Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by John (administrator) on JOHN-PC on 12-01-2015 10:46:24
Running from C:\Users\John\Desktop
Loaded Profile: John (Available profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Cisco) C:\Users\John\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\John\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-12] (Synaptics Incorporated)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5774664 2013-09-10] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-15] (Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [562264 2014-07-17] (Waves Audio Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [771240 2015-01-09] (Webroot)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-07-02] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-1973512931-3336358897-1288466322-1001\...\Run: [PCShowServer] => C:\Users\John\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1631088 2014-09-16] (Cisco)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [ ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [ ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [ ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1973512931-3336358897-1288466322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wundergro...w:55304.2.99999
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1973512931-3336358897-1288466322-1001 -> {843F8246-B4D3-436E-993C-E683694E7048} URL =
SearchScopes: HKU\S-1-5-21-1973512931-3336358897-1288466322-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1973512931-3336358897-1288466322-1001 -> {E3480582-FBAB-47BD-B586-87BA7FDCE2BD} URL = http://search.yahoo....p={searchTerms}
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\zfddampy.default-1396900832420
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.wunderground.com/cgi-bin/findweather/getForecast?query=zmw:55304.2.99999
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1973512931-3336358897-1288466322-1001: @nds.com/PlayerPlugin -> C:\Users\John\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (Cisco)
FF Plugin HKU\S-1-5-21-1973512931-3336358897-1288466322-1001: @nds.com/PlayerPlugin64 -> C:\Users\John\AppData\Local\DIRECTV Player\win64\npPlayerPlugin64.dll (Cisco)
FF Plugin HKU\S-1-5-21-1973512931-3336358897-1288466322-1001: NDS.com/PlayerPlugin -> C:\Users\John\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (Cisco)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2015-01-09]
Chrome:
=======
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-04]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2015-01-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows ® Win 7 DDK provider)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-15] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [771240 2015-01-09] (Webroot)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-21] (Atheros)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-07-02] (Qualcomm Atheros)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-11] (Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-12-26] (Intel Corporation)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-12] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-12] (Synaptics Incorporated)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2015-01-09] (Webroot)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-12 10:41 - 2015-01-12 10:41 - 00000000 ___RD () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-12 10:32 - 2015-01-12 10:32 - 00002071 _____ () C:\Users\John\Desktop\JRT.txt
2015-01-12 10:27 - 2015-01-12 10:27 - 01707939 _____ (Thisisu) C:\Users\John\Desktop\JRT.exe
2015-01-10 17:18 - 2015-01-12 10:38 - 00000000 ____D () C:\AdwCleaner
2015-01-10 16:22 - 2015-01-10 16:23 - 02191360 _____ () C:\Users\John\Desktop\AdwCleaner.exe
2015-01-09 16:09 - 2015-01-09 16:25 - 00000000 ____D () C:\Users\John\AppData\Local\lptmp1138209518
2015-01-09 16:08 - 2015-01-12 10:40 - 00000749 _____ () C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2015-01-09 16:08 - 2015-01-12 09:51 - 00000000 ____D () C:\ProgramData\WRData
2015-01-09 16:08 - 2015-01-09 16:08 - 00153256 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-01-09 16:08 - 2015-01-09 16:08 - 00114176 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-01-09 16:08 - 2015-01-09 16:08 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-01-09 16:08 - 2015-01-09 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
2015-01-09 16:08 - 2015-01-09 16:08 - 00000000 ____D () C:\Program Files\Webroot
2015-01-08 23:32 - 2015-01-08 23:32 - 00000000 ____D () C:\Users\John\Desktop\FRST-OlderVersion
2015-01-07 12:38 - 2015-01-07 12:38 - 731618252 _____ () C:\Windows\MEMORY.DMP
2015-01-07 12:38 - 2015-01-07 12:38 - 00282232 _____ () C:\Windows\Minidump\010715-51043-01.dmp
2015-01-07 10:42 - 2015-01-07 10:42 - 13087456 _____ (Microsoft Corporation) C:\Users\John\Desktop\Silverlight_x64.exe
2015-01-06 09:53 - 2015-01-06 09:53 - 00000226 _____ () C:\Users\John\Desktop\Geeks to Go - Free help from tech experts.URL
2015-01-05 13:19 - 2015-01-05 13:19 - 00000127 _____ () C:\Users\John\Desktop\ckfiles.txt
2015-01-05 13:17 - 2015-01-05 13:17 - 00468480 _____ () C:\Users\John\Desktop\CKScanner.exe
2015-01-05 13:14 - 2015-01-12 10:46 - 00015635 _____ () C:\Users\John\Desktop\FRST.txt
2015-01-05 13:14 - 2015-01-09 16:28 - 00023130 _____ () C:\Users\John\Desktop\Addition.txt
2015-01-05 13:12 - 2015-01-08 23:32 - 02124288 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2015-01-05 10:47 - 2015-01-12 10:40 - 00000504 _____ () C:\Windows\setupact.log
2015-01-05 10:47 - 2015-01-05 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-05 10:46 - 2015-01-12 10:39 - 00014234 _____ () C:\Windows\PFRO.log
2015-01-04 22:49 - 2015-01-04 22:49 - 00000031 _____ () C:\Users\John\Documents\direct.txt
2014-12-29 17:34 - 2014-12-29 17:34 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-29 17:34 - 2014-12-29 17:34 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-29 17:34 - 2014-12-29 17:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-29 17:34 - 2014-12-29 17:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-28 13:51 - 2014-12-28 13:51 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieUserList
2014-12-28 13:51 - 2014-12-28 13:51 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieSiteList
2014-12-28 13:51 - 2014-12-28 13:51 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList
2014-12-28 13:37 - 2014-12-28 13:39 - 58082952 _____ (Microsoft Corporation) C:\Users\John\Desktop\Explorer.EXE
2014-12-28 13:36 - 2014-12-28 13:36 - 00001419 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-26 23:13 - 2014-12-28 13:46 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-12-26 14:28 - 2015-01-12 10:46 - 00000000 ____D () C:\FRST
2014-12-26 10:59 - 2014-12-26 10:59 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2014-12-26 10:59 - 2014-12-26 10:59 - 00941784 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-12-26 10:59 - 2014-12-26 10:59 - 00331992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
2014-12-26 10:59 - 2014-12-26 10:59 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-12-26 10:58 - 2014-12-26 10:58 - 00118272 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-12-24 17:50 - 2014-12-24 17:50 - 00000263 _____ () C:\Users\John\Desktop\Dropbox - Natalie.URL
2014-12-19 13:10 - 2014-12-26 19:17 - 00000000 ____D () C:\Users\John\AppData\Roaming\Octoshape
2014-12-19 13:10 - 2014-12-19 13:10 - 00000000 ____D () C:\Users\John\AppData\Local\DIRECTV Player
2014-12-19 13:09 - 2014-12-19 13:09 - 20367968 _____ (DIRECTV) C:\Users\John\Downloads\DIRECTV_Player_11.0.exe
2014-12-17 19:57 - 2015-01-03 17:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-17 19:57 - 2014-12-17 19:57 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-17 19:57 - 2014-12-17 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-17 19:57 - 2014-12-17 19:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-17 19:57 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-17 19:57 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-17 19:57 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-17 19:56 - 2014-12-17 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-17 12:05 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 12:05 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 15:48 - 2014-12-16 15:48 - 00000000 ____D () C:\Users\John\AppData\Local\Skype
2014-12-16 15:43 - 2014-12-16 15:45 - 44840544 _____ (Skype Technologies S.A.) C:\Users\John\Downloads\SkypeSetupFull.exe
2014-12-16 11:54 - 2014-12-16 11:54 - 02978677 _____ (Vimm's Lair - vimm.net) C:\Users\John\Downloads\FCEUX_2.2.2.exe
2014-12-16 11:51 - 2014-12-16 11:51 - 00455842 _____ (Vimm's Lair - vimm.net) C:\Users\John\Downloads\Jnes_1.1.1.exe
2014-12-16 11:48 - 2014-12-16 11:48 - 01201037 _____ (Vimm's Lair - vimm.net) C:\Users\John\Downloads\RockNES_5.13d.exe
2014-12-14 03:23 - 2014-12-14 03:23 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-12 10:42 - 2013-11-24 01:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-01-12 10:40 - 2014-01-15 20:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 10:40 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-12 10:21 - 2014-01-15 20:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-12 10:21 - 2013-11-24 01:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-10 16:16 - 2009-07-13 22:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 16:16 - 2009-07-13 22:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 16:03 - 2014-01-15 21:13 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2015-01-08 23:20 - 2013-11-24 02:59 - 02033357 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 22:29 - 2014-01-13 15:32 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-01-07 12:38 - 2014-09-22 14:03 - 00000000 ____D () C:\Windows\Minidump
2015-01-05 11:39 - 2014-01-15 20:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-26 12:41 - 2014-01-13 15:41 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-12-26 11:28 - 2011-02-10 08:02 - 00000000 ____D () C:\Windows\panther
2014-12-26 11:11 - 2013-11-24 01:33 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-26 11:04 - 2014-05-17 17:40 - 31215616 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-12-26 11:04 - 2014-04-24 09:03 - 74121216 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-12-26 11:04 - 2014-04-24 09:03 - 00323584 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-12-26 11:04 - 2014-04-24 09:03 - 00061440 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-12-26 11:04 - 2014-04-24 09:03 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-12-26 11:04 - 2014-01-13 15:25 - 00000000 ____D () C:\Users\John
2014-12-26 11:02 - 2013-11-24 01:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-26 11:02 - 2013-11-24 01:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-26 11:02 - 2013-11-24 01:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-26 11:01 - 2009-07-13 23:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 10:59 - 2013-11-24 02:27 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-12-26 10:58 - 2014-01-13 15:34 - 00000000 ____D () C:\Users\John\Documents\Bluetooth Folder
2014-12-19 13:10 - 2014-01-13 15:58 - 00000000 ____D () C:\Users\John\AppData\Roaming\Mozilla
2014-12-17 20:11 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-12-16 16:03 - 2014-01-13 16:48 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype
2014-12-16 16:03 - 2013-11-24 01:22 - 00000000 ____D () C:\ProgramData\Skype
2014-12-16 11:52 - 2014-01-13 15:32 - 00000000 ____D () C:\Users\John\AppData\Local\VirtualStore
2014-12-14 03:23 - 2013-11-24 01:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
Some content of TEMP:
====================
C:\Users\John\AppData\Local\Temp\Quarantine.exe
C:\Users\John\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-06 10:29
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by John at 2015-01-12 10:46:57
Running from C:\Users\John\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.1 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DIRECTV Player (HKLM-x32\...\{437f5443-c052-432c-b1e7-abd9bc5cabdb}) (Version: 11.0 - DIRECTV)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON NX510 Series Printer Uninstall (HKLM\...\EPSON NX510 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
FUJIFILM MyFinePix Studio 3.2 (HKLM-x32\...\MyFinePix Studio_is1) (Version: - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.1.1000 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Streets & Trips 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}) (Version: 19.0.17.2200 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.230 - Qualcomm Atheros Communications)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.002 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sudoku Puzzle Addict (HKLM-x32\...\{C03E8D2E-3526-4C5D-9744-86FBBC098C43}) (Version: 1.00.0000 - GSP)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Warcraft II BNE (HKLM-x32\...\Warcraft II BNE) (Version: - )
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.6.44 - Webroot)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1973512931-3336358897-1288466322-1001_Classes\CLSID\{E86236DE-9BD2-42b7-86F6-A829D8EC768C}\InprocServer32 -> C:\Users\John\AppData\Local\DIRECTV Player\win64\npPlayerPlugin64.dll (Cisco)
==================== Restore Points =========================
26-12-2014 12:27:15 AA11
26-12-2014 12:40:10 IObit Uninstaller restore point
26-12-2014 19:17:08 IObit Uninstaller restore point
26-12-2014 22:58:15 IObit Uninstaller restore point
26-12-2014 22:58:47 AA11
26-12-2014 23:03:01 IObit Uninstaller restore point
26-12-2014 23:03:22 LavasoftWeCompanion
29-12-2014 17:03:56 IObit Uninstaller restore point
29-12-2014 17:06:54 IObit Uninstaller restore point
31-12-2014 09:56:29 Windows Update
05-01-2015 11:39:37 IObit Uninstaller restore point
05-01-2015 11:42:00 IObit Uninstaller restore point
06-01-2015 09:33:03 Windows Update
07-01-2015 11:46:01 IObit Uninstaller restore point
08-01-2015 23:12:41 IObit Uninstaller restore point
08-01-2015 23:13:40 IObit Uninstaller restore point
08-01-2015 23:14:32 IObit Uninstaller restore point
08-01-2015 23:15:29 IObit Uninstaller restore point
08-01-2015 23:16:12 IObit Uninstaller restore point
08-01-2015 23:17:29 IObit Uninstaller restore point
08-01-2015 23:18:19 IObit Uninstaller restore point
08-01-2015 23:19:29 IObit Uninstaller restore point
08-01-2015 23:33:21 Restore Point Created by FRST
10-01-2015 16:02:54 Restore Point Created by FRST
10-01-2015 16:05:54 Restore Point Created by FRST
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0D874672-9B6F-4886-9F60-E8BE77F6DA3C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {16C08E06-9BC7-40BB-BF3A-30A994E715F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {2042D263-2E5C-484E-814A-3C29EF2D579F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {3A7353BA-F60D-4F60-B727-9373518B5F94} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {4164D968-2170-4D8B-A90C-CF156F6E67C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {6363D9C5-CDFA-45D6-9C63-B518B08A28BC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {E413B16F-DDDF-4E61-8738-12A8E92C53CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-26] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-06-28 12:12 - 2013-06-28 12:12 - 00034304 _____ () C:\Windows\System32\ssj1mlm.dll
2013-11-24 01:27 - 2013-04-19 15:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-11-24 01:27 - 2013-04-19 15:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-11-24 01:27 - 2013-04-19 15:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-11-24 01:27 - 2013-04-19 15:51 - 00034080 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2013-07-02 22:51 - 2013-07-02 22:51 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-09-16 13:51 - 2014-09-16 13:51 - 01387880 _____ () C:\Users\John\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
2014-09-16 13:51 - 2014-09-16 13:51 - 11475296 _____ () C:\Users\John\AppData\Local\DIRECTV Player\PCShowServer.dll
2014-09-16 13:51 - 2014-09-16 13:51 - 02948448 _____ () C:\Users\John\AppData\Local\DIRECTV Player\DrmSingleton.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 00339296 _____ () C:\Users\John\AppData\Local\DIRECTV Player\ndsLogStore.dll
2014-09-16 13:51 - 2014-09-16 13:51 - 02106728 _____ () C:\Users\John\AppData\Local\DIRECTV Player\DiscoveryManager.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 00689000 _____ () C:\Users\John\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 01403224 _____ () C:\Users\John\AppData\Local\DIRECTV Player\libxml2-2.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 00091976 _____ () C:\Users\John\AppData\Local\DIRECTV Player\z.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 00205672 _____ () C:\Users\John\AppData\Local\DIRECTV Player\libgstbase-0.10.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 00060272 _____ () C:\Users\John\AppData\Local\DIRECTV Player\libgstinterfaces-0.10.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 00043880 _____ () C:\Users\John\AppData\Local\DIRECTV Player\libgstvideo-0.10.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 00044896 _____ () C:\Users\John\AppData\Local\DIRECTV Player\libgstapp-0.10.dll
2014-09-16 13:52 - 2014-09-16 13:52 - 08296288 _____ () C:\Users\John\AppData\Local\DIRECTV Player\gsttspplugin.dll
2014-01-15 18:13 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2014-01-15 18:13 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2014-11-24 11:39 - 2014-11-24 11:39 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-11-24 01:14 - 2013-06-01 06:31 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1973512931-3336358897-1288466322-500 - Administrator - Disabled)
Guest (S-1-5-21-1973512931-3336358897-1288466322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1973512931-3336358897-1288466322-1002 - Limited - Enabled)
John (S-1-5-21-1973512931-3336358897-1288466322-1001 - Administrator - Enabled) => C:\Users\John
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/12/2015 10:41:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/12/2015 10:40:29 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor ID: 0
The details view of this entry contains further information.
Error: (01/12/2015 10:38:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\system32\athihvs.dll
Error: (01/12/2015 10:38:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\system32\athihvs.dll
Error: (01/12/2015 10:38:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\system32\athihvs.dll
Error: (01/12/2015 10:38:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/12/2015 10:38:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/12/2015 10:38:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (01/12/2015 10:38:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
Error: (01/12/2015 10:38:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/12/2015 10:38:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAtheros Wlan Agent service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel® Core i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 22%
Total physical RAM: 6032.36 MB
Available physical RAM: 4656.61 MB
Total Pagefile: 12062.9 MB
Available Pagefile: 10471.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:444.06 GB) (Free:371.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B797F90B)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=21.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=444.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================