Please can you tell me how to. Completely remove Cydia and its icon from my iPad?

Thanks for the feedback.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by RitaJohnson (administrator) on RITAJOHNSON-PC on 01-03-2015 13:15:51
Running from C:\Users\RitaJohnson\Desktop
Loaded Profiles: RitaJohnson (Available profiles: RitaJohnson)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [363752 2012-09-19] (BillP Studios)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-18] (ASUS)
HKLM-x32\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [363752 2012-09-19] (BillP Studios)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\...\MountPoints2: {1a66c7de-3b07-11e3-bd01-a197f4badb58} - F:\setup.exe -a
HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [302448 2011-05-13] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\Users\RitaJohnson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1380516226-2174940231-4194506438-1001 -> DefaultScope {7D3AF061-BB40-444F-AB14-927407B2C17B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1380516226-2174940231-4194506438-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1380516226-2174940231-4194506438-1001 -> {7D3AF061-BB40-444F-AB14-927407B2C17B} URL = https://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKU\S-1-5-21-1380516226-2174940231-4194506438-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub...irector/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1380516226-2174940231-4194506438-1001: @citrixonline.com/appdetectorplugin -> C:\Users\RitaJohnson\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-1380516226-2174940231-4194506438-1001: @startmeeting.com/launcher -> C:\Users\RitaJohnson\AppData\Local\SMPlugins\npsmlauncher.dll (Start Meeting)

Chrome:
=======
CHR HomePage: Default -> https://www.google.com/
CHR Profile: C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-21]
CHR Extension: (Duckie Deck - Games for Kids) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkcldaifgljnnnikmmaoceclpcbfdaon [2014-11-21]
CHR Extension: (YouTube) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2014-11-21]
CHR Extension: (Google Search) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-21]
CHR Extension: (Bookmarks Menu) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2015-02-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-11-23]
CHR Extension: (Google Wallet) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-21]
CHR Extension: (Click&Clean App) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-11-21]
CHR Extension: (Gmail) - C:\Users\RitaJohnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-21]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-05-03] (WildTangent)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 ubloxusb; C:\Windows\System32\DRIVERS\ubloxusb.sys [95232 2011-11-30] (u-blox AG)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 13:15 - 2015-03-01 13:16 - 00016420 _____ () C:\Users\RitaJohnson\Desktop\FRST.txt
2015-03-01 13:14 - 2015-03-01 13:15 - 02092544 _____ (Farbar) C:\Users\RitaJohnson\Desktop\FRST64.exe
2015-02-25 15:26 - 2015-03-01 10:37 - 00000448 _____ () C:\Windows\setupact.log
2015-02-25 15:26 - 2015-02-25 15:26 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-18 08:15 - 2015-02-18 08:15 - 00000000 ____D () C:\Users\RitaJohnson\Documents\Outlook Files
2015-02-12 10:39 - 2015-01-22 22:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 10:39 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 10:39 - 2015-01-22 21:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 10:39 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 06:16 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 06:16 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 06:16 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 06:16 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 06:16 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 06:16 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 06:16 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 06:16 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 06:16 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 06:16 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 06:16 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 06:16 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 06:16 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 06:16 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 06:16 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 06:16 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 06:16 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 06:16 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 06:16 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 06:16 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 06:16 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 06:16 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 06:16 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 06:16 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 06:16 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 06:16 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 06:16 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 06:16 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 06:16 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 06:16 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 06:16 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 06:16 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 06:16 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 06:16 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 06:16 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 06:16 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 06:16 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 06:16 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 06:16 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 06:16 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 06:16 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 06:16 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 06:15 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 06:15 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 06:15 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 06:15 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 06:15 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 06:15 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 06:15 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 06:15 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 06:15 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 06:15 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 05:52 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 05:52 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 05:52 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 05:52 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 05:52 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 05:52 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 05:52 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 05:52 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 05:52 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 05:52 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 05:52 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 05:52 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 05:52 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 05:51 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 05:51 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 05:51 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 05:51 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 05:51 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 05:51 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 05:51 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 05:51 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 05:51 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 05:51 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 05:51 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 05:51 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 05:51 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 05:51 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 05:51 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 05:51 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 05:45 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 05:45 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 05:45 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 05:45 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 05:45 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 05:45 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 05:45 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 05:45 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 05:45 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 05:45 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 05:45 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 05:45 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 05:45 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 05:45 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 05:45 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 05:45 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 05:45 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 05:45 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 05:45 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 05:45 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 05:45 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 05:45 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 05:45 - 2014-07-06 20:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 05:45 - 2014-07-06 20:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 05:45 - 2014-07-06 19:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 05:45 - 2014-07-06 19:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 05:42 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 05:42 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 05:41 - 2014-10-03 20:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 05:41 - 2014-10-03 19:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 05:41 - 2014-10-03 19:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 05:40 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 05:40 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 05:39 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 13:15 - 2014-11-18 08:56 - 00000000 ____D () C:\FRST
2015-03-01 13:12 - 2014-08-03 09:26 - 00000000 ____D () C:\Users\RitaJohnson\Desktop\Desktop InBox
2015-03-01 12:41 - 2014-11-21 14:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-01 12:39 - 2012-10-15 12:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 12:31 - 2014-07-09 19:53 - 00000598 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1380516226-2174940231-4194506438-1001.job
2015-03-01 10:54 - 2012-05-22 03:00 - 01513904 _____ () C:\Windows\WindowsUpdate.log
2015-03-01 09:44 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\tracing
2015-03-01 08:49 - 2014-11-21 14:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-01 08:49 - 2013-10-01 08:17 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-01 08:49 - 2012-05-22 03:17 - 00045056 _____ () C:\Windows\SysWOW64\acovcnt.exe
2015-03-01 08:49 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-27 10:46 - 2012-10-22 11:05 - 00000000 __RHD () C:\MSOCache
2015-02-27 10:46 - 2012-10-14 22:01 - 00000000 ___HD () C:\Users\RitaJohnson
2015-02-27 10:46 - 2012-05-22 03:15 - 00000000 ____D () C:\ProgramData\P4G
2015-02-27 10:46 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2015-02-27 09:34 - 2009-07-13 22:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-27 09:34 - 2009-07-13 22:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 11:30 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-18 06:47 - 2014-07-09 19:53 - 00003648 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1380516226-2174940231-4194506438-1001
2015-02-12 05:25 - 2009-07-13 22:45 - 00348696 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 05:23 - 2014-12-11 05:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 05:23 - 2014-05-06 19:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 20:46 - 2012-10-22 11:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 20:46 - 2009-07-13 20:34 - 00001600 _____ () C:\Windows\win.ini
2015-02-11 20:42 - 2012-10-15 09:46 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 20:42 - 2012-10-15 09:46 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-02-11 20:42 - 2012-10-15 09:46 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 20:42 - 2012-10-15 09:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 20:41 - 2013-07-23 18:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 20:34 - 2012-10-15 11:24 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 05:03 - 2009-07-13 23:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-07 14:34 - 2013-08-04 06:15 - 00000000 ____D () C:\Users\RitaJohnson\Documents\Bible Study Notes
2015-02-06 13:39 - 2012-10-15 12:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-06 13:39 - 2012-10-15 12:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-06 13:39 - 2012-10-15 12:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-03 15:36 - 2014-11-21 14:30 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-03 15:36 - 2014-11-21 14:30 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2015-01-21 15:19 - 2015-01-21 15:19 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-11-25 14:42 - 2014-11-06 07:17 - 1859904 _____ (BeFrugal.com ) C:\Users\RitaJohnson\AppData\Roaming\BeFrugal.com-Install.exe
2014-10-04 10:24 - 2014-10-04 10:24 - 0096788 ____H () C:\Users\RitaJohnson\AppData\Local\TempBitmap.png
2014-09-06 08:28 - 2014-09-06 08:38 - 0000212 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-05-22 03:20 - 2012-05-22 03:20 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-22 03:19 - 2012-05-22 03:20 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-22 03:18 - 2012-05-22 03:19 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-18 06:55

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by RitaJohnson at 2015-03-01 13:17:02
Running from C:\Users\RitaJohnson\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Amazing Adventures: The Forgotten Dynasty (x32 Version: 2.2.0.97 - WildTangent) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.28 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0037 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.24 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
e-Sword (HKLM-x32\...\{118071AB-6572-4FAD-A1FD-67264C994350}) (Version: 10.01.0000 - Rick Meyers)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.0.2352 (HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\...\GoToMeeting) (Version: 7.1.0.2352 - CitrixOnline)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
join.me (HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\...\JoinMe) (Version: 1.9.1.204 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
MemLok3 (HKLM-x32\...\{9CD95786-7465-4CCF-975B-DDFB0C02256B}) (Version: 3.0.1 - MemLok)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Streets & Trips 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}) (Version: 19.0.17.2200 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.97 - WildTangent) Hidden
Outlook4Gmail 3.1 (HKLM-x32\...\{6A53C42D-DCCD-46B7-9143-51071726A6F6}_is1) (Version: - Scand Ltd.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6304 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
StartMeeting (HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\...\StartMeeting) (Version: 1.3.4533.1001 - Start Meeting LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
The Action Machine 3 (HKLM-x32\...\The Action Machine 3_is1) (Version: - Simply Brilliant Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.3 - ASUS)
WinPatrol (HKLM\...\{A62F9CD0-B2E0-4F2A-88F2-79254A3C8539}) (Version: 25.6.2012.1 - BillP Studios)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
WOT for Internet Explorer (HKLM\...\{DCAEC601-735C-41AE-B84F-D792F09FB7D1}) (Version: 12.8.2.0 - WOT Services Oy)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1380516226-2174940231-4194506438-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\RitaJohnson\AppData\Local\Citrix\GoToMeeting\1440\G2MOutlookAddin6 4.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

25-02-2015 19:38:36 Windows Update
01-03-2015 09:05:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04108A21-6F2A-4ACF-A93A-CD5C9300B8E2} - System32\Tasks\{08E4AEA2-E369-4680-ADF7-BACB676634BE} => pcalua.exe -a C:\Users\RitaJohnson\Desktop\HijackThis.exe -d C:\Users\RitaJohnson\Desktop
Task: {0A68E06C-20C5-41DE-ACBF-D3FE23695AEF} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-12-06] (ASUS)
Task: {2168C7FC-AF31-4AF0-83E8-DEB2FBDF5972} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {21DCE49A-FFB5-4D1A-BA87-15EA9EBEBC47} - System32\Tasks\G2MUpdateTask-S-1-5-21-1380516226-2174940231-4194506438-1001 => C:\Users\RitaJohnson\AppData\Local\Citrix\GoToMeeting\2352\g2mupdate.exe [2015-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {4F14080B-3B63-4A83-8E16-6A6730D9A1B2} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {5EAADD29-0C2A-46C1-AE5B-8EBB41C38B77} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {73F5CD79-0CB5-4B17-820E-23194BB50156} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {96760974-B557-4DB7-8163-06762EA0CB00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-21] (Google Inc.)
Task: {C5AD9D91-6C00-4DDA-9B0E-1BCB533549BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {D9B41A1F-13C7-4071-BF49-6FF6B0D8BDD2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F198F7D8-26D5-4473-81B8-3F843E140710} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21] (ASUS)
Task: {F649BE9C-ECA2-402A-B8E5-D7E1036F5B77} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1380516226-2174940231-4194506438-1001.job => C:\Users\RitaJohnson\AppData\Local\Citrix\GoToMeeting\2352\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-07-14 17:11 - 2010-07-14 17:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-03-28 20:46 - 2011-05-05 06:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-03-28 20:45 - 2011-07-26 01:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-06 17:21 - 2011-12-06 17:21 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-20 10:57 - 2010-08-20 10:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 10:57 - 2010-08-20 10:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-10-15 09:40 - 2012-06-20 15:23 - 00599419 _____ () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2007-07-12 12:11 - 2007-07-12 12:11 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\RitaJohnson\Downloads\noname.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\.Winhlpsvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ipnpf.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\.Winhlpsvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnpf.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1380516226-2174940231-4194506438-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RitaJohnson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWal lpaper.jpg
DNS Servers: 192.168.10.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Accounts: =============================

Administrator (S-1-5-21-1380516226-2174940231-4194506438-500 - Administrator - Disabled)
Guest (S-1-5-21-1380516226-2174940231-4194506438-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1380516226-2174940231-4194506438-1002 - Limited - Enabled)
RitaJohnson (S-1-5-21-1380516226-2174940231-4194506438-1001 - Administrator - Enabled) => C:\Users\RitaJohnson

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (IP) - Tpacketv Miniport
Description: Tpacketv Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: TpacketvMP
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: WAN Miniport (Network Monitor) - Tpacketv Miniport
Description: Tpacketv Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: TpacketvMP
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Tpacketv Miniport #5
Description: Tpacketv Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: TpacketvMP
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: WAN Miniport (IPv6) - Tpacketv Miniport
Description: Tpacketv Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: TpacketvMP
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/27/2015 00:42:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Description = Configured Microsoft Office Home and Business 2010; Error = 0x8007043c).

Error: (02/27/2015 10:43:13 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x00000000.

Error: (02/27/2015 10:43:13 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
0x8007043C

Error: (02/27/2015 09:41:33 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (02/27/2015 08:13:23 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Update Windows license and product key tokens failed with 0x8007045D.

Error: (02/25/2015 07:19:44 PM) (Source: Software Protection Platform Service) (EventID: 8212) (User: )
Description: Rearm failed for AppId = 55c92734-d682-4d71-983e-d6ec3f16059f, SkuId = (null) - 1 Rearms Remaining. Error Code: 0x8007045D

Error: (02/25/2015 03:26:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1976) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\RitaJohnson\AppData\Local\Microsoft\Windows\WebCache\V01017AA.log.

Error: (02/25/2015 08:41:46 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\servicing\TrustedInstaller.exe; Description = Windows Modules Installer; Error = 0x81000101).

Error: (02/25/2015 08:28:50 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (02/25/2015 08:28:28 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).


System errors:
=============
Error: (03/01/2015 08:52:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
%%1053

Error: (03/01/2015 08:52:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

Error: (03/01/2015 08:49:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:46:27 AM on ‎3/‎1/‎2015 was unexpected.

Error: (03/01/2015 08:46:47 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (03/01/2015 08:45:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
%%1053

Error: (03/01/2015 08:45:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

Error: (03/01/2015 08:44:02 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/01/2015 08:43:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (03/01/2015 08:43:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (03/01/2015 08:43:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (02/27/2015 00:42:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Home and Business 20100x8007043c

Error: (02/27/2015 10:43:13 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (02/27/2015 10:43:13 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x8007043C

Error: (02/27/2015 09:41:33 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\users\ritajohnson\appdata\local\citrix\gotomeeting\1960\g2mvideoconferen ce.exec:\users\ritajohnson\appdata\local\citrix\gotomeeting\1960\g2mvideoco nference.exe0

Error: (02/27/2015 08:13:23 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: 0x8007045D

Error: (02/25/2015 07:19:44 PM) (Source: Software Protection Platform Service) (EventID: 8212) (User: )
Description: 0x8007045D55c92734-d682-4d71-983e-d6ec3f16059f(null)1

Error: (02/25/2015 03:26:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1976WebCacheLocal: C:\Users\RitaJohnson\AppData\Local\Microsoft\Windows\WebCache\V01017AA.log-1811

Error: (02/25/2015 08:41:46 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\servicing\TrustedInstaller.exeWindows Modules Installer0x81000101

Error: (02/25/2015 08:28:50 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\users\ritajohnson\appdata\local\citrix\gotomeeting\1960\g2mvideoconferen ce.exec:\users\ritajohnson\appdata\local\citrix\gotomeeting\1960\g2mvideoco nference.exe0

Error: (02/25/2015 08:28:28 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 33%
Total physical RAM: 3873.14 MB
Available physical RAM: 2578.5 MB
Total Pagefile: 7744.47 MB
Available Pagefile: 6096.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:136.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:254.35 GB) NTFS
Drive e: (New) (CDROM) (Total:4.34 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=254.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Hi besthomeguy,
Let's find out what is causing the big holdup.
HJT is not very good on 64-bit machines. Need a different tool.
-----------------------------------------------------------
Download and Run the Farbar Scan Tool

• Download FRST64 and save to your Desktop.
  
• Double click Frst64.exe to launch it.
• FRST64 will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
  • Please post them in your next reply.

If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

Please use Notepad with no wordwrap to post.
Thanks,
askey127

Hello,


You have always been very helpful with my computer issues.


Please see if you can assist once again.


This is my wife's computer and it is really bogged down to a slow crawl.


Any assistance you can provide would be greatly appreciated.


Thank you
OJ72




Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 2
RAM: 3764 Mb
Graphics Card: Intel(R) HD Graphics, 1754 Mb
Hard Drives: C: Total - 462838 MB, Free - 232255 MB;
Motherboard: Acer, Aspire 7741
Antivirus: AVG AntiVirus Free Edition 2013, Updated and Enabled




Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 4:16:08 PM, on 3/1/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)

Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\Users\laptop\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=...8z185v47l18231
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Google Update] "C:\Users\laptop\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Open with PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://afaa-eventsii.webex.com/clie...r/ieatgpc1.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EMP_UDSA - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - Unknown owner - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18207 bytes

Hi all,
askey127 recently helped me remove some malware from my computer (thanks again, it was a huge help). Everything's been fine since, until today. Now I have constant popups telling me that my popups are enabled, and I should call for support. Often if I try to follow a link, it will be hijacked to a fake support page, and I have ads by WorldWideWebCoupon on every page (including this one). Nothing's been installed since 2/10 other than a Java update. Can I please throw myself on the mercy of the forum and ask for help yet again?

Hi and welcome. :)

Please download SystemLook from one of the links below and save it to your Desktop.

32 bit Download Mirror #1
32 bit Download Mirror #2

For 64bit systems, Please download SystemLook from the link below and save it to your Desktop.

64 bit Download Mirror

• Double-click SystemLook.exe (or SystemLook_x64.exe) to run the application.
• Copy the content of the following quote box into the main textfield:
  
  Quote:

  :regfind AutoUpdate.exe netsh.exe

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

I keep getting popups from Malware Bytes that say "data.rbtfy.com" has been blocked. It's very annoying and I want to make an exception for it so it will stop popping up, but I want to be careful because I don't know what it is. It says it's coming from Avast, my anti-virus. Any ideas on how I should address this?

Thank you.

I found my router information and just reset it.
The pop up still occurs,i dont know if the reset should be followed by some other actions.

Lets scan.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Download AdwCleaner from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

• XP users: Double click the AdwCleaner icon to start the program.
• Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  You will see the following console:

• Click the Scan button and wait for the scan to finish.
• After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
• Click the Clean button.
• Everything checked will be deleted.
• When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

• On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

Please download Malwarebytes Anti-Malware to your desktop

• Double-click mbam-setup-version.exe and follow the prompts to install the program.
• At the end, be sure a check-mark is placed next to the following:
  1. Enable free trial of Malwarebytes Anti-Malware Premium
  2. Launch Malwarebytes Anti-Malware
• Then click Finish.
• If an update is found, you will be prompted to download and install the latest version.
• Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
• When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
• Reboot your computer if prompted.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

The log is available throughout History ->Application logs. Please post it contents in your next reply.

I've done all I can do from here, so you have 2 options:

Do a clean reinstall and get a fresh start.

Click the orange "Report" link and then request to have your thread moved to the Virus & Other Malware Removal section for further assistance.

-------------------------------------------------------

Hello. Couple days ago I started receiving nod32 alerts about infection found:
JS/TrojanDownloader.FakeAlert.NAK trojan horse

What it does is slowing down, or completely blocking ability to surf internet pages. NOD also shows messages that it threat was found at websites something like static/facebook.com or static/google.com, or something like that I dont remember exactly, will update here if it shows up again.
EDIT: just got one poped up again, this time its youtube:
name of object: www.youtube.com
threat: JS/TrojanDownloader.FakeAlert.NAK trojan horse :S
EDIT2: and here they keep coming:
name of object: https://static.ak.facebook.com
threat: JS/TrojanDownloader.FakeAlert.NAK trojan horse

I did full system scan with nod32, but didnt find anything.. Maybe because my version is few months outdated, because I ran out of licence? (but this seems old threat, so shouldnt be because few missing updates)
Did full spywareterminator scan.
Malware bytes scan, downloaded this because of this issue and got trial only.
Did Eset online scanner full scan too, this did find some infected files and removed them, however problem persists. Even after few more scans with this. Last time I did that, it found nothing.

Much appreciation for any help in advance.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Enterprise, Service Pack 1, 64 bit
Processor: AMD FX(tm)-8350 Eight-Core Processor, AMD64 Family 21 Model 2 Stepping 0
Processor Count: 8
RAM: 8092 Mb
Graphics Card: NVIDIA GeForce GTX 660, -2048 Mb
Hard Drives: C: Total - 228833 MB, Free - 67351 MB; D: Total - 953866 MB, Free - 178 MB;
Motherboard: ASUSTeK COMPUTER INC., M5A99X EVO R2.0
Antivirus: ESET NOD32 Antivirus 7.0, Not Updated

Hi there. I've been having problems when I'm browsing on the internet. Sometimes it constantly freezes and I'm having to do ctr+alt+del all the time. This has been going on for the past couple of weeks and was working fine before that. I have a feeling it could be virus related but I'm not sure. Can anyone help?

Not a problem as real world always comes first and this comes second. Reply when you can.

I can't see anything bad there. Are you still getting any problems

RogueKiller V10.5.0.0 (x64) [Mar 2 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Zeb [Administrator]
Mode : Delete -- Date : 03/03/2015 16:12:19

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2479626215-2380851284-86128853-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify Web Helper : "C:\Users\Zeb\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [7] -> Deleted
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2479626215-2380851284-86128853-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify Web Helper : "C:\Users\Zeb\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" -> ERROR [2]
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VerifierExt -> Deleted
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Not selected
[PUM.Proxy] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8080;https=127.0.0.1:8080 -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2479626215-2380851284-86128853-1001\Software\Microsoft\Internet Explorer\Main | Start Page : about:Tabs -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2479626215-2380851284-86128853-1001\Software\Microsoft\Internet Explorer\Main | Start Page : about:Tabs -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideD esktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideD esktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideD esktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideD esktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

¤¤¤ Tasks : 2 ¤¤¤
[Suspicious.Path] GoogleUpdateTaskMachineUA.job -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (/ua /installsource scheduler) -> Deleted
[Suspicious.Path] \\GoogleUpdateTaskMachineUA -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (/ua /installsource scheduler) -> Deleted

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 2 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] eafhu83q.default : user_pref("browser.startup.homepage", "about:newtab"); -> Not selected

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG MZMPA128HMFU-000H1 +++++
--- User ---
[MBR] fa15cfdc3b74e79a6875342aee2f62c3
[BSP] a86dff68ecdb426e9f1103ba54080d40 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 115301 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 236546048 | Size: 2048 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 241473473 | Size: 4196 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_03032015_160931.log

I stoped using my computer for almost two years and when i decided to use it again, it didnt even make it to the updates before it was ataccked and crashed. i then ran antivirus, malwarebytes, hijack this... ust for nostalgia... becuase i dont understand anything on there. I ran registry cleaners and partition recoveryies, i lost all my ipod music because my itunes synce to my ipod hwhile charging. it was not set up to synce. so after all this i was able to resusitate them both. they still have symptoms. I have been trying to fix them by looking online when ever i get crash codes. the symptoms include crashing, overheazting until the fans hum and system turns off. files hide, computer laggs. i know they are old system but when i try t0 fix them they run smooth. then all of a suden one day I turn on the computer and there is an administrator account made. and in my hard drive in multiple lactions there are multiple folders with locks on them that were never seen before.i had a recovery but its is somewherch.e in the hard drive i think. today my laptop crashede completely again. i thought this time she was a gonner because theagain ran many anti virus programs.. most crash. i ran cleaner and registry cleaners. i ran partition cleanersso I tried to recover with a recovery disk i have but windows would not even let me pass to the windows logo I ran a few partition cleaners and recoveryes and then I gave up. i got disttracted on my nepheys laptop and i kept missing the bios scrren so the computer would jump into restore mode. I got it runnin again, but still crashes ocasionally. still lags . and evrything else. here is the Big problem. I had a recovgery partition or a little hard that was on the my computer screen, it disapeared. this has happen. si I do not have any asr or recovery data. I have one borroewed so i looked under thre desk and found what appeared to be a vial used for drugs. so i researched it aand came to find out that the partitions were some how taken inside and are on the hard drive. and th eey swithch the leters of the devices often. so as a result I can not do a recovery o f a n earlier time. I can not . do a backup image or back up data. as a result, i can not reformat. I can go wither way with. I van delete all and reformat, and lose all, or get help finding a way to restore with what i have.. Thank you.

Hi,

If help still needed please follow these instructions:

• Download Farbar Recovery Scan Tool to your Desktop.
• Right-click Frst.exe and select Run as Administrator to launch it.
  Note: Make sure that Addition option is checked.
• Press Scan button and wait.
• When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt

Please post their contents in your next reply.

Hi,

I'm having issues after clicking on a file I shouldn't have clicked on. It immediately changed some of the default programs for some video files and gave me errors when trying to open them saying that the files are not compatable.

Also, the task manager refuses to open. When it does, it closes immediately again.

I tried opening Windows in safe mode, but it give me an error saying that 'cvxsync.exe' has stopped working. It then just gives me a blank screen in safe mode.

Bit annoying, but am willing to put in some work to sort it out.

Running Windows 7 SP1 (64)

Thanks in advance!

Hi,

If help still needed follow these steps:
You didn't state in your post whether your Windows is 32 or 64 bit version so I'm including downloading links for both. Choose the one that applies your case.

• For 32 bit Windows: Download Farbar Recovery Scan Tool to your Desktop. For 64 bit Windows use this link instead.
• Right-click Frst.exe (32 bit Windows) (or Frst64.exe if you have 64 bit Windows) and select Run as Administrator to launch it.
  Note: Make sure that Addition option is checked.
• Press Scan button and wait.
• When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt

Please post their contents in your next reply.