\ar2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\04102015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\SysWOW64\040C2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\system32\it2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\system32\he2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\system32\fr2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\system32\Drivers\sl-SI2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\system32\ar2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\system32\04102015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\system32\040C2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\sl-SI2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\he-IL2015-02-28 01:03 - 2015-02-28 01:03 - 00000000 ____D () C:\Windows\ar-SA2015-02-28 01:02 - 2015-02-28 01:02 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\sk-SK2015-02-28 01:02 - 2015-02-28 01:02 - 00000000 ____D () C:\Windows\system32\Drivers\sk-SK2015-02-28 01:02 - 2015-02-28 01:02 - 00000000 ____D () C:\Windows\sk-SK2015-02-28 00:50 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll2015-02-28 00:50 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll2015-02-28 00:17 - 2015-03-22 08:57 - 00699218 _____ () C:\Windows\system32\perfh007.dat2015-02-28 00:17 - 2015-03-22 08:57 - 00149826 _____ () C:\Windows\system32\perfc007.dat2015-02-28 00:17 - 2015-02-28 00:16 - 00295922 _____ () C:\Windows\system32\perfi007.dat2015-02-28 00:17 - 2015-02-28 00:16 - 00038104 _____ () C:\Windows\system32\perfd007.dat2015-02-28 00:16 - 2015-02-28 00:16 - 00000000 ____D () C:\Windows\SysWOW64\de2015-02-28 00:16 - 2015-02-28 00:16 - 00000000 ____D () C:\Windows\SysWOW64\04072015-02-28 00:16 - 2015-02-28 00:16 - 00000000 ____D () C:\Windows\system32\de2015-02-28 00:16 - 2015-02-28 00:16 - 00000000 ____D () C:\Windows\system32\04072015-02-28 00:12 - 2015-01-13 01:59 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-02-28 00:12 - 2015-01-13 01:59 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-02-28 00:12 - 2015-01-13 01:58 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-02-28 00:12 - 2015-01-13 01:57 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-02-28 00:12 - 2015-01-13 01:57 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-02-28 00:12 - 2015-01-13 01:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-02-28 00:12 - 2015-01-13 01:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-02-28 00:12 - 2015-01-13 00:01 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-02-28 00:12 - 2015-01-13 00:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-02-28 00:12 - 2015-01-13 00:00 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-02-28 00:12 - 2015-01-13 00:00 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-02-28 00:12 - 2015-01-13 00:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-02-28 00:12 - 2015-01-13 00:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-02-28 00:12 - 2015-01-13 00:00 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-02-28 00:12 - 2015-01-13 00:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-02-28 00:12 - 2015-01-13 00:00 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-02-28 00:12 - 2015-01-13 00:00 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-02-28 00:12 - 2015-01-12 23:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-02-28 00:12 - 2015-01-12 23:17 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-02-28 00:12 - 2015-01-12 22:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-02-28 00:11 - 2015-01-13 01:59 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-02-28 00:11 - 2015-01-13 01:59 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-02-28 00:11 - 2015-01-13 01:58 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-02-28 00:11 - 2015-01-13 01:58 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-02-28 00:11 - 2015-01-13 01:58 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-02-28 00:11 - 2015-01-13 01:57 - 15403008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-02-28 00:11 - 2015-01-13 01:57 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-02-28 00:11 - 2015-01-13 01:57 - 02655744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-02-28 00:11 - 2015-01-13 01:57 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-02-28 00:11 - 2015-01-13 01:57 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-02-28 00:11 - 2015-01-13 01:57 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-02-28 00:11 - 2015-01-13 01:57 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-02-28 00:11 - 2015-01-13 01:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-02-28 00:11 - 2015-01-13 01:57 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2015-02-28 00:11 - 2015-01-13 00:01 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-02-28 00:11 - 2015-01-13 00:00 - 14373376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-02-28 00:11 - 2015-01-13 00:00 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-02-28 00:11 - 2015-01-13 00:00 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-02-28 00:11 - 2015-01-13 00:00 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-02-28 00:11 - 2015-01-13 00:00 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-02-28 00:11 - 2015-01-13 00:00 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-02-28 00:11 - 2015-01-13 00:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-02-28 00:11 - 2015-01-13 00:00 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2015-02-28 00:11 - 2015-01-13 00:00 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-02-28 00:11 - 2015-01-12 23:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-02-28 00:11 - 2015-01-12 22:52 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2015-02-28 00:11 - 2015-01-12 22:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2015-02-28 00:09 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll2015-02-28 00:09 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll2015-02-28 00:09 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2015-02-28 00:06 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2015-02-28 00:06 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2015-02-28 00:05 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-02-25 17:59 - 2015-02-25 17:59 - 01343488 _____ () C:\Users\Irina\Downloads\Lecture_5_DD_vahid_ch3.ppt2015-02-23 20:40 - 2015-02-23 20:41 - 21287344 _____ (Dell, Inc.) C:\Users\Irina\Downloads\vWorkspaceConnectorForWindows (1).exe2015-02-23 20:40 - 2015-02-23 20:40 - 00000000 ____D () C:\Users\Irina\AppData\Roaming\Provision Networks2015-02-23 20:35 - 2015-02-23 20:35 - 00002061 _____ () C:\Users\Irina\Desktop\AppPortal.lnk2015-02-23 20:35 - 2015-02-23 20:35 - 00000000 ____D () C:\Users\Irina\AppData\Roaming\Quest Software2015-02-23 20:35 - 2015-02-23 20:35 - 00000000 ____D () C:\Users\Irina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quest Software2015-02-23 20:34 - 2015-02-23 20:34 - 00000000 ____D () C:\Users\Irina\AppData\Roaming\Downloaded Installations2015-02-23 20:33 - 2015-02-23 20:33 - 21287344 _____ (Dell, Inc.) C:\Users\Irina\Downloads\vWorkspaceConnectorForWindows.exe2015-02-20 13:56 - 2015-02-20 13:57 - 06963594 _____ (Carl Burch, Hendrix College) C:\Program Files\logisim-win-2.7.1.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-22 09:06 - 2013-03-24 21:59 - 01518826 _____ () C:\Windows\WindowsUpdate.log2015-03-22 09:03 - 2014-08-05 14:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-03-22 09:02 - 2013-05-12 07:57 - 00000000 ____D () C:\ProgramData\VMware2015-03-22 09:02 - 2010-11-20 22:47 - 00016876 _____ () C:\Windows\PFRO.log2015-03-22 09:02 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-03-22 09:02 - 2009-07-13 23:51 - 00127261 _____ () C:\Windows\setupact.log2015-03-22 08:59 - 2009-07-13 23:45 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-03-22 08:59 - 2009-07-13 23:45 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-03-22 08:57 - 2013-05-11 16:53 - 00727002 _____ () C:\Windows\system32\perfh019.dat2015-03-22 08:57 - 2013-05-11 16:53 - 00151524 _____ () C:\Windows\system32\perfc019.dat2015-03-22 08:57 - 2009-07-14 00:13 - 06108466 _____ () C:\Windows\system32\PerfStringBackup.INI2015-03-22 08:40 - 2014-08-05 14:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-03-22 08:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing2015-03-21 19:07 - 2014-07-24 22:57 - 00000000 ____D () C:\Program Files (x86)\Steam2015-03-21 12:08 - 2014-08-05 14:54 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-03-20 18:27 - 2013-05-11 16:42 - 00109280 _____ () C:\Users\irina_admin\AppData\Local\GDIPFONTCACHEV1.DAT2015-03-18 22:40 - 2014-10-21 18:35 - 00000000 ____D () C:\Users\Irina\AppData\Roaming\Skype2015-03-18 16:00 - 2014-10-29 19:44 - 00003822 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 14146298472015-03-18 16:00 - 2014-10-29 19:44 - 00000000 ____D () C:\Program Files (x86)\Opera2015-03-06 13:30 - 2013-05-12 09:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-03-06 13:30 - 2013-05-12 09:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-03-03 08:17 - 2010-11-20 22:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2015-03-01 14:21 - 2014-10-19 16:29 - 00000000 ____D () C:\Users\reserve\AppData\Local\Adobe2015-03-01 12:07 - 2014-10-19 16:29 - 00000000 ____D () C:\Users\reserve\AppData\Roaming\Adobe2015-03-01 11:03 - 2014-10-19 16:29 - 00109280 _____ () C:\Users\reserve\AppData\Local\GDIPFONTCACHEV1.DAT2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sl-SI2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sk-SK2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\he-IL2015-02-28 10:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\ar-SA2015-02-28 10:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache2015-02-28 10:39 - 2009-07-13 23:45 - 00409552 _____ () C:\Windows\system32\FNTCACHE.DAT2015-02-28 01:04 - 2013-05-11 16:52 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer2015-02-28 01:04 - 2011-04-12 02:45 - 00000000 ____D () C:\Program Files\Windows Journal2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\SysWOW64\winrm2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\SysWOW64\WCN2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\SysWOW64\sysprep2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\SysWOW64\slmgr2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\system32\winrm2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\system32\WCN2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\system32\slmgr2015-02-28 01:04 - 2011-04-12 02:38 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts2015-02-28 01:04 - 2009-07-14 00:37 - 00000000 ____D () C:\Windows\DigitalLocker2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\DVD Maker2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer2015-02-28 01:04 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\com2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Setup2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\oobe2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\MUI2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\migwiz2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\com2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\servicing2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\IME2015-02-28 01:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System2015-02-28 01:03 - 2013-05-12 08:06 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL2015-02-28 01:03 - 2013-05-12 08:06 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA2015-02-28 00:57 - 2013-05-12 07:58 - 02471934 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2015-02-28 00:48 - 2014-11-05 21:17 - 00000000 ____D () C:\Windows\system32\MRT2015-02-24 19:38 - 2013-05-11 16:42 - 00000000 ____D () C:\Users\irina_admin2015-02-23 20:49 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp ==================== Files in the root of some directories ======= 2015-02-20 13:56 - 2015-02-20 13:57 - 6963594 _____ (Carl Burch, Hendrix College) C:\Program Files\logisim-win-2.7.1.exe Some content of TEMP:====================C:\Users\admin\AppData\Local\Temp\_isFB8D.exeC:\Users\Irina\AppData\Local\Temp\20141213095640574jniverify.dllC:\Users\Irina\AppData\Local\Temp\SkypeSetup.exeC:\Users\irina_admin\AppData\Local\Temp\swt-win32-3349.dllC:\Users\irina_admin\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-14 22:07 ==================== End Of Log ============================ ------------------------------------ Addition.txt -------------------------------------------- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015Ran by irina_admin at 2015-03-22 09:06:52Running from C:\Users\irina_admin\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)Adobe Reader 9.5.4 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.4 - Adobe Systems Incorporated)Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Applian FLV Player (HKLM-x32\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Braid (HKLM-x32\...\Steam App 26800) (Version: - Number None)Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05182 - Cisco Systems, Inc.)Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05182 - Cisco Systems, Inc.) HiddenCiv3 Conquests v1.22 Full (HKLM-x32\...\{4C2BF3B9-7E8A-49DE-B662-3656FE60BB01}) (Version: - )Civilization III (HKLM-x32\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version: - )Civilization III v1.29f (HKLM-x32\...\{31E2413D-8AA1-43EC-8B8D-77B65ADA4611}) (Version: - )Civilization III: Conquests (HKLM-x32\...\{F31BC49F-AB7B-4A53-A399-EB7331B585BC}) (Version: - )Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)Garmin Training Center (HKLM-x32\...\{7D542452-84EB-47C0-97BA-735C523AB555}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.26.9 - Google Inc.) HiddenHL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.5.0 - Brother Industries, Ltd.)Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)Intel® Identity Protection Technology 1.2.32.0 (HKLM-x32\...\{2D793E41-F598-1014-9984-F3B169A93F79}) (Version: 1.2.32.0 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.80.1211 - Intel Corporation)Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)Intel® WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)League of Legends (x32 Version: 3.0.0 - Riot Games) HiddenLenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - )Lenovo Patch Utility (x32 Version: 1.3.2.4 - Lenovo Group Limited) HiddenLenovo Patch Utility 64 bit (Version: 1.3.2.4 - Lenovo Group Limited) HiddenLenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) HiddenMicrosoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft Office 2000 SR-1 Premium (HKLM-x32\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)Motorola Mobile Drivers Installation 5.7.0 (HKLM\...\{0E088A29-9D31-4162-B363-0AACD9429C53}) (Version: 5.7.0 - Motorola Inc.)Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )Opera Stable 28.0.1750.48 (HKLM-x32\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA)Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.66.1 - Lenovo Group Limited)RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)Syberia (HKLM-x32\...\Steam App 46500) (Version: - Anuman)System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)TextPad 5 (HKLM-x32\...\{B6EC7388-E277-4A5B-8C8F-71067A41BA64}) (Version: 5.3.1 - Helios)The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.13 - )ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)Touchless For Windows (HKLM-x32\...\Touchless) (Version: 7287.0.0 - Leap Motion)VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.1 - VMware, Inc)VMware Player (Version: 5.0.1 - VMware, Inc.) HiddenvWorkspace Connector for Windows (HKLM-x32\...\{880C3615-F307-458E-84A5-2E46BC7D3475}) (Version: 8.5.307.1955 - Dell, Inc.)Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2418754909-3486107267-4277394310-1003_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> No File Path ==================== Restore Points ========================= 11-03-2015 14:15:30 Windows Update14-03-2015 21:32:57 Windows Update18-03-2015 09:14:36 Windows Update21-03-2015 17:26:37 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {18676DF3-4239-4E32-A535-9AD4A8FB75E7} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-06-25] (Lenovo Group Limited)Task: {1DB678A3-62F7-47F7-94C9-50769FC6D609} - System32\Tasks\Opera scheduled Autoupdate 1414629847 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-16] (Opera Software)Task: {27982AFD-F2B5-492C-99DF-C661A9495F9A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()Task: {30F9200A-D6B3-41BC-AAA0-159E3D1BA7FE} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)Task: {52D860CF-7CEC-4FE5-910F-887E0521E62D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)Task: {6A6D856B-FA05-421B-8D5E-16478CD337A6} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-11-15] (Synaptics Incorporated)Task: {770BDC40-6DB2-4D78-AD04-B4AFEAC40B5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)Task: {7D8A9129-A86A-4A2A-BC5A-953C798C25E7} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)Task: {7FF6AB43-D688-46D4-8687-940841A8F369} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)Task: {840E35A6-7A72-4EFF-B0A4-E137114509CB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)Task: {93ABA66D-E2A4-4C76-9D7B-7EBF2A1138A4} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()Task: {A3F2C789-0116-46F8-8ECB-B7FD1AEF2938} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()Task: {AA2856E1-6F8F-4530-B8C6-F4DE9EF7100B} - System32\Tasks\Lenovo\SROptimizer => %TRPATH%\SRORest.exeTask: {DDB3D707-5210-43C1-A263-28AFBC2538B1} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)Task: {EC5F03D3-7614-42E2-A97A-EB1688141EE2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {EE0F61BB-53ED-4103-A66B-8638C0179E7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-05] (Google Inc.)Task: {FBDD7A07-EF17-431C-AA48-C750D71A0F4F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF2010-03-24 22:38 - 2010-03-24 22:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll2013-03-25 01:52 - 2014-06-25 06:06 - 00104960 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll2013-03-24 23:11 - 2010-10-25 23:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe2014-09-03 22:33 - 2014-06-23 20:47 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll2013-03-24 22:17 - 2011-08-17 20:00 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2014-08-15 13:25 - 2014-08-15 13:25 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2012-11-01 02:34 - 2012-11-01 02:34 - 01260184 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll2014-09-03 22:39 - 2011-06-29 18:09 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll2014-09-03 22:39 - 2011-06-29 18:09 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll2013-05-12 10:22 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll2014-06-23 20:44 - 2014-06-23 20:44 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF2010-03-24 22:17 - 2010-03-24 22:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll2015-03-21 12:08 - 2015-03-14 05:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll2015-03-21 12:08 - 2015-03-14 05:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll2015-03-21 12:08 - 2015-03-14 05:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll2015-03-21 12:08 - 2015-03-14 05:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2418754909-3486107267-4277394310-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\irina_admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe ==================== Accounts: ============================= admin (S-1-5-21-2418754909-3486107267-4277394310-1000 - Administrator - Enabled) => C:\Users\adminAdministrator (S-1-5-21-2418754909-3486107267-4277394310-500 - Administrator - Disabled)Guest (S-1-5-21-2418754909-3486107267-4277394310-501 - Limited - Disabled)Irina (S-1-5-21-2418754909-3486107267-4277394310-1002 - Limited - Enabled) => C:\Users\Irinairina_admin (S-1-5-21-2418754909-3486107267-4277394310-1003 - Administrator - Enabled) => C:\Users\irina_adminmaxim (S-1-5-21-2418754909-3486107267-4277394310-1014 - Limited - Enabled) => C:\Users\maximreserve (S-1-5-21-2418754909-3486107267-4277394310-1025 - Limited - Enabled) => C:\Users\reservesergey (S-1-5-21-2418754909-3486107267-4277394310-1001 - Limited - Enabled) => C:\Users\sergey ==================== Faulty Device Manager Devices ============= Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: Cisco SystemsService: vpnvaProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (03/22/2015 09:03:24 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/22/2015 08:52:49 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/22/2015 08:34:48 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/22/2015 08:19:53 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/21/2015 10:42:45 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/21/2015 09:32:07 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: LoLPatcher.exe, version: 0.10.0.98, time stamp: 0x54fa6522Faulting module name: LoLPatcher.exe, version: 0.10.0.98, time stamp: 0x54fa6522Exception code: 0xc0000005Fault offset: 0x000dbef7Faulting process id: 0x1138Faulting application start time: 0xLoLPatcher.exe0Faulting application path: LoLPatcher.exe1Faulting module path: LoLPatcher.exe2Report Id: LoLPatcher.exe3 Error: (03/21/2015 09:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: League of Legends.exe, version: 5.5.0.278, time stamp: 0x55035bb6Faulting module name: BugSplat.dll, version: 3.3.0.8, time stamp: 0x52dabc8eException code: 0xc0000005Fault offset: 0x0000eb87Faulting process id: 0x20c0Faulting application start time: 0xLeague of Legends.exe0Faulting application path: League of Legends.exe1Faulting module path: League of Legends.exe2Report Id: League of Legends.exe3 Error: (03/21/2015 09:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: LolClient.exe, version: 0.0.0.0, time stamp: 0x515663e0Faulting module name: RPCRT4.dll, version: 6.1.7601.18532, time stamp: 0x53c3352aException code: 0xc00000fdFault offset: 0x00018948Faulting process id: 0x380Faulting application start time: 0xLolClient.exe0Faulting application path: LolClient.exe1Faulting module path: LolClient.exe2Report Id: LolClient.exe3 Error: (03/21/2015 09:01:44 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/21/2015 08:45:26 PM) (Source: ESENT) (EventID: 104) (User: )Description: taskhost (18164) WebCacheLocal: The database engine stopped the instance (0) with error (-510). System errors:=============Error: (03/22/2015 08:22:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (03/22/2015 08:18:22 AM) (Source: DCOM) (EventID: 10005) (User: )Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Microsoft Office Sessions:=========================Error: (03/22/2015 09:03:24 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/22/2015 08:52:49 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/22/2015 08:34:48 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/22/2015 08:19:53 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/21/2015 10:42:45 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/21/2015 09:32:07 PM) (Source: Application Error) (EventID: 1000) (User: )Description: LoLPatcher.exe0.10.0.9854fa6522LoLPatcher.exe0.10.0.9854fa6522c0000005000dbef7113801d06444447bfa2bC:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcher.exeC:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.23\deploy\LoLPatcher.exea1d6a8e4-d03b-11e4-bff6-005056c00008 Error: (03/21/2015 09:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: League of Legends.exe5.5.0.27855035bb6BugSplat.dll3.3.0.852dabc8ec00000050000eb8720c001d064459ad192a0C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.81\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.81\deploy\BugSplat.dll7cf077c0-d03b-11e4-bff6-005056c00008 Error: (03/21/2015 09:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: LolClient.exe0.0.0.0515663e0RPCRT4.dll6.1.7601.1853253c3352ac00000fd0001894838001d0644448a21a04C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.134\deploy\LolClient.exeC:\Windows\syswow64\RPCRT4.dll7cefdb7e-d03b-11e4-bff6-005056c00008 Error: (03/21/2015 09:01:44 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/21/2015 08:45:26 PM) (Source: ESENT) (EventID: 104) (User: )Description: taskhost18164WebCacheLocal: 0-510 ==================== Memory info =========================== Processor: Intel® Core i5-2540M CPU @ 2.60GHzPercentage of memory in use: 45%Total physical RAM: 7967.23 MBAvailable physical RAM: 4322.21 MBTotal Pagefile: 7981.41 MBAvailable Pagefile: 4541.98 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:141.44 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 91A3B0DA)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.