Quantcast
Channel: Tech Support Guy - Virus & Other Malware Removal
Viewing all 4746 articles
Browse latest View live

Pup. Optional files

June 15, 2015, 3:52 pm
$
0
0
I wasn't given the option to "Run as Administrator"

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Jean (administrator) on JEANPC on 15-06-2015 18:47:07
Running from C:\Users\Jean\Downloads
Loaded Profiles: Jean (Available Profiles: Jean & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
() C:\Program Files (x86)\DELL\DELLOSD\TestDispChangedEvent.exe
( ) C:\Windows\System32\dleacoms.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
() C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
() C:\Users\Jean\AppData\Roaming\Dashlane\Dashlane.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Chicony) C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(US Tech Support LLC) C:\Program Files (x86)\USTechSupport\SchedulerService\SchedulerService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe
() C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(DELL) C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
() C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
(DELL COMPUTER INC.) C:\Program Files (x86)\DELL\DELLOSD\DELLOSD.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7214696 2011-05-25] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "c:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-27] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-27] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [dleamon.exe] => C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [765952 2010-04-01] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [135168 2009-06-22] ()
HKLM-x32\...\Run: [DELLOSD] => C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe [49152 2010-12-06] ()
HKLM-x32\...\Run: [Chicony_OSD] => C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe [53248 2011-01-12] ()
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [93832 2010-11-01] (Sensible Vision )
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2010-11-01] ()
HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\...\Run: [Dashlane] => C:\Users\Jean\AppData\Roaming\Dashlane\Dashlane.exe [227512 2015-05-21] ()
Lsa: [Notification Packages] scecli FAPassSync

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.butlereagle.com/section/Obituaries
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1242091489-1782124130-3347692480-1007 -> {165D62D2-3CA7-4DFE-8EDA-C6BB7E07634F} URL = http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1242091489-1782124130-3347692480-1007 -> {670BF935-E7E9-4D6E-959A-5856D98A6973} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: SSOIEAddonBHO Class -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2010-11-01] (Sensible Vision )
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Jean\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2015-05-21] (Dashlane)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: SSOIEAddonBHO Class -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2010-11-01] (Sensible Vision )
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Jean\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2015-05-21] (Dashlane)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts.../ieawsdc32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\gwonxy84.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.butlereagle.com/section/Obituaries
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-08-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Heartbleed Notifier - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\gwonxy84.default\Ext ensions\heartbleed@dactyl.googlecode.com.xpi [2014-04-29]
FF Extension: PriceBlink - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\gwonxy84.default\Ext ensions\info@priceblink.com.xpi [2014-08-10]
FF Extension: Heartbleed Monitor - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\gwonxy84.default\Ext ensions\jid1-eMhaOaq3SPBFDg@jetpack.xpi [2014-04-29]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\gwonxy84.default\Ext ensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2014-04-29]
FF Extension: Adblock Plus - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\gwonxy84.default\Ext ensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF Extension: Hawker - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{B5643E87-4502-60E2-A32A-6E126145609B} [2015-05-12]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2011-11-04]
FF Extension: No Name - C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.79983\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f} [not found]

Chrome:
=======
CHR Profile: C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-03]
CHR Extension: (Google Search) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-03]
CHR Extension: (Zoho Clipboard) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\iijojlignnlclbadcdiecojeamghcfli [2015-06-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-10]
CHR Extension: (Google Wallet) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-10]
CHR Extension: (Gmail) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [146816 2011-07-18] (SUPERAntiSpyware.com) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [98304 2011-05-27] () [File not signed]
S2 dleaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] ()
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-05-21] ( )
R2 dlea_device; C:\Windows\SysWOW64\dleacoms.exe [593920 2009-12-09] ( )
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2428552 2010-11-01] (Sensible Vision ) [File not signed]
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2014-01-24] (iolo technologies, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 OSDSvc; C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe [176128 2010-12-01] (Chicony) [File not signed]
R2 USTSScheduler; C:\Program Files (x86)\USTechSupport\SchedulerService\SchedulerService.exe [737600 2013-01-17] (US Tech Support LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2014-01-24] (EldoS Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S2 mrtRate; C:\Windows\SysWow64\Drivers\mrtRate.sys [34712 2000-05-31] (Marimba, Inc.)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw01.sys [11532704 2015-03-13] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-02] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [61216 2008-10-30] (SEIKO EPSON CORPORATION)
R3 WinDriver6; C:\Windows\System32\DRIVERS\Windrvr6.sys [254464 2010-04-01] (Jungo)
R3 WinDriver6; C:\Windows\SysWOW64\DRIVERS\Windrvr6.sys [254464 2010-04-01] (Jungo)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 18:47 - 2015-06-15 18:47 - 00020825 _____ C:\Users\Jean\Downloads\FRST.txt
2015-06-15 18:46 - 2015-06-15 18:46 - 02109952 _____ (Farbar) C:\Users\Jean\Downloads\FRST64.exe
2015-06-15 12:34 - 2015-06-15 12:34 - 02231296 _____ C:\Users\Jean\Downloads\AdwCleaner.exe
2015-06-15 10:21 - 2015-06-15 10:21 - 00509440 _____ (Tech Support Guy System) C:\Users\Jean\Downloads\SysInfo.exe
2015-06-13 10:07 - 2015-06-13 10:08 - 00000000 ____D C:\Users\Jean\Desktop\BNE
2015-06-12 12:59 - 2015-06-12 12:59 - 00000129 _____ C:\Users\Jean\Desktop\Raw Materials Work Sheet - Google Sheets.url
2015-06-10 11:45 - 2015-06-10 11:45 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-10 11:45 - 2015-06-10 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-10 11:34 - 2015-05-27 22:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 11:34 - 2015-05-27 22:03 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 11:34 - 2015-05-27 22:03 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 11:34 - 2015-05-27 22:03 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 11:34 - 2015-05-27 22:02 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 11:34 - 2015-05-27 22:02 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 11:34 - 2015-05-27 22:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 11:34 - 2015-05-27 22:02 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 11:34 - 2015-05-27 22:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 11:34 - 2015-05-27 22:00 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 11:34 - 2015-05-27 20:45 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 11:34 - 2015-05-27 20:45 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 11:34 - 2015-05-27 20:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 11:34 - 2015-05-27 20:44 - 14383104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 11:34 - 2015-05-27 20:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 11:34 - 2015-05-27 20:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 11:34 - 2015-05-27 20:44 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 11:34 - 2015-05-27 20:43 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 11:34 - 2015-05-27 20:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 11:34 - 2015-05-27 20:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 11:34 - 2015-05-27 20:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 11:34 - 2015-05-27 20:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 11:34 - 2015-05-27 19:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 11:34 - 2015-05-27 19:34 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-06-10 11:34 - 2015-05-27 19:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-10 11:31 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 11:31 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 11:31 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 11:31 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 11:31 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 11:31 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 11:31 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 11:31 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 11:31 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 11:31 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 11:31 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 11:31 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 11:31 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-08 15:40 - 2015-06-10 15:56 - 00036352 _____ C:\Users\Jean\Desktop\BNE INVENTORY SHEETS.xls
2015-06-08 11:20 - 2015-06-08 11:29 - 00000022 _____ C:\Users\Jean\Downloads\Attachments_201568 (1).zip
2015-06-08 11:16 - 2015-06-08 11:23 - 00000022 _____ C:\Users\Jean\Downloads\Attachments_201568.zip
2015-06-03 17:33 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-03 17:33 - 2015-05-25 14:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-03 17:33 - 2015-05-25 14:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-03 17:33 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-03 17:33 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-03 17:33 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-03 17:33 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-03 17:33 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-03 17:33 - 2015-05-25 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-03 17:33 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-03 17:33 - 2015-05-25 14:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-03 17:33 - 2015-05-25 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-03 17:33 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-03 17:33 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-03 17:33 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-03 17:33 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-03 17:33 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-03 17:33 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-03 17:33 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-03 17:33 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-03 17:33 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-03 17:33 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-03 17:33 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-03 17:33 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-03 17:33 - 2015-05-25 13:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-03 17:33 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-03 17:33 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-03 17:33 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-03 17:33 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-03 17:33 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-03 17:33 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 17:33 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-03 17:32 - 2015-05-22 14:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-03 17:32 - 2015-05-22 14:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-03 17:32 - 2015-05-22 14:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-03 17:32 - 2015-05-22 14:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-03 17:32 - 2015-05-22 14:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-03 17:32 - 2015-05-22 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-03 17:32 - 2015-05-22 14:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-03 17:32 - 2015-05-21 09:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 17:30 - 2015-05-08 23:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-03 17:30 - 2015-05-08 23:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-03 17:30 - 2015-05-08 23:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-03 17:30 - 2015-05-08 23:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-03 17:30 - 2015-05-08 23:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-03 17:30 - 2015-05-08 23:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-03 17:30 - 2015-05-08 23:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-03 17:30 - 2015-05-08 23:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-03 17:30 - 2015-05-08 23:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-03 17:30 - 2015-05-08 23:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-03 17:30 - 2015-05-08 23:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-03 17:30 - 2015-05-08 23:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-03 17:30 - 2015-05-08 23:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-03 17:30 - 2015-05-08 23:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-03 17:30 - 2015-05-08 23:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-03 17:30 - 2015-05-08 23:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-03 17:30 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-03 10:11 - 2015-06-03 10:11 - 00000000 __SHD C:\found.000
2015-06-01 18:38 - 2015-06-01 18:38 - 00314991 _____ C:\Users\Jean\Desktop\Track your package or shipment with FedEx Tracking.mht
2015-05-29 15:07 - 2015-05-29 15:17 - 00019968 _____ C:\Users\Jean\Documents\BNE.xls
2015-05-26 20:57 - 2015-05-26 20:57 - 00278601 _____ C:\Users\Jean\Downloads\20150524_093130.jpeg
2015-05-18 14:57 - 2015-05-18 14:58 - 00000000 ____D C:\Users\Jean\Downloads\wnetwatcher
2015-05-18 14:56 - 2015-05-18 14:56 - 00307706 _____ C:\Users\Jean\Downloads\wnetwatcher.zip
2015-05-18 13:58 - 2015-06-15 12:45 - 00001858 _____ C:\Windows\setupact.log
2015-05-18 13:58 - 2015-05-18 13:58 - 00000000 _____ C:\Windows\setuperr.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 18:47 - 2013-11-07 12:01 - 00000000 ____D C:\FRST
2015-06-15 18:23 - 2014-05-28 16:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-15 18:17 - 2013-11-03 19:49 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-15 17:53 - 2014-05-28 16:44 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-15 17:49 - 2011-11-04 22:52 - 01162779 _____ C:\Windows\WindowsUpdate.log
2015-06-15 12:53 - 2009-07-14 00:45 - 00028352 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-15 12:53 - 2009-07-14 00:45 - 00028352 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-15 12:51 - 2009-07-14 01:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-15 12:50 - 2013-03-20 11:51 - 00000000 ____D C:\Users\Jean\Desktop\Download
2015-06-15 12:45 - 2015-03-10 15:00 - 00009530 _____ C:\ProgramData\dleascan.log
2015-06-15 12:45 - 2013-11-03 19:49 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 12:45 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-15 12:44 - 2013-11-11 15:21 - 00000000 ____D C:\AdwCleaner
2015-06-15 10:42 - 2013-05-26 13:25 - 00000562 _____ C:\Users\Jean\Desktop\MAHJONG DIMENSIONS - MORE TIME.website
2015-06-15 10:15 - 2015-03-10 15:09 - 00000000 ____D C:\ProgramData\dl_Cats
2015-06-15 10:14 - 2015-03-10 15:13 - 00024200 _____ C:\ProgramData\dleaJSW.log
2015-06-14 18:33 - 2013-03-19 21:05 - 00000000 ____D C:\Users\Jean\Documents\Medical
2015-06-14 18:31 - 2013-03-19 20:57 - 00000000 ____D C:\Users\Jean\AppData\Local\VirtualStore
2015-06-10 12:51 - 2009-07-14 00:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 12:50 - 2014-05-17 14:09 - 00464656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 12:49 - 2014-05-28 16:59 - 00165954 _____ C:\Windows\PFRO.log
2015-06-10 11:51 - 2012-09-01 01:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 11:49 - 2013-08-05 10:05 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 11:45 - 2013-05-03 18:43 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-10 11:37 - 2012-08-31 20:48 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 11:36 - 2013-03-20 21:17 - 00000000 ____D C:\Users\Jean\AppData\Local\Deployment
2015-06-10 11:26 - 2014-05-28 16:10 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-10 11:26 - 2014-05-28 16:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 11:26 - 2014-05-28 16:10 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-08 15:38 - 2015-03-22 15:30 - 00017432 _____ C:\Users\Jean\Documents\Book1.xlsx
2015-06-05 12:25 - 2015-03-18 12:25 - 00000000 ____D C:\Users\Jean\Desktop\Recipes
2015-06-03 19:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-06-03 19:08 - 2014-12-12 13:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-03 19:08 - 2014-04-22 14:36 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-03 19:08 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-05-29 15:19 - 2013-04-01 10:27 - 00000000 ____D C:\Users\Jean\AppData\Roaming\Skype
2015-05-29 15:05 - 2013-04-02 17:50 - 00000000 ____D C:\Users\Jean\Documents\Family Tree Maker
2015-05-29 15:01 - 2013-10-03 10:55 - 00047616 ___SH C:\Users\Jean\Documents\Thumbs.db
2015-05-29 13:47 - 2011-11-04 23:15 - 00000000 ____D C:\ProgramData\Skype
2015-05-29 13:35 - 2015-02-28 13:43 - 00000000 ____D C:\Users\Jean\AppData\Roaming\Dashlane
2015-05-29 13:34 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\TAPI
2015-05-27 21:25 - 2011-11-04 23:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-26 14:12 - 2014-08-30 14:14 - 00000000 ____D C:\Users\Jean\AppData\Local\Adobe
2015-05-19 18:31 - 2011-11-05 00:48 - 00000000 ____D C:\Intel
2015-05-18 19:12 - 2013-11-03 19:49 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 19:12 - 2013-11-03 19:49 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2013-03-20 11:13 - 2015-02-05 15:33 - 0024595 _____ () C:\Users\Jean\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-01-29 23:06 - 2014-01-29 23:06 - 0038421 _____ () C:\Users\Jean\AppData\Roaming\Microsoft Excel 97-2003.ADR
2014-05-17 15:34 - 2014-07-19 00:34 - 0000065 _____ () C:\Users\Jean\AppData\Roaming\WB.CFG
2014-12-20 12:32 - 2015-02-19 11:50 - 0005120 _____ () C:\Users\Jean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-25 11:01 - 2013-08-25 11:01 - 0007609 _____ () C:\Users\Jean\AppData\Local\Resmon.ResmonCfg
2015-03-10 15:20 - 2015-03-10 15:20 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2015-03-10 15:13 - 2015-06-15 10:14 - 0024200 _____ () C:\ProgramData\dleaJSW.log
2015-03-10 15:00 - 2015-06-15 12:45 - 0009530 _____ () C:\ProgramData\dleascan.log
2015-03-10 15:43 - 2015-03-10 15:43 - 0000256 _____ () C:\ProgramData\FastPics.log
2013-11-16 15:28 - 2013-11-16 15:38 - 0000993 _____ () C:\ProgramData\hpzinstall.log
2015-03-10 15:20 - 2015-03-10 15:20 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2015-03-10 15:20 - 2015-03-10 15:20 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Files to move or delete:
====================
C:\Users\Jean\MetricCollection.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-15 10:59

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Jean at 2015-06-15 18:47:45
Running from C:\Users\Jean\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1242091489-1782124130-3347692480-500 - Administrator - Disabled)
Guest (S-1-5-21-1242091489-1782124130-3347692480-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1242091489-1782124130-3347692480-1006 - Limited - Enabled)
Jean (S-1-5-21-1242091489-1782124130-3347692480-1007 - Administrator - Enabled) => C:\Users\Jean

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Asterisk Key 10.0 (HKLM-x32\...\asterisk key) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CIR Registry (HKLM-x32\...\{AFA1FCA1-626E-403C-9BCA-968FECB62C4D}) (Version: 1.00.0000 - ITE)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.2124 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dashlane (HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\...\Dashlane) (Version: 3.2.5.85368 - Dashlane SAS)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell KM632 Wireless Keyboard Caps Lock Indicator (HKLM-x32\...\{55586382-6704-4237-AAA7-85FF9C055022}) (Version: 2.1.9.0401 - Dell)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)
Dell System Detect Bootstrapper (HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\...\8e3135b376bd523e) (Version: 5.1.0.41 - Dell)
Dell Touch Software Suite Games (HKLM-x32\...\{6FB3428E-23AA-4CA1-BA9D-E6D5F3F692E4}) (Version: 1.5.133.0 - Fingertapps)
Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version: - Dell, Inc.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DELLOSD (HKLM-x32\...\{B0F29C6D-C7A9-40AC-9658-921961818E2B}) (Version: 1.0.0.10 - DELL)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Face Recognition (HKLM\...\{2C5BEF49-4219-4751-9106-39604462939D}) (Version: 3.0.85.1 - Sensible Vision)
Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.704 - Ancestry.com, Inc.)
Family Tree Maker 2012 (x32 Version: 21.0.704 - Ancestry.com, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
IHA_MessageCenter (HKLM-x32\...\{45F447E8-E029-4CA5-B4CD-38820D4CFE5D}) (Version: 1.9.7 - Verizon)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
iolo technologies' Search and Recover (HKLM-x32\...\{D56C7EAB-BEE6-4D51-86CF-419FFC07FF11}_is1) (Version: 5.7.2 - iolo technologies, LLC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6280.92 - PC-Doctor, Inc.)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com)
Panini 3.3.1 Universal Installer (HKLM-x32\...\{68FF4E69-53DC-485C-ADD9-E56FF9A406F8}) (Version: 3.3.3 - Panini)
PDF Creator (HKLM\...\PDF Creator) (Version: - )
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Quicken 2001 New User Edition (HKLM-x32\...\Quicken 2001 New User Edition) (Version: - )
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6382 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
santa-theme.themepack (HKLM\...\santa-theme_folder) (Version: - )
Scanner Controller Web Client (HKLM-x32\...\{07D9B246-CE09-41F3-A33B-94416D10A8B6}) (Version: 1.7.213 - GoldLeaf)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
StickyNotes (HKLM-x32\...\{B0789AE7-70D4-454A-90D1-5BA5728E254A}) (Version: 1.5.135.0 - Dell)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1108 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
SyncUP (x32 Version: 1.12.11200.10.102 - Nero AG) Hidden
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.0.1 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UPSVC2008MM (x32 Version: 1.00.0000 - UPS) Hidden
UPSVCMM (x32 Version: 12.00.0000 - UPS) Hidden
US Tech Support Framework (HKLM-x32\...\{4734A746-A503-4B8E-A4FA-7B7C84A18D79}) (Version: 2.1.0.4741 - US Tech Support LLC)
VzDownloadManager (HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\...\VzDownloadManager) (Version: 2.0.0.2 - Verizon)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
winterscape.themepack (HKLM\...\winterscape_folder) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-05-2015 18:01:56 Windows Update
23-05-2015 10:35:17 Windows Update
26-05-2015 16:11:54 Windows Update
30-05-2015 13:46:27 Windows Update
03-06-2015 16:28:25 Windows Update
03-06-2015 17:38:28 Windows Update
03-06-2015 19:17:37 Windows Update
04-06-2015 09:18:29 Windows Update
08-06-2015 10:40:23 Windows Update
10-06-2015 11:35:45 Windows Update
14-06-2015 18:02:21 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {012A2ADE-621A-4D7B-A6AC-18825FAC1881} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {0823CC2E-DFC4-478E-BDFE-BB6C0B58530F} - System32\Tasks\Games Updater => c:\Program Files (x86)\Dell Touch Software Suite\Games\updater.exe [2011-03-18] (Caphyon LTD)
Task: {2BE99D84-A8F1-4D47-9542-1767CEA2154A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {322D832E-F8C6-4377-8783-CB15C972B552} - System32\Tasks\{9D111D95-2420-4BB4-A268-36590A70EB8A} => pcalua.exe -a "C:\Program Files (x86)\IrfanView\iv_uninstall.exe"
Task: {36697D24-EB2C-4F0F-8619-2D52A3C9A91B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-27] (Microsoft Corporation)
Task: {4013C062-A3F2-4825-8839-4F83E9941272} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-31] (Microsoft Corporation)
Task: {47C9CF5A-6139-40E2-BE34-A983398D71D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {4FBC9B5B-EB6D-4CB2-A800-D03D15B3F24A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {63402875-EFDF-406A-A128-C13340C09371} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {705E2D6A-17AD-4851-9F7C-C006C522CE08} - System32\Tasks\{EC8794E4-180D-4D88-A87F-322BC9A9D4FF} => C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [2015-02-18] (Microsoft Corporation)
Task: {7668440A-3C62-4DE0-9357-7E077BBB435B} - System32\Tasks\{F20B1D8C-C795-4DA5-A5B8-D6A07C3075B2} => pcalua.exe -a D:\setup.exe -d D:\
Task: {805B04FA-405B-4802-B099-3E5D2B17B0CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {8621CB62-F029-47F9-B5BD-5E2AF9E0CA64} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {90DC47AC-6199-41BB-A0C7-A789209F59D9} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-07-15] (PC-Doctor, Inc.)
Task: {C6E863DC-FBF2-4893-AE6E-BB6D13634AB4} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {C7140B51-8BE4-45C9-9691-C08D9F6E0AA5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {C9A0372A-DA78-444F-B361-B237B1949016} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-27] (Microsoft)
Task: {CD77707E-EB8E-43D1-8E5C-9566B7142939} - System32\Tasks\SpeedyPC Update Version3_triggeronce => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe <==== ATTENTION
Task: {CE4C2E02-1EE0-46C0-A74C-DDD10B641EF1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-27] (Microsoft Corporation)
Task: {DAD0B7B0-C389-43E6-82EB-A80850D2EB6D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FECAA61A-E5BD-447F-9B3F-CD6D89DC4F00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedyPC Update Version3_triggeronce.job => c:\program files (x86)\common files\speedypc software\uus3\SpeedyPC_Update3.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2010-11-01 23:40 - 2010-11-01 23:40 - 00092808 _____ () C:\Windows\system32\FAIEExtension.DLL
2011-05-02 14:41 - 2011-05-02 14:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-05-17 14:34 - 2011-10-04 22:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2015-03-10 15:09 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2011-05-02 14:41 - 2011-05-02 14:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-11-04 23:10 - 2011-05-27 18:33 - 00098304 _____ () C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
2011-11-04 23:10 - 2011-06-08 21:05 - 00017408 _____ () C:\Program Files (x86)\DELL\DELLOSD\TestDispChangedEvent.exe
2011-11-05 00:30 - 2011-05-21 16:32 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-10 15:40 - 2010-04-01 12:23 - 00765952 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
2015-03-10 15:40 - 2009-06-22 08:08 - 00135168 _____ () C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
2015-02-28 13:48 - 2015-05-21 10:44 - 00227512 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\Dashlane.exe
2011-11-04 23:10 - 2010-12-06 16:37 - 00049152 _____ () C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe
2011-11-04 23:15 - 2011-01-12 20:17 - 00053248 _____ () C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
2011-04-29 19:18 - 2011-04-29 19:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2011-11-04 23:10 - 2011-06-02 15:27 - 00237568 _____ () C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
2015-03-10 15:40 - 2009-11-26 03:49 - 00086180 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacfg.dll
2015-03-10 15:40 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleascw.dll
2015-03-10 15:40 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleadatr.dll
2015-03-10 15:40 - 2009-05-27 07:13 - 00081920 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacats.dll
2015-03-10 15:40 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaDRS.dll
2015-03-10 15:40 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacaps.dll
2015-03-10 15:40 - 2009-03-05 12:55 - 00059904 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleacnv4.dll
2009-02-20 08:50 - 2009-02-20 08:50 - 00381440 _____ () C:\Windows\system32\dleasm.dll
2009-02-20 08:50 - 2009-02-20 08:50 - 00028672 _____ () C:\Windows\system32\dleasmr.dll
2015-03-10 15:40 - 2009-06-22 08:08 - 00708608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epwizard.DLL
2015-03-10 15:40 - 2009-06-22 08:06 - 00159744 _____ () C:\Program Files (x86)\Dell V310-V510 Series\customui.dll
2015-03-10 15:40 - 2009-06-22 08:06 - 00114688 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Eputil.DLL
2015-03-10 15:40 - 2009-06-22 08:05 - 00139264 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Imagutil.DLL
2015-03-10 15:40 - 2009-06-22 08:06 - 00061440 _____ () C:\Program Files (x86)\Dell V310-V510 Series\Epfunct.DLL
2015-03-10 15:40 - 2009-06-22 08:08 - 02203648 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPWizRes.dll
2015-03-10 15:40 - 2009-06-22 08:08 - 00045056 _____ () C:\Program Files (x86)\Dell V310-V510 Series\epstring.dll
2015-03-10 15:40 - 2009-06-22 08:08 - 00196608 _____ () C:\Program Files (x86)\Dell V310-V510 Series\EPOEMDll.dll
2015-03-10 15:40 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Dell V310-V510 Series\iptk.dll
2015-03-10 15:40 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Dell V310-V510 Series\dleaptp.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 00308920 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.3.2.5.85368.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 00412344 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.3.2.5.85368.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 00443064 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.3.2.5.85368.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 30970552 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.3.2.5.85368.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 00268472 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.3.2.5.85368.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 05740216 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.3.2.5.85368.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 06876856 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.3.2.5.85368.dll
2013-01-17 10:47 - 2013-01-17 10:47 - 01073984 _____ () C:\Program Files (x86)\Common Files\USTechSupport\DEL\DEL_dll.dll
2011-04-29 19:13 - 2011-04-29 19:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2011-04-29 19:13 - 2011-04-29 19:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-07-25 12:27 - 2014-06-25 10:13 - 01457664 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-07-25 12:27 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2011-11-04 23:15 - 2011-03-11 12:09 - 00028672 _____ () C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\INDICATOR_OSD.DLL
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 19:07 - 2013-07-10 19:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-05-21 10:42 - 2015-05-21 10:42 - 13004984 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.3.2.5.85368.dll
2015-05-21 10:42 - 2015-05-21 10:42 - 02063544 _____ () C:\Users\Jean\AppData\Roaming\Dashlane\3.2.5.85368\bin\Firefox_Extension\{4 42718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.3.2.5.85368.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1242091489-1782124130-3347692480-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\Jean\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: QAGENT => C:\QUICKENW\QAGENT.EXE
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: StickyNotesWidget => "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\notes_startup_widgets.exe" "c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes\start.umj"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{26CA28E8-71E4-4FCD-8E67-7BCED055651C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{1B69CF29-CF38-45CD-9D4B-1A4F20C0E583}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{29E5518F-3DE2-41B4-B4E0-5286189E403E}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{5BA1E5C6-7543-4302-A8B1-8FA3C73692D4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FA19AF4A-8341-43C1-B029-B7DFAA4A2D27}] => (Allow) LPort=2869
FirewallRules: [{91AA7ABB-AB7F-4E10-832F-4BAE67C23875}] => (Allow) LPort=1900
FirewallRules: [{440419E8-8B0D-4F3B-9B08-514C0126F1D8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E1908B38-473D-4B1C-B56D-D952BB6CBAC4}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{B01CF2DA-90EE-4C3B-AB69-9B014DB84A0E}] => (Allow) LPort=9700
FirewallRules: [{CAA03E6A-6932-41AC-93E6-D980778A3316}] => (Allow) LPort=9701
FirewallRules: [{802139D7-79FF-4890-B2A7-62EFA9AAA3A8}] => (Allow) LPort=9702
FirewallRules: [{5BBD5B84-D6AC-4359-BF0C-02D855DA47D5}] => (Allow) LPort=9700
FirewallRules: [{92D5AD9F-DBC5-4FCE-AC51-380D746C5AD6}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{C166A0A7-7F2D-462E-BD20-94818F5C8F01}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{F46E53A1-B7DE-4775-896A-C87A1037F305}] => (Allow) LPort=1434
FirewallRules: [{140E2401-F7F3-47FF-80F5-415831CAA37C}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{3E1E13D4-1183-4D90-AFE6-1830A2521052}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [TCP Query User{4229A465-1FE1-48CD-8631-D6637E31B1C8}C:\program files\common files\microsoft shared\ink\tabtip.exe] => (Allow) C:\program files\common files\microsoft shared\ink\tabtip.exe
FirewallRules: [UDP Query User{E6EA095A-5EFC-42DA-9F06-1DF50009454D}C:\program files\common files\microsoft shared\ink\tabtip.exe] => (Allow) C:\program files\common files\microsoft shared\ink\tabtip.exe
FirewallRules: [TCP Query User{0CF05656-4A12-4CC4-B798-7D8F622DC667}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{77DFC497-68A5-4307-8BF1-6A3E434CE38E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{D1981921-761F-493C-9E55-5D30ACF55F92}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{88E9F969-AA26-4CB0-A641-9EFC4CC0E86D}] => (Allow) LPort=50000
FirewallRules: [{6A0D69EC-523D-4BB3-B08C-F0327FE1196A}] => (Allow) LPort=50000
FirewallRules: [TCP Query User{DFC03FAE-6DF8-4090-8EC8-2D96C336BDB7}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe
FirewallRules: [UDP Query User{6A8AC5CA-C6F3-4947-BC26-3C0FF36DC108}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe
FirewallRules: [TCP Query User{08725A16-7A64-4912-8ADD-5860E4E3DE09}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe
FirewallRules: [UDP Query User{9983088E-3C3F-46C4-A3AF-DF57E10D267F}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe
FirewallRules: [{109EEA3F-9156-46A0-9E80-5387EC144146}] => (Allow) C:\Windows\system32\dleacoms.exe
FirewallRules: [{425288A2-113B-41B2-A3B1-A87C3F235EE5}] => (Allow) C:\Windows\system32\DLEAcoms.exe
FirewallRules: [{445EC9EA-EDB3-44FE-8846-16034DD750A6}] => (Allow) C:\Windows\system32\DLEAcoms.exe
FirewallRules: [{ED89C33B-72C9-4FD1-BCCC-0210955ED81B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2015 00:45:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 09:29:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 05:46:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/13/2015 09:36:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2015 00:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2015 10:49:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2015 00:50:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2015 11:19:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2015 10:22:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 07:09:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/15/2015 00:46:05 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (06/15/2015 00:45:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The mrtRate service failed to start due to the following error:
%%1275

Error: (06/15/2015 00:45:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\mrtRate.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/15/2015 00:45:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The dleaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (06/15/2015 00:45:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect.

Error: (06/15/2015 00:44:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069

Error: (06/15/2015 00:44:47 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (06/15/2015 00:44:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
%%1069

Error: (06/15/2015 00:44:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (06/15/2015 00:44:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069


Microsoft Office:
=========================
Error: (04/24/2015 06:46:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 61 seconds with 60 seconds of active time. This session ended with a crash.

Error: (07/08/2013 11:27:51 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/20/2013 09:43:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6633 seconds with 720 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 55%
Total physical RAM: 4001.09 MB
Available physical RAM: 1774.52 MB
Total Pagefile: 8000.39 MB
Available Pagefile: 4839.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:855.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 6FFF82E5)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=918.2 GB) - (Type=07 NTFS)

==================== End of log ============================
Search

Problems with HP Laptop

June 16, 2015, 4:39 am
$
0
0
Hello,

I have had multiple problems with my PC, which is stated below. First of all, My mouse is slow and my keyboard is slow too. dwm.exe has stopped working has also been on my laptop when I'm away. Pictures can be seen on this old thread here --> http://forums.techguy.org/windows-8/...hp-laptop.html

Next, I tried to do a scan with Defender. It says "Malware Detected - Windows Defender is taking action to remove this file". Then last night when I booted it up, the LCD was messed up. Why HP? Why do you got to be SO rude to me?! :mad:

So, anyway, I have stuff on there that cannot be backed up If I cant see the screen. I may be able to hook it up to my TV which has a HDMI port.

Thanks
TGSUser123

Internet Explorer opening new tabs with adverts

June 16, 2015, 9:29 am
$
0
0
You ran it twice so I can't see what it fixed first time
Are you still getting any problems or has that cured it

stamplive

June 16, 2015, 11:58 am
$
0
0
post the log so we can see what it found and fixed and we can decide from there what to do next

Can't connect wireless plus security certificate error

June 17, 2015, 5:49 am
$
0
0
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:08:53 PM, on 1/16/2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16633)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
C:\Users\brittany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXY2KDXC\HiJackThis.exe
C:\Users\brittany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YHLUMEXJ\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...esario&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...esario&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost:8092
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} (GameTap Player) -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 8976 bytes

Help

June 17, 2015, 6:05 am
$
0
0
# AdwCleaner v4.204 - Logfile created 17/06/2015 at 14:37:18
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Local]
# Operating system : Windows 7 Home Premium (x64)
# Username : Administrator - HOMEPC-PC
# Running from : C:\Users\Administrator\Desktop\adwcleaner_4.204.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7600.16912


*************************

AdwCleaner[R0].txt - [8950 bytes] - [17/06/2015 10:26:24]
AdwCleaner[R1].txt - [833 bytes] - [17/06/2015 11:37:39]
AdwCleaner[R2].txt - [891 bytes] - [17/06/2015 11:39:11]
AdwCleaner[R3].txt - [1007 bytes] - [17/06/2015 11:45:37]
AdwCleaner[R4].txt - [813 bytes] - [17/06/2015 14:37:18]
AdwCleaner[S0].txt - [8205 bytes] - [17/06/2015 10:27:24]
AdwCleaner[S1].txt - [954 bytes] - [17/06/2015 11:44:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [988 bytes] ##########

Dregol

June 17, 2015, 7:06 am
$
0
0
can not get rid of this dregol.. I really need help and afraid to go to dregol.com and load their removal tool!! it opens some chromium thingy in google chrome also...this is a windows 7 toshiba laptop and an old one to boot...this thing is in such bad shape i cannot even get the recovery to work lol thank you for any help I can receive!!! :eek: oh and it will not let me remove it under the control panel either!!! or off of the google add ons

Possible multiple viruses-very slooooowww

June 17, 2015, 2:47 pm
$
0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz, x86 Family 15 Model 4 Stepping 9
Processor Count: 2
RAM: 1014 Mb
Graphics Card: Intel(R) 82915G/GV/910GL Express Chipset Family, 128 Mb
Hard Drives: C: Total - 109662 MB, Free - 9597 MB; H: Total - 38130 MB, Free - 37915 MB;
Motherboard: Dell Inc., 0JC474
Antivirus: avast! Antivirus, Updated: Yes, On-Demand Scanner: Enabled

Hello,
I am facing a very slow internet and computer. There is also something attacking one of my email addresses. I have never received so many spam emails. I run Avast and nothing seems to have come up. Please help!
Search

Outlook virus spam + scroller

June 18, 2015, 1:52 am
$
0
0
Sup all, i have been working on a family friends computer for the better part of the day, trying to remove some viruses, but i haven't had much luck

so far the steps i've taken are
installed MBAM, SBOT, avast, looked through startup, run malware bytes anti rootkit, combofix, system restore, reinstalled outlook.. no luck
thankfully atleast now avast is preventing emails from being sent via outlook.

what was happening was, every 3 seconds or something, avast would prevent outlook from sending a virus email titled something like "invoice confirmation payment"

im relatively initiated when it comes to dealing with viruses but i'm not having luck with this.. 4 things were picked up by avast, and removed, and didnt help

i did run hijackthis, ran it through the web analyzer and eyeballed it myself, but couldnt find much... unfortunately i dont have the logs with me

i have promised to do some research, and go back in the morning, and try to figure it out then, can anyone advise me on some steps i should take to correct this? the virus only seems to run when outlook is open.. lead me to think just the exe was infected, but reinstalling didnt help, it doesnt seem to force outlook to open.

also, the other computer has possibly a virus... it basically scrolls down at about a 0.3 second interval... so if you have task manager it will slowly scroll off to the side, and if you have a dialogue/drop down open, it will scroll down the list (made it difficult to install antivirus, maybe ingenious defense?)
this behaviour wasnt present in safe mode also, all above steps were also taken on this computer, except restore point.

any help is appreciated, currently dont have access to the computers, i have a hijackthis log from the 2nd computer with the scrolling computer, but nothing from the outlook computer.

thanks

BoBrowser wrecking my files

June 18, 2015, 9:38 am
$
0
0
I recently (accidentally) installed BoBrowser on to my computer - absolutely bane of my life and had heard of it as malware previously, think it installed itself with another programme and missed it.

Anyway I uninstalled it following several guides and it has definitely removed itself from my laptop. However for some reason ALL my ".jpeg" files are now, "BoBrowser HTML Documents" which is very annoying, especially when asked to upload .jpeg files onto websites etc. Also if I try and save pictures from the internet the only file type option is "BoBrowser HTML Document".

Not only am I annoyed about this but I am also worried that if I change computer and transfer my many photos over to the new computer, it will wreck the new computer with BoBrowser from the start.

Can anyone suggest any solution to this?

Thanks

Cannot open facebook and sometimes google

June 18, 2015, 2:37 pm

Laptop infected. Please help.

June 19, 2015, 2:17 pm
$
0
0
Hello and welcome, continue as follows,

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Next,

Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tuto...es-in-windows/

Next,

Please open Malwarebytes Anti-Malware.
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

    'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either accept the alert or disable your security and allow FRST to run...
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
  • Post back the report which should also be located here:

C:\Programdata\RogueKiller\Logs <-------- W7/8
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP


Let me see those logs in your reply....

Thank you,

Kevin...

FB issues

June 19, 2015, 2:29 pm
$
0
0
I am not super tech savvy & really need to get on FB. I have not been able ti access any FB pages for the past 2-3 days. Not only can I not log in, but if I do a google search and try to click on any FB link...it will not load. All other websites seem to work just fine. I asked my son to try to log into FB, and he could not do so either. Would FB block my router for some reason? I was at the apple store today, and my same computer was able to access FB their with no problem. Please help! Thanks so much :)

Slow computer with pop-ups

June 19, 2015, 4:15 pm

My Desktop is very slow and some websites automatically popping up

June 20, 2015, 9:21 am
$
0
0
Thanks for those logs, before you post anymore logs open Notepad, select "Format" from the menu bar and ensure "Word wrap" is not checkmarked.

Next,

Google Chrome is corrupt and possibly infected, we need to make a clean install.....

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

Continue for a clean install:

Remove all synced data from Chrome go here: http://www.howtogeek.com/103655/how-...ser-sync-data/ follow those instructions...

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Install Google Chrome from here: https://www.google.com/intl/en_uk/ch...top/index.html

Install Adblock Plus to Chrome: https://chrome.google.com/webstore/d...ibdccddilifddb

Next,

Please open Malwarebytes Anti-Malware.
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

    'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....

Next,

Download AdwCleaner by Xplode onto your Desktop.
  • Double click on Adwcleaner.exe to run the tool.
  • Click on Scan
  • Once the scan is done, click on the Clean button. <<<--- Ensure this option is completed
  • You will get a prompt asking to close all programs. Click OK.
  • Click OK again to reboot your computer.
  • A text file will open after the restart. Please post the content of that logfile in your reply.
  • You can also find the logfile at C:\AdwCleaner[Sn].txt. Where n in the scan reference number

Next,

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next,

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....

Let me see those logs, also give an update on any remaining issues or concerns....

Thanks,

Kevin.
Search

My father's computer may be infected with 1 or more issues according to Comcast

June 20, 2015, 8:20 pm
$
0
0
Askey,

Sorry for the delay. I was able to get my father's computer connected. :-0) I asked him to run it for a week and let me know how it went. He just told me that it still seems fine. I passed along all your recommendations (hopefully he remembers them...). Thanks again for your great assistance. it's working fine and it seems to be running just fine. Now I just found out that our friends are having issues (random pop ups saying they have viruses). I told them that those pop ups are often spoofs trying to infect your computer so now have to take a look before I create a new thread in the future. Anyway, thanks again for the help with my father's computer.

medium_low_skill

Downloaded ehternet drivers, still no connections.

June 20, 2015, 11:27 pm

Windows Surface - Firefox opens and says malware found

June 21, 2015, 1:24 am
$
0
0
step 1

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Crazy amounts of internet being uploaded

June 21, 2015, 6:12 am
$
0
0
solved for now, i changed my internet password and it's stopped haha

slow computer

June 21, 2015, 11:54 am
$
0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3998 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1807 Mb
Hard Drives: C: Total - 291892 MB, Free - 194282 MB; D: Total - 13347 MB, Free - 2068 MB;
Motherboard: Quanta, 3627
Antivirus: Norton Internet Security, Disabled
Viewing all 4746 articles
Browse latest View live
More Pages to Explore .....
Search

Latest Images

Photographer Gifts for Clients / Print Packaging / 4x6 Photo Box by...

Photographer Gifts for Clients / Print Packaging / 4x6 Photo Box by...

April 17, 2024, 6:48 pm
Deepfake Video of Aamir Khan circulates Online

Deepfake Video of Aamir Khan circulates Online

April 17, 2024, 3:07 am
Very Hungry Caterpillar™ Shirt: World of Eric Carle™+ Little Goodall by...

Very Hungry Caterpillar™ Shirt: World of Eric Carle™+ Little Goodall by...

April 14, 2024, 8:14 am
Have you seen Michael Wines? Burien man has been missing since Saturday,...

Have you seen Michael Wines? Burien man has been missing since Saturday,...

April 12, 2024, 3:59 pm
Stay Salty POTS Awareness Stretchy Stacking Bracelets | Set of Three|...

Stay Salty POTS Awareness Stretchy Stacking Bracelets | Set of Three|...

April 11, 2024, 5:27 pm
19 Reader-Favourite March Purchases — From Steals To Splurges

19 Reader-Favourite March Purchases — From Steals To Splurges

April 11, 2024, 5:07 am
Fake lip ring, silver lip ring, simple lip ring, unisex lip ring by AIRlab

Fake lip ring, silver lip ring, simple lip ring, unisex lip ring by AIRlab

April 9, 2024, 4:00 pm
First Pictures of the Eclipse ! ! !

First Pictures of the Eclipse ! ! !

April 8, 2024, 1:08 pm
People's Blog • First Pictures of the Eclipse ! ! !

People's Blog • First Pictures of the Eclipse ! ! !

April 8, 2024, 1:08 pm
People's Blog • First Pictures of the Eclipse ! ! !

People's Blog • First Pictures of the Eclipse ! ! !

April 8, 2024, 1:08 pm