Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015 Ran by DrRick at 2015-06-11 08:47:13 Running from C:\Users\DrRick\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1055808474-1272891386-3664582754-500 - Administrator - Disabled) DrRick (S-1-5-21-1055808474-1272891386-3664582754-1000 - Administrator - Enabled) => C:\Users\DrRick Guest (S-1-5-21-1055808474-1272891386-3664582754-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems) Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - ) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.) Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform) CCleaner Packages (HKU\S-1-5-21-1055808474-1272891386-3664582754-1000\...\CCleaner Packages) (Version: - ) <==== ATTENTION Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.) Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.) Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.) Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell) Dell System Detect (HKU\S-1-5-21-1055808474-1272891386-3664582754-1000\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.1 - Synaptics Incorporated) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.) HP Officejet Pro 8620 Basic Device Software (HKLM\...\{B693607C-4611-4164-8167-E9F07A86EF6B}) (Version: 32.0.90.45518 - Hewlett-Packard Co.) HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation) Jeppesen Services (HKLM-x32\...\{2B0DF49C-FC06-4B2B-934A-92E2DCE20C4C}) (Version: 1.00.000 - Jeppesen) Jeppesen Services (x32 Version: 1.00.000 - Jeppesen) Hidden Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla) Mozilla Thunderbird 31.7.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 en-GB)) (Version: 31.7.0 - Mozilla) Norton Security (HKLM-x32\...\NS) (Version: 22.2.0.31 - Symantec Corporation) Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.) Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{71768BEC-CCE7-471C-B1FD-8E45A9AB0A72}) (Version: 32.0.90.45518 - Hewlett-Packard Co.) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications) QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SketchUp 2015 (HKLM\...\{C630FC42-E196-4B6D-B12B-4CB8D5F399D7}) (Version: 15.1.106 - Trimble Navigation Limited) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 19-05-2015 23:50:08 Windows Update 22-05-2015 22:53:01 Windows Backup 30-05-2015 09:56:18 Scheduled Checkpoint 02-06-2015 13:08:25 Windows Backup 05-06-2015 22:12:17 Windows Update 10-06-2015 16:10:35 Norton_Power_Eraser_20150610161031096 10-06-2015 22:39:07 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05919801-C99D-483F-A317-F16B6456F0C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated) Task: {07815D6E-DBDA-401E-A248-D32FB04A889D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation) Task: {0C6F10BC-2F40-46D7-801E-7FACDE47C757} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [2013-09-11] (Hewlett-Packard Co.) Task: {0C74F116-4BF0-4667-8126-3C6EE79A24E8} - System32\Tasks\{AF855F39-DB45-479C-B234-9E8F5D6B19AC} => D:\AutoCAD-R14-Full\SETUP.EXE Task: {0D4732BE-9F15-40B1-A423-89188A3D29BA} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-10] (Microsoft Corporation) Task: {196E1F4C-68A3-4B62-8A06-8E5E3968A468} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {1D5E7EC8-B879-4EF9-BF17-A9B99ACE4E2A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {255FF861-C62D-4EDE-AA51-07D8EA9A4424} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.) Task: {47E1F29F-4B94-4CE9-8FAD-BA2F74DAF73C} - \ProPCCleaner_Popup No Task File <==== ATTENTION Task: {51CA6CF0-08BD-487F-92AD-7569FA5583CD} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\SymErr.exe [2015-02-25] (Symantec Corporation) Task: {52E85B76-868C-4AC8-B536-2B5541E494A5} - System32\Tasks\{654C3AB3-36F9-47DC-80A1-8765C0992E44} => D:\AutoCAD-R14-Full\SETUP.EXE Task: {6967A09B-C7C9-40C0-A8B6-BAB2E9C2FA2A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\WSCStub.exe [2015-04-01] (Symantec Corporation) Task: {6A4E8F89-2727-4C52-898F-825A193C32CD} - System32\Tasks\{A4300F2C-F8F3-48F8-9CB7-B3B5838062D9} => D:\AutoCAD-R14-Full\SETUP.EXE Task: {8355B239-CF75-4F6A-A296-98A7E7B8E4B9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {92AFA3A9-3479-4289-91DA-6EBF2FB7DA44} - System32\Tasks\{87D759A8-40FA-4640-82BF-1FB1EAC2E9CA} => D:\AutoCAD-R14-Full\NETSETUP\SETUP.EXE Task: {97FD1916-0658-4B1B-A33C-BEFC844EA8C6} - System32\Tasks\{1B5605BC-42A0-45FE-B9A9-17F2AA2AB23B} => D:\AutoCAD-R14-Full\SETUP.EXE Task: {98BEE255-7BDA-4190-AA49-F7B562E00376} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {9B14EAD1-653F-4819-B1CC-FCFFCF9B1821} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {9EB40AF0-AC12-4D4E-AE94-DFE39283FFF5} - \ProPCCleaner_Start No Task File <==== ATTENTION Task: {9EC44ED0-8BD2-4703-A1DB-362C17FA256C} - System32\Tasks\{E1CED4D3-436F-4B25-8653-D269C3E8F763} => D:\AutoCAD-R14-Full\SETUP.EXE Task: {A598C252-2CE9-4C30-AA83-6BC0D7E99AAA} - System32\Tasks\{25A49924-2E1B-4AD4-AD44-39055B0CD492} => pcalua.exe -a D:\Setup.exe -d D:\ -c -auto Task: {AAC3470D-1CD7-411F-AF1E-520CE07E0111} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {AF195A39-622F-4E50-A42E-3D2A6ED62D99} - System32\Tasks\{D6D87161-7207-4CB4-80E1-05370806CA87} => D:\AutoCAD-R14-Full\NETSETUP\SETUP.EXE Task: {B8034F24-DCED-4CA0-A89F-82C595E3045C} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {C40C8485-30C4-4282-992C-A0E6A8D91AB9} - System32\Tasks\{434CC2D2-7A47-4CBE-B3C0-89A6EDBED104} => D:\AutoCAD-R14-Full\SETUP.EXE Task: {D012C1EC-F6F3-4AFE-A857-FFEC9B4CCF86} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd) Task: {DA638102-A1B4-4199-9470-25AB81705776} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.) Task: {DB3BECDE-C9A3-4BE5-9593-872239177AE4} - \ASP No Task File <==== ATTENTION Task: {E65C60AE-ABE5-430E-BF7C-827E31763F43} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\SymErr.exe [2015-02-25] (Symantec Corporation) Task: {FDCBDF76-4D03-4F15-B9E7-CF13AA12D589} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-04-14 06:49 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll 2015-04-14 06:49 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 03502080 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe 2014-06-08 08:50 - 2013-08-19 10:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-01-08 01:58 - 2014-01-08 01:58 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2014-06-08 08:50 - 2013-11-21 18:22 - 00484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe 2005-04-04 19:58 - 2005-04-04 19:58 - 00028791 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\hpi.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 00057453 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\verify.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 00102515 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\java.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 00053364 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\zip.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 00057455 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\net.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 00032880 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\nio.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 00434255 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll 2005-04-04 19:58 - 2005-04-04 19:58 - 01019904 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll 2014-06-08 08:30 - 2013-12-10 10:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-05-19 22:52 - 2015-05-19 22:52 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2015-05-19 22:52 - 2015-05-19 22:52 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2015-05-19 22:52 - 2015-05-19 22:52 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-06-08 08:50 - 2013-11-21 16:00 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll 2014-06-08 08:50 - 2012-11-25 23:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll 2014-06-08 08:50 - 2012-11-25 23:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1055808474-1272891386-3664582754-1000\...\dell.com -> dell.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1055808474-1272891386-3664582754-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DrRick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.0.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{DF37E967-E7FC-4ED6-8DBB-76D1A168F44D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{0EACAED6-1E4C-4110-A3A1-1767D7C83E63}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe FirewallRules: [{D6748799-072E-4103-A658-F037F22B860F}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe FirewallRules: [{0D5B9222-7F79-43D4-ABCD-166B06F4606C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe FirewallRules: [{12CD2EE1-A4FF-4A9D-94BD-1DEF2FA7DB0B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe FirewallRules: [{FBD224DC-532A-4422-95D3-7109FEE5D62D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe FirewallRules: [{3CAB5969-87E4-4154-BAAB-1D4D8C0F90A5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe FirewallRules: [{74AD1F54-73FA-42CF-BA4D-D7D9D5317403}] => (Allow) LPort=5357 FirewallRules: [{41F21CA5-A097-4D2F-AF35-20067AEDB642}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{178E3348-CC3E-47C8-80DC-F7D9E2BA4EFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{99D65863-3C46-4FFF-8F2B-38C8AA6EEBBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F96659BB-16D7-48D6-BF5B-9781AF669B40}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com FirewallRules: [{34F00483-895B-470A-9E49-79575B06CA6D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe FirewallRules: [{4BCA847C-B072-46DB-B53D-6446C2B2EF4B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe FirewallRules: [{9F2CA1E0-EC06-4A6D-98E3-4BB2ACD15890}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com FirewallRules: [{08DBE51D-56F4-46BC-85A3-1CA1F38DE295}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe FirewallRules: [{C7F9B515-298D-4AD1-86DE-38D76FF38F24}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe FirewallRules: [TCP Query User{AFD638E6-9E51-438C-8530-56111BF1CC45}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{ADE0CCF5-7B0F-4199-B358-4D4C578336F6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{12BBA1FF-2A18-4BFA-9EFF-20DA235BB870}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe FirewallRules: [{1D9F8DDB-A901-4B02-BCB8-B2AB5280435C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{8109DE63-546E-42BA-8314-1B01CF4E1BD7}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{63FCDD54-022A-4722-834E-E88673E84DD2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{BB510881-AE7D-44B5-BCD1-5C1C41AE027E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{CD07F08F-E5B0-4116-87A6-396B2825FE9D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (06/11/2015 08:37:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 06:02:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 09:26:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 04:12:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 03:57:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 06:32:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/09/2015 03:50:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/09/2015 05:47:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/08/2015 09:51:56 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/08/2015 06:26:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (06/10/2015 09:26:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell SupportAssist Agent service failed to start due to the following error: %%1053 Error: (06/10/2015 09:26:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect. Error: (06/10/2015 09:24:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (06/10/2015 03:55:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (06/05/2015 10:12:43 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (06/03/2015 06:03:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell SupportAssist Agent service failed to start due to the following error: %%1053 Error: (06/03/2015 06:03:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect. Error: (06/02/2015 04:59:11 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR2. Error: (06/02/2015 09:57:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell SupportAssist Agent service failed to start due to the following error: %%1053 Error: (06/02/2015 09:57:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect. Microsoft Office: ========================= Error: (06/11/2015 08:37:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 06:02:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 09:26:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 04:12:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 03:57:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2015 06:32:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/09/2015 03:50:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/09/2015 05:47:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/08/2015 09:51:56 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/08/2015 06:26:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage of memory in use: 25% Total physical RAM: 8096.03 MB Available physical RAM: 6069.61 MB Total Pagefile: 16190.26 MB Available Pagefile: 13983.71 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:911.69 GB) (Free:828.6 GB) NTFS Drive y: (RECOVERY) (Fixed) (Total:19.78 GB) (Free:9.25 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: FEAC185D) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=19.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=911.7 GB) - (Type=07 NTFS) ==================== End of log ============================