View Single Post
  #6  
Old September 6th, 2015, 02:24 AM
perplexed perplexed is offline
Senior Member
 
Join Date: Jun 2001
Posts: 2,397
Thanks so much!


Additional scan result of Farbar Recovery Scan Tool (x86) Version:04-09-2015
Ran by Jmg (2015-09-05 20:20:15)
Running from C:\Users\Jmg\Downloads
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-433151091-2507789458-3595603629-500 - Administrator - Disabled)
ASPNET (S-1-5-21-433151091-2507789458-3595603629-1003 - Limited - Enabled)
Guest (S-1-5-21-433151091-2507789458-3595603629-501 - Limited - Disabled)
Jmg (S-1-5-21-433151091-2507789458-3595603629-1000 - Administrator - Enabled) => C:\Users\Jmg
RA Media Server (S-1-5-21-433151091-2507789458-3595603629-1001 - Administrator - Enabled) => C:\Users\RA Media Server

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D 1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
ATT-RC Self Support Tool (HKLM\...\ATT-RC) (Version: - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.4) (Version: 5.0.1.4 - Coupons.com Incorporated)
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Dell DataSafe Online (HKLM\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0023 - Dell, Inc.)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Remote Access (HKLM\...\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}) (Version: 1.0.0.0 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08298 - Dell)
DELL0604 (Version: 1.0.0 - WildTangent) Hidden
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel(R) PRO Network Connections 12.1.11.0 (HKLM\...\PROSetDX) (Version: - Intel)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Lexmark 2600 Series (HKLM\...\Lexmark 2600 Series) (Version: - Lexmark International, Inc.)
Lexmark Toolbar (HKLM\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.13.37.0 - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Easy Assist v2 (HKLM\...\{326957C7-83FD-4550-A59A-849B7B4297DE}) (Version: 8.1.6416.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
P@H-Protocol (HKLM\...\{14F936AB-5D31-410E-A4E2-70AE504712F2}) (Version: 3.0.8.6 - Valassis)
RC_Vista.exe (HKLM\...\RC_Vista.exe) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RevTraxPrintMyCoupon (HKLM\...\{19E8EBBF-55F3-41FB-AC8E-373BA0436939}) (Version: 1.0.0.0 - RevTrax) <==== ATTENTION
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Sound Blaster Audigy ADVANCED MB (HKLM\...\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}) (Version: 1.0 - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
WildTangent Games (HKLM\...\WildTangent dell Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-433151091-2507789458-3595603629-1000_Classes\CLSID\{9F3041F6-9C7A-5252-AD04-F3C9EF05D2D9}\InprocServer32 -> C:\Users\Jmg\AppData\Roaming\RevTrax\RevTraxPrintM yCoupon\1.0.0.0\npRevTraxPrintMyCoupon.dll (RevTrax)

==================== Restore Points =========================

02-09-2015 12:05:11 Windows Update
02-09-2015 18:08:35 Removed CouponPrinterPlugin
02-09-2015 18:09:08 Removed Dell Dock
02-09-2015 18:10:33 Removed Dell Dock
02-09-2015 18:11:50 Removed Walgreens PictureMover.
02-09-2015 18:13:56 Removed Dell Getting Started Guide.
02-09-2015 18:14:17 Removed Dell Support Center (Support Software).
02-09-2015 18:16:25 Removed Java 8 Update 45
05-09-2015 13:45:39 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2010-08-20 10:33 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {AA39DF3E-0F1E-42A6-873A-8022831E320A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {D21D6367-0CD4-44E0-AEED-FA3AEA4830C1} - System32\Tasks\Installation App Launcher => C:\Program Files\Lexmark 2600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {E62B38A7-3744-4059-8731-02C0BBD23D81} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-28] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-08 14:58 - 2015-08-28 08:49 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-08 14:58 - 2015-08-28 08:49 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-04 14:56 - 2015-09-04 14:56 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090402\algo.dll
2015-09-05 06:51 - 2015-09-05 06:51 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090500\algo.dll
2015-09-05 13:12 - 2015-09-05 13:12 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090502\algo.dll
2014-06-03 10:25 - 2009-08-13 12:02 - 00147968 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxdndrpp .dll
2014-06-03 18:17 - 2010-02-04 04:05 - 00660136 _____ () C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
2014-06-03 18:17 - 2009-07-23 14:48 - 00380928 _____ () C:\Program Files\Lexmark 2600 Series\lxdnscw.dll
2014-06-03 18:17 - 2007-05-29 02:39 - 00589824 _____ () C:\Program Files\Lexmark 2600 Series\lxdndatr.dll
2014-06-03 18:17 - 2009-07-23 14:49 - 00782336 _____ () C:\Program Files\Lexmark 2600 Series\lxdnDRS.dll
2014-06-03 18:17 - 2009-05-14 08:46 - 00081920 _____ () C:\Program Files\Lexmark 2600 Series\lxdncaps.dll
2014-06-03 18:17 - 2007-10-02 09:51 - 00069632 _____ () C:\Program Files\Lexmark 2600 Series\lxdncnv4.dll
2014-06-03 18:17 - 2007-10-12 13:24 - 00364544 _____ () C:\Program Files\Lexmark 2600 Series\iptk.dll
2007-09-14 14:35 - 2007-09-14 14:35 - 05730304 _____ () C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
2007-09-24 08:27 - 2007-09-24 08:27 - 02035712 _____ () C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\LIBMYSQL.dll
2009-07-23 19:49 - 2009-07-23 19:49 - 00782336 _____ () C:\Windows\system32\lxdndrs.dll
2009-05-14 13:46 - 2009-05-14 13:46 - 00081920 _____ () C:\Windows\system32\lxdncaps.dll
2007-10-02 14:51 - 2007-10-02 14:51 - 00069632 _____ () C:\Windows\system32\lxdncnv4.dll
2015-05-08 14:58 - 2015-05-08 14:58 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-433151091-2507789458-3595603629-1000\...\meebo.com -> meebo.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-433151091-2507789458-3595603629-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-433151091-2507789458-3595603629-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{9848DDCD-4411-49F3-A928-60683F9DAC1D}] => (Allow) C:\Program Files\Dell Remote Access\ezi_ra.exe
FirewallRules: [{B2D82E31-64F6-4D3D-8B89-86CBCFFF5CB2}] => (Allow) C:\Program Files\Dell Remote Access\ezi_ra.exe
FirewallRules: [{9F8730F1-B717-481D-AF8E-B3CFA9893842}] => (Allow) C:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
FirewallRules: [{E0C063D8-6EE0-4B31-A4D7-EA6816EEF629}] => (Allow) C:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
FirewallRules: [{27F59DB3-14AA-41A0-BD71-0E632B83BEF3}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{3A4CE0C9-D062-4EA6-8E65-D08EBC7BCD90}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FDB3063F-9E44-47A7-B118-2847554D2872}] => (Allow) svchost.exe
FirewallRules: [{5EE23785-B670-4267-9653-5AEBE689D02A}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{B6E40CF1-42ED-4585-8F95-6890D1900EA7}] => (Allow) C:\ProgramData\SingleClick Systems\VLC\vlc.exe
FirewallRules: [{7A3E70FF-7FF8-4611-8CD0-1D333AE62F85}] => (Allow) C:\ProgramData\SingleClick Systems\VLC\vlc.exe
FirewallRules: [{3D5ED5A9-57A4-4432-9189-434F2993B0DD}] => (Allow) C:\Program Files\AVG\AVG8\avgemc.exe
FirewallRules: [{739AF580-3943-48FB-9419-C400A09C7E0B}] => (Allow) C:\Program Files\AVG\AVG8\avgupd.exe
FirewallRules: [{2E97D523-625D-457A-A445-63BF4B337F40}] => (Allow) C:\Program Files\AVG\AVG8\avgnsx.exe
FirewallRules: [{352D6A03-86CA-4BEE-9C51-49284A232967}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{999D8CE7-44BD-4638-9635-0C3A3CFE20EF}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{B18D1CA4-8E41-42DD-A890-886FE05C3BD1}] => (Allow) C:\Program Files\AIM6\aim6.exe
FirewallRules: [{AF86C38C-17A7-4813-B041-76E39CBD4767}] => (Allow) C:\Program Files\AIM6\aim6.exe
FirewallRules: [TCP Query User{EFB87D27-89B3-4AE9-A8F3-A0495394C91C}C:\program files\aim6\aim6.exe] => (Block) C:\program files\aim6\aim6.exe
FirewallRules: [UDP Query User{8AAB5B7A-6B60-4D92-ABF5-7A2FD9E3B966}C:\program files\aim6\aim6.exe] => (Block) C:\program files\aim6\aim6.exe
FirewallRules: [{FBBF1D12-A13A-4355-86B5-9F6F18C02908}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{059C0A5F-F027-4CF2-9AFF-B0B5E9881399}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5D9677E5-6EC7-4F2C-B2A4-CC590FF403C4}C:\windows\temp\occ.exe] => (Block) C:\windows\temp\occ.exe
FirewallRules: [UDP Query User{808641AD-1597-4C0A-B34E-51420174C37A}C:\windows\temp\occ.exe] => (Block) C:\windows\temp\occ.exe
FirewallRules: [{EE822A05-03F0-4F59-949C-08F75716DB29}] => (Allow) C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe
FirewallRules: [{E5A36D76-16D2-473B-84A6-859F36964FC6}] => (Allow) C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe
FirewallRules: [{C1B53403-871F-444B-AEEF-52F12160B8D8}] => (Allow) C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
FirewallRules: [{ABF0445D-A4FE-401C-A7B2-0C1381A3F556}] => (Allow) C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
FirewallRules: [{1DD1C47A-AF02-49C5-B19E-7D8228A03C4B}] => (Allow) C:\ProgramData\SingleClick Systems\MySQL\bin\mysql.exe
FirewallRules: [{905D490A-F6EE-441B-829B-000185F50AFB}] => (Allow) C:\ProgramData\SingleClick Systems\MySQL\bin\mysql.exe
FirewallRules: [{D038D729-5974-4647-838C-7D3CF6632203}] => (Allow) C:\ProgramData\SingleClick Systems\apache\php.exe
FirewallRules: [{698B1E2F-A6F2-4EBB-996A-9F60F2811BF0}] => (Allow) C:\ProgramData\SingleClick Systems\apache\php.exe
FirewallRules: [{FC881E16-BC35-4DCA-9F7A-BEB1A5F046F9}] => (Allow) C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe
FirewallRules: [{ADAE2C2D-DA84-4F34-860E-BBA56154F96C}] => (Allow) C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe
FirewallRules: [{AB4A85C5-EAC0-43F6-9584-A7C9487F8873}] => (Allow) LPort=40080
FirewallRules: [{949B0706-B5AD-4AE3-BA0F-A60BF85D27C7}] => (Allow) LPort=40090
FirewallRules: [{8CAC6681-9D7D-4317-B99D-F52803276666}] => (Allow) LPort=40091
FirewallRules: [{51CB3201-AAE5-4E62-B26E-7E2F9B123CC3}] => (Allow) LPort=40092
FirewallRules: [{B4582D87-E460-4980-B040-A82725052A60}] => (Allow) LPort=40093
FirewallRules: [{64E4602D-771F-4EC7-8264-66413EADB292}] => (Allow) LPort=40094
FirewallRules: [{1B9B7B2F-83B2-4361-98BB-53AA4534D4F4}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{EFB17237-7F39-4301-A137-E70D9B75C6B6}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{FDA3FC38-FAE8-42B7-9218-C495196022A7}] => (Allow) LPort=80
FirewallRules: [{67572C9C-22BF-474C-A93E-E8C3CE218C5F}] => (Allow) LPort=80
FirewallRules: [{C3C2D8AA-115F-4F31-A0B2-B1EBE3A21905}] => (Allow) LPort=80
FirewallRules: [{9648E0E8-B9BA-4B61-A0A5-B1A832C4419E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
FirewallRules: [{84F83860-34A5-49A9-B38D-A4420C5DAC74}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpsw x.exe
FirewallRules: [{BC4D219C-00B5-4F10-B9A4-0DC9A3CD534D}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpsw x.exe
FirewallRules: [{4214F0E6-C4FD-455D-B79C-9D91737BC473}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnamon.exe
FirewallRules: [{9D418FB9-E377-43D6-88DA-C197BC020EF8}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnamon.exe
FirewallRules: [{97D49608-93A2-4DF9-A459-E1CAB530F497}] => (Allow) C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{84E4F7E0-3B2A-47BC-8EF5-F6701E2B1763}] => (Allow) C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{06799D81-C9B3-4A7C-84E0-D35B9D5517DB}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
FirewallRules: [{0E06D329-2C78-46B8-B226-60D2A6A0EE32}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
FirewallRules: [{EAC641B5-8646-43D8-8115-87E2F7B66048}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdntim e.exe
FirewallRules: [{347A41FF-EE9F-48A2-BE46-DFF53903382F}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdntim e.exe
FirewallRules: [{94F80B55-2D80-49C8-8C3F-D8B064189D28}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnwbg w.exe
FirewallRules: [{B55555F7-62EB-44A6-AFD1-947EC7471F7B}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnwbg w.exe
FirewallRules: [{72983580-B411-4366-8E7D-774EC253959F}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnjsw x.exe
FirewallRules: [{12EBD3D1-9EE5-4B8C-AB0D-03B73E240476}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnjsw x.exe
FirewallRules: [{83216514-E440-40EF-B8D9-5960AD96F483}] => (Allow) C:\Program Files\Lexmark 2600 Series\frun.exe
FirewallRules: [{565665DD-0246-44E0-8BC6-EDF2CC6C9948}] => (Allow) C:\Program Files\Lexmark 2600 Series\frun.exe
FirewallRules: [{4E7EF32B-8F2C-427C-B99C-F418F2B8486F}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{F3F0BDF1-B466-40B4-9ED5-99B45A6028A1}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [TCP Query User{CFD34DE9-5AFC-426E-9170-D807AD95C9E7}C:\program files\lexmark 2600 series\lxdnlscn.exe] => (Allow) C:\program files\lexmark 2600 series\lxdnlscn.exe
FirewallRules: [UDP Query User{9FBE153B-55F9-4212-859A-48AB33654B2D}C:\program files\lexmark 2600 series\lxdnlscn.exe] => (Allow) C:\program files\lexmark 2600 series\lxdnlscn.exe
FirewallRules: [{2BA90ADE-4565-4666-A78E-6E42BBFE29A0}] => (Allow) C:\Program Files\ATT-HSI\pcBrowser.exe
FirewallRules: [{E288CEFA-46E6-441C-B118-976A3D42C7B4}] => (Allow) C:\Program Files\ATT-HSI\pcBrowser.exe
FirewallRules: [{DACA6E86-D0BA-4B24-9BE7-EC7F0564495A}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
FirewallRules: [{122094BB-2CEA-4DF9-AABA-A69E2FCDD9B5}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
FirewallRules: [{721BE386-2E84-44A7-86D2-16AED7C21F8A}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnlscn.exe
FirewallRules: [{8388936B-9D60-49FE-B13F-F5A3C12DE40F}] => (Allow) C:\Program Files\Lexmark 2600 Series\lxdnlscn.exe
FirewallRules: [{B6FED07E-006E-4C9D-B456-4FC3C0CDCC72}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{4B53A483-C5C5-45FD-8EA9-C3337B0D9AFE}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{F2A1C7B9-198F-4654-88F2-960D233E9651}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpsw x.exe
FirewallRules: [{1CB5E030-33F1-456C-B553-FA86B27157CF}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpsw x.exe
FirewallRules: [{36F907C1-3401-422C-84D4-66D0BA95B2FE}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{697217FD-1C5A-4B6F-9890-9A2C958EDB18}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{5EE1B311-E0B8-4CEA-9190-0488DE11657D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8D3227C4-7A99-4E23-832B-1126F12F95AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A94B297A-4E6F-4C9E-94D1-58C172A54CED}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CF046C62-4B55-4D41-A0C7-ECD850A47CEF}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{7D515ED1-FEB5-4621-B1A0-763C4F0DEDF6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{49900F62-9631-4583-865F-BE27C55C77C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: Lexmark 2600 Series #3
Description: Lexmark 2600 Series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2015 03:13:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 05:43:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 11:41:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 11:23:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 05:26:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2015 10:30:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 40.0.3.5716, time stamp 0x55ddb213, faulting module mozglue.dll, version 40.0.3.5716, time stamp 0x55dda062, exception code 0x80000003, fault offset 0x0000e250,
process id 0x35c, application start time 0xplugin-container.exe0.

Error: (08/31/2015 10:22:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2015 08:25:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2015 02:17:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 11:55:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/04/2015 03:13:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Remote Access Media Server%%1053

Error: (09/04/2015 03:13:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Remote Access Media Server

Error: (09/04/2015 03:11:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:07:39 PM on 9/4/2015 was unexpected.

Error: (09/02/2015 05:42:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:38:50 PM on 9/2/2015 was unexpected.

Error: (09/02/2015 02:13:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000MBAMScheduler

Error: (09/01/2015 05:25:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:23:15 PM on 9/1/2015 was unexpected.

Error: (08/31/2015 10:21:06 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:39:54 AM on 8/31/2015 was unexpected.

Error: (08/31/2015 08:24:01 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:20:32 AM on 8/31/2015 was unexpected.

Error: (08/30/2015 04:27:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman

Error: (08/30/2015 02:16:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:12:37 PM on 8/30/2015 was unexpected.


Microsoft Office:
=========================
Error: (09/04/2015 03:13:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 05:43:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 11:41:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 11:23:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 05:26:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2015 10:30:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.3.571655ddb213mozglue.dll40.0.3. 571655dda062800000030000e25035c01d0e401e2f48d45

Error: (08/31/2015 10:22:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2015 08:25:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2015 02:17:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 11:55:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity:
===================================
Date: 2015-09-05 20:19:52.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 20:19:52.100
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 20:19:51.439
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 20:19:50.781
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 09:38:43.942
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m bamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 09:38:42.853
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m bamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 09:38:41.808
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m bamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 09:38:40.532
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m bamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 09:38:39.475
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m bamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-09-05 09:38:38.492
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\m bamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 56%
Total physical RAM: 3060.45 MB
Available physical RAM: 1343.48 MB
Total Virtual: 6351.17 MB
Available Virtual: 4679.58 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:242.88 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.79 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 298.1 GB) (Disk ID: 850B2CCD)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Reply With Quote