Ran this scan (results shown below) on 07/22/2015 and found various PUP files and this trojan: Trojan.Upatre. Quarantined items, and then ran CCleaner. Trojan seems to be gone, yet my computer is running extremely slow. This morning, it took 45 mintes to access the internet from startup. I have followed the suggested items and would greatly appreciate any help you can give me.
Thanks in advance, Lorraine
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 7/22/2015
Scan Time: 10:45 AM
Logfile:
Administrator: Yes
Version: 2.1.8.1057
Malware Database: v2015.07.22.03
Rootkit Database: v2015.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Lorraine
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373740
Time Elapsed: 56 min, 30 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 10
PUP.Optional.DesktopTemperature.A, HKLM\SOFTWARE\WOW6432NODE\DESKTOPTEMPERATURE, Quarantined, [53787b69d0babf774ef05238bb494eb2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211621178}, Quarantined, [6a61796b8901c96d8122741f9d67619f],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36E778E5-F988-4689-A78C-03E38601EDE7}, Quarantined, [913a6d7755357db95ec94a48cf356a96],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4ACF5837-1634-4AFC-A583-53405F15EE0B}, Quarantined, [d2f934b04941102659cee8aa7490d828],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A142B533-344A-426D-83CF-C9F6034DE0A8}, Quarantined, [d2f9895bcac0f2444ed97b17d62ea25e],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6DE2E64-0666-46C8-97F2-D0C411692DFD}, Quarantined, [5b708c58dbafc86e3ee99bf7a75d8977],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB082B40-5DDE-4DF1-8EE1-76A3E98966D1}, Quarantined, [319a2bb9cbbf2214ab7cf59d2fd5c838],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F12FADBF-18EC-414F-8D93-A6E86E556909}, Quarantined, [ba1172728208c571f63122707a8a43bd],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, Quarantined, [43889a4a2a600d29a3c8e920a75c40c0],
PUP.Optional.Ask.A, HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{084F5C6F-5F79-4E5D-A1BF-4B85A77E2655}, Quarantined, [ae1df2f2d3b7ee4818f29afd3aca3bc5],
Registry Values: 9
PUP.Optional.DesktopTemperature.A, HKLM\SOFTWARE\WOW6432NODE\DESKTOPTEMPERATURE|GUID, 087A9C78-3023-464C-84BA-265E777B5F9C, Quarantined, [53787b69d0babf774ef05238bb494eb2]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211621178}|AppName, Solid Savings-bg.exe, Quarantined, [6a61796b8901c96d8122741f9d67619f]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36e778e5-f988-4689-a78c-03e38601ede7}|AppPath, C:\Program Files (x86)\RecipeHub_2j\bar\1.bin, Quarantined, [913a6d7755357db95ec94a48cf356a96]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4acf5837-1634-4afc-a583-53405f15ee0b}|AppPath, C:\Program Files (x86)\RecipeHub_2j\bar\1.bin, Quarantined, [d2f934b04941102659cee8aa7490d828]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a142b533-344a-426d-83cf-c9f6034de0a8}|AppPath, C:\Program Files (x86)\RecipeHub_2j\bar\1.bin, Quarantined, [d2f9895bcac0f2444ed97b17d62ea25e]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c6de2e64-0666-46c8-97f2-d0c411692dfd}|AppPath, C:\Program Files (x86)\RecipeHub_2j\bar\1.bin, Quarantined, [5b708c58dbafc86e3ee99bf7a75d8977]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{db082b40-5dde-4df1-8ee1-76a3e98966d1}|AppPath, C:\Program Files (x86)\RecipeHub_2j\bar\1.bin, Quarantined, [319a2bb9cbbf2214ab7cf59d2fd5c838]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f12fadbf-18ec-414f-8d93-a6e86e556909}|AppPath, C:\Program Files (x86)\RecipeHub_2j\bar\1.bin, Quarantined, [ba1172728208c571f63122707a8a43bd]
PUP.Optional.Ask.A, HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{084F5C6F-5F79-4E5D-A1BF-4B85A77E2655}|URL, http://websearch.ask...4-564BE4E4B1A9,Quarantined, [ae1df2f2d3b7ee4818f29afd3aca3bc5]
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup, Quarantined, [b714b232c3c794a21917798a739051af],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [8f3c2cb8ddad4ee80030b74eec1709f7],
Files: 16
PUP.Optional.DesktopTemperature.A, C:\Users\Lorraine\AppData\Local\Temp\installer.exe, Quarantined, [aa21e8fcddad44f2dda5d5696f92f907],
PUP.Optional.APNToolBar.A, C:\Users\Lorraine\AppData\Local\Temp\APNSetup.exe, Quarantined, [3e8d04e00d7db58155842f78c9380ef2],
PUP.Optional.SoftPulse, c:\users\lorraine\appdata\local\temp\exe.exe, Quarantined, [5774598bb6d448ee55b6ddf12dd41ce4],
PUP.Optional.Softonic.SID.C, c:\users\lorraine\appdata\local\temp\data.exe, Quarantined, [bd0e36ae12780f27b35dcba0e71e8080],
PUP.Optional.DesktopTemperature.A, C:\Users\Lorraine\AppData\Local\Temp\e212c015-e9da-4f06-a508-972329249bd2\dtm_setup.exe, Quarantined, [6c5f28bced9d181ee971d93d818419e7],
PUP.Optional.DownloadExpert, C:\Users\Lorraine\Downloads\Adobe_Flash_Setup (1).exe, Quarantined, [ecdf04e05f2b5cda838aa4c44db4a55b],
PUP.Optional.DownloadExpert, C:\Users\Lorraine\Downloads\Adobe_Flash_Setup.exe, Quarantined, [606b618349415ed822eb4028b54c19e7],
Trojan.Upatre, C:\Users\Lorraine\Downloads\Label_US_Venice.zip, Quarantined, [23a8b03484061f17c35dd29a25dc15eb],
PUP.Optional.Winsock.HijackBoot, C:\Windows\System32\Win_Msg_HandleOff.ini, Quarantined, [3a913ca82e5ccc6a3937c2552dd6fe02],
PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\Win_Msg_HandleOff.ini, Quarantined, [587310d45c2e46f03c348691da29bb45],
PUP.Optional.DesktopTemperature.A, C:\Windows\SysWOW64\Win_Msg_Handle.ini, Quarantined, [ab20e004d2b8ed49abc676a1986bb050],
PUP.Optional.DesktopTemperature.A, C:\Users\Lorraine\AppData\Local\Temp\Win_Msg_Handler.log, Quarantined, [399207dd8901f244264cfb1c5ba8d12f],
PUP.Optional.DesktopTemperature.A, C:\Windows\Temp\Win_Msg_Handle.log, Quarantined, [b3189252dfab44f2314172a532d1f709],
PUP.Optional.DesktopTemperature.A, C:\Windows\Temp\Win_Msg_Handler.log, Quarantined, [f7d4e301b5d503338ee475a242c1659b
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, Quarantined, [b714b232c3c794a21917798a739051af],
PUP.Optional.AskAPN.Gen, C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\bqavskc1.default\searchplugins\askcom.xml, Quarantined, [6a61ba2a1b6feb4bdc9c2e41c0457b85],
Physical Sectors: 0
(No malicious items detected)
Here is the FRST results:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Lorraine (administrator) on LORRAINE-HP on 24-07-2015 11:38:06
Running from C:\Users\Lorraine\Downloads
Loaded Profiles: Lorraine (Available Profiles: Lorraine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1366320924\ee\aolsoftware.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7a\shellmon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2013-05-04] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-04] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1384088 2015-06-28] (Trend Micro Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [216928 2013-08-29] (Trend Micro Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-01-25] (cyberlink)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1366320924\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-03-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2010-12-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-09-13] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [BFHP] => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [930960 2014-12-05] (Capital Intellect, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE [72760 2013-09-07] (AOL Inc.)
Startup: C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2015-03-26] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...=iehp-3.16-1501
HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM -> {BEA18F29-2C82-49D9-82E9-F3553DC405A9} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {BEA18F29-2C82-49D9-82E9-F3553DC405A9} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3986036094-1776288158-3684659066-1001 -> {BEA18F29-2C82-49D9-82E9-F3553DC405A9} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKU\S-1-5-21-3986036094-1776288158-3684659066-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll [2012-05-09] (Trend Micro Inc.)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-18] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll [2013-08-20] (Trend Micro Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll [2012-05-09] (Trend Micro Inc.)
BHO-x32: BeFrugalIEHelper -> {2335A057-CBA6-40F6-A712-C6A7C98F7813} -> C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll [2014-12-05] (Capital Intellect, Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-18] (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll [2013-08-20] (Trend Micro Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - BeFrugal.com Shopping toolbar - {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll [2014-12-05] (Capital Intellect, Inc.)
Toolbar: HKU\S-1-5-21-3986036094-1776288158-3684659066-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3986036094-1776288158-3684659066-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll [2013-08-20] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll [2013-08-20] (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll [2012-05-09] (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll [2012-05-09] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2013-09-16] (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F890FDD-0B83-4A35-92A3-44A6FD04AC4E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{945A4663-45AD-486E-B46D-8A23690D0A4E}: [DhcpNameServer] 192.168.1.2
FireFox:
========
FF ProfilePath: C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\bqavskc1.default
FF SelectedSearchEngine: AOL Search
FF Homepage: hxxp://www.aol.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-05-18] (Coupons, Inc.)
FF Extension: AOL Toolbar - C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\bqavskc1.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2015-03-19]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-07-24]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-10-19]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension [2015-07-19]
Chrome:
=======
CHR Profile: C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Website Logon) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2015-07-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-02] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S4 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [550032 2014-12-05] (Capital Intellect, Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [111616 2015-07-03] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [189408 2015-07-03] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2012-08-24] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [94520 2012-12-07] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [78704 2015-07-03] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [210232 2012-07-05] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
U2 TMAgent; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 11:38 - 2015-07-24 11:38 - 00024220 _____ C:\Users\Lorraine\Downloads\FRST.txt
2015-07-24 11:37 - 2015-07-24 11:38 - 00000000 ____D C:\FRST
2015-07-24 11:36 - 2015-07-24 11:37 - 02135552 _____ (Farbar) C:\Users\Lorraine\Downloads\FRST64.exe
2015-07-24 08:02 - 2015-07-24 08:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-22 22:02 - 2015-07-22 22:02 - 00000000 ____D C:\ProgramData\Viewpoint
2015-07-22 22:02 - 2015-07-22 22:02 - 00000000 ____D C:\Program Files (x86)\Viewpoint
2015-07-22 13:57 - 2015-07-22 13:59 - 00000000 ____D C:\AdwCleaner
2015-07-22 13:56 - 2015-07-22 13:56 - 02248704 _____ C:\Users\Lorraine\Downloads\AdwCleaner.exe
2015-07-22 12:22 - 2015-07-24 11:14 - 00000280 _____ C:\Windows\setupact.log
2015-07-22 12:22 - 2015-07-22 12:22 - 00002828 _____ C:\Windows\PFRO.log
2015-07-22 12:22 - 2015-07-22 12:22 - 00000000 _____ C:\Windows\setuperr.log
2015-07-22 12:09 - 2015-07-22 12:09 - 00256626 _____ C:\Users\Lorraine\Documents\cc_20150722_120915.reg
2015-07-22 11:58 - 2015-07-22 11:58 - 00002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-22 11:58 - 2015-07-22 11:58 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-22 11:58 - 2015-07-22 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-22 11:57 - 2015-07-22 11:58 - 00000000 ____D C:\Program Files\CCleaner
2015-07-22 11:57 - 2015-07-22 11:57 - 06565736 _____ (Piriform Ltd) C:\Users\Lorraine\Downloads\ccsetup507.exe
2015-07-21 06:36 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 06:36 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 06:36 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 06:36 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 06:36 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 06:36 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 06:36 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 06:36 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 06:36 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 06:36 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 13:20 - 2015-07-09 13:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 13:20 - 2015-07-09 13:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 13:20 - 2015-07-09 13:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-16 13:20 - 2015-07-09 13:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 13:20 - 2015-07-09 13:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 13:20 - 2015-07-09 13:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 13:20 - 2015-07-09 13:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 13:20 - 2015-07-09 13:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 13:20 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 13:20 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-16 13:20 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 13:20 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 13:20 - 2015-07-02 16:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-16 13:20 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-16 13:20 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 13:20 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 13:20 - 2015-07-02 16:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 13:20 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 13:20 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 13:20 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 13:20 - 2015-06-26 22:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-16 13:20 - 2015-06-26 22:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 13:20 - 2015-06-26 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-16 13:20 - 2015-06-26 21:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 13:20 - 2015-06-25 04:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 13:20 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 13:20 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 13:20 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 13:20 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-16 13:19 - 2015-06-25 14:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-16 13:19 - 2015-06-25 13:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-16 13:19 - 2015-06-20 16:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-16 13:19 - 2015-06-20 15:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-16 13:19 - 2015-06-20 15:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 13:19 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-16 13:19 - 2015-06-20 15:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-16 13:19 - 2015-06-20 15:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-16 13:19 - 2015-06-20 15:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-16 13:19 - 2015-06-20 15:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-16 13:19 - 2015-06-20 15:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 13:19 - 2015-06-20 15:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-16 13:19 - 2015-06-20 15:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-16 13:19 - 2015-06-20 15:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-16 13:19 - 2015-06-20 15:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-16 13:19 - 2015-06-20 15:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-16 13:19 - 2015-06-20 15:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-16 13:19 - 2015-06-20 15:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 13:19 - 2015-06-20 15:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 13:19 - 2015-06-20 14:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 13:19 - 2015-06-20 14:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-16 13:19 - 2015-06-20 14:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 13:19 - 2015-06-20 14:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-16 13:19 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 13:19 - 2015-06-20 14:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-16 13:19 - 2015-06-19 14:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-16 13:19 - 2015-06-19 14:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-16 13:19 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-16 13:19 - 2015-06-19 14:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-16 13:19 - 2015-06-19 14:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-16 13:19 - 2015-06-19 14:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-16 13:19 - 2015-06-19 14:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-16 13:19 - 2015-06-19 14:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-16 13:19 - 2015-06-19 14:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-16 13:19 - 2015-06-19 14:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-16 13:19 - 2015-06-19 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-16 13:19 - 2015-06-19 13:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-16 13:19 - 2015-06-19 13:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-16 13:19 - 2015-06-19 13:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-16 13:19 - 2015-06-19 13:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-16 13:19 - 2015-06-19 13:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-16 13:19 - 2015-06-19 13:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-16 13:19 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-16 13:19 - 2015-06-19 13:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-16 13:18 - 2015-07-09 13:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 13:18 - 2015-07-09 13:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 13:18 - 2015-07-09 13:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 13:18 - 2015-07-09 13:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 13:18 - 2015-07-09 13:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 13:18 - 2015-07-09 13:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 13:18 - 2015-07-09 13:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 13:18 - 2015-07-09 13:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 13:18 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 13:18 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 13:18 - 2015-07-01 16:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 13:18 - 2015-07-01 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 13:18 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-16 13:18 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-16 13:18 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-16 13:18 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-16 13:18 - 2015-07-01 16:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-16 13:18 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-16 13:18 - 2015-07-01 16:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-16 13:18 - 2015-07-01 16:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-16 13:18 - 2015-07-01 16:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-16 13:18 - 2015-07-01 16:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-16 13:18 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 13:18 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-16 13:18 - 2015-07-01 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-16 13:18 - 2015-07-01 16:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-16 13:18 - 2015-07-01 16:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-16 13:18 - 2015-07-01 16:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-16 13:18 - 2015-07-01 15:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 13:18 - 2015-07-01 15:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 13:18 - 2015-07-01 15:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 13:18 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-16 13:18 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-16 13:18 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-16 13:18 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-16 13:18 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-16 13:18 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-16 13:18 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-16 13:18 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-16 13:15 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-16 13:15 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 13:15 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 13:15 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-16 13:15 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-16 13:15 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 13:15 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 13:15 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 13:15 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-16 13:15 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 13:15 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-16 13:15 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-16 11:30 - 2015-07-16 11:50 - 00000000 ___HD C:\_Exception1
2015-07-15 15:49 - 2015-07-16 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-15 15:49 - 2015-07-15 15:49 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-15 15:48 - 2015-07-16 11:57 - 00000000 ____D C:\Program Files\iTunes
2015-07-15 15:48 - 2015-07-16 11:57 - 00000000 ____D C:\Program Files\iPod
2015-07-15 15:48 - 2015-07-16 11:57 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-15 15:41 - 2015-07-16 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-15 15:41 - 2015-07-16 11:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-15 15:41 - 2015-07-15 15:41 - 00001805 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-05 13:09 - 2015-07-05 13:09 - 09186689 _____ C:\Users\Lorraine\Documents\20150704_142711_resized.zip
2015-07-05 13:09 - 2015-07-05 13:09 - 00000000 ____D C:\Users\Lorraine\Documents\20150704_142711_resized
2015-06-26 16:26 - 2015-06-27 12:54 - 00000000 ____D C:\Users\Lorraine\Documents\DECISION_DENdis_1435245334351
2015-06-26 16:26 - 2015-06-26 16:26 - 00496932 _____ C:\Users\Lorraine\Documents\DECISION_DENdis_1435245334351.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 11:20 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-24 11:20 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-24 11:18 - 2012-05-09 15:34 - 01681474 _____ C:\Windows\WindowsUpdate.log
2015-07-24 11:15 - 2013-04-18 16:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-24 11:14 - 2015-01-25 22:10 - 00000430 _____ C:\Windows\Tasks\BeFrugal.com Toolbar.job
2015-07-24 11:14 - 2013-04-18 23:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-24 11:14 - 2013-04-18 16:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-24 11:14 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-24 10:11 - 2013-04-18 23:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-24 06:45 - 2009-07-14 01:08 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-23 17:45 - 2013-04-18 13:21 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1CCF195A-5300-49A8-B430-F9B2D87BEB3D}
2015-07-23 08:34 - 2013-08-15 12:02 - 00000000 ____D C:\Users\Lorraine\AppData\Local\CrashDumps
2015-07-22 15:13 - 2015-05-13 08:24 - 00003204 _____ C:\Windows\System32\Tasks\HPCeeScheduleForLorraine
2015-07-22 15:13 - 2015-05-13 08:24 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForLorraine.job
2015-07-22 12:22 - 2013-08-18 10:08 - 00000000 ____D C:\Program Files\Google
2015-07-22 12:22 - 2013-04-18 23:25 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-22 12:16 - 2015-01-28 18:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-22 12:11 - 2014-11-16 21:34 - 00000000 ____D C:\ProgramData\Google
2015-07-22 12:11 - 2013-04-18 23:25 - 00000000 ____D C:\Users\Lorraine\AppData\Local\Google
2015-07-22 12:05 - 2014-07-08 07:00 - 00000000 ____D C:\Windows\Minidump
2015-07-22 12:05 - 2007-01-01 21:25 - 00000000 ____D C:\Windows\Panther
2015-07-22 11:55 - 2014-07-02 11:05 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-22 11:19 - 2015-02-11 18:22 - 00236032 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-07-22 10:44 - 2014-07-02 11:04 - 00001066 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-22 10:44 - 2014-07-02 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-22 10:44 - 2014-07-02 11:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-22 07:33 - 2009-07-14 00:45 - 00269128 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 01:09 - 2014-10-19 21:53 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-07-18 08:05 - 2013-04-20 12:19 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-07-17 10:29 - 2015-01-26 18:22 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 07:52 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-07-17 06:35 - 2015-04-04 12:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 06:35 - 2015-04-04 12:29 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-17 06:35 - 2014-12-10 14:14 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-17 06:35 - 2014-05-07 01:07 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-17 06:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-17 00:27 - 2013-08-15 10:51 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 11:57 - 2013-10-12 16:06 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-16 11:57 - 2013-10-12 16:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-16 11:57 - 2013-04-18 16:32 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-16 11:57 - 2013-04-18 13:20 - 00000000 ____D C:\Users\Lorraine
2015-07-16 11:57 - 2011-08-23 00:39 - 00000000 ____D C:\ProgramData\RoxioNow
2015-07-16 11:57 - 2011-08-23 00:30 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-07-16 11:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-07-16 11:57 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-16 11:18 - 2015-05-27 16:01 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-15 17:06 - 2013-04-18 23:25 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 17:06 - 2013-04-18 23:25 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 07:15 - 2013-04-18 16:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 07:15 - 2013-04-18 16:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 07:15 - 2013-04-18 16:33 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 13:06 - 2013-04-18 23:26 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 07:16 - 2015-01-26 18:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-11 06:49 - 2009-07-14 01:13 - 00798278 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 18:30 - 2013-05-05 13:57 - 00372736 ___SH C:\Users\Lorraine\Documents\Thumbs.db
2015-07-03 11:50 - 2014-10-19 21:56 - 00189408 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-07-03 11:50 - 2014-10-19 21:56 - 00111616 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-07-03 11:50 - 2014-10-19 21:56 - 00078704 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-07-03 08:43 - 2012-05-09 18:45 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-24 06:41 - 2014-08-20 22:44 - 00000000 ____D C:\Users\Lorraine\AppData\Local\Adobe
==================== Files in the root of some directories =======
2014-10-19 21:48 - 2014-10-19 21:48 - 0000036 _____ () C:\Users\Lorraine\AppData\Local\housecall.guid.cache
Some files in TEMP:
====================
C:\Users\Lorraine\AppData\Local\Temp\Quarantine.exe
C:\Users\Lorraine\AppData\Local\Temp\sqlite3.dll
C:\Users\Lorraine\AppData\Local\Temp\uninst.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-23 12:52
==================== End of log ============================
Addition Logs
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Lorraine at 2015-07-24 11:39:40
Running from C:\Users\Lorraine\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3986036094-1776288158-3684659066-500 - Administrator - Disabled)
Guest (S-1-5-21-3986036094-1776288158-3684659066-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3986036094-1776288158-3684659066-1003 - Limited - Enabled)
Lorraine (S-1-5-21-3986036094-1776288158-3684659066-1001 - Administrator - Enabled) => C:\Users\Lorraine
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Trend Micro Titanium (Enabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0}
AS: Trend Micro Titanium (Enabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{942836D4-5395-652B-F1E8-A7C5B039910C}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled Twist (HKLM-x32\...\Bejeweled Twist) (Version: - PopCap Games)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blast! Software 50 Fun Family Games (HKLM-x32\...\50 Fun Family Games) (Version: - )
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.0.8.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cash Back Assistant (HKLM-x32\...\BeFrugal.com Toolbar_is1) (Version: 2013.3.16.8 - BeFrugal.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3.2714 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{B6946BAC-2169-42CC-8E6D-F6FE2EEDB20F}) (Version: 1.2.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDVR version 1.0.1.31 (HKLM-x32\...\{992EF7D5-3D70-4B7F-AFDC-8C946676BD4E}_is1) (Version: 1.0.1.31 - )
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.03.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scansoft PDF Professional (x32 Version: - ) Hidden
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
14-07-2015 23:20:40 Windows Update
15-07-2015 06:54:36 Windows Update
16-07-2015 00:29:26 Windows Update
17-07-2015 00:20:20 Windows Update
21-07-2015 22:53:18 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1BC9D6DF-B641-4DDA-BF9C-76EE4FD5AA54} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {28548590-4D7B-46DA-842D-6ACED68F2304} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {5033ED32-05EE-4B09-8393-48E378C7CA2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {5072E974-1A00-4C9A-83EB-1041E3922730} - System32\Tasks\BeFrugal.com Toolbar => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [2014-12-05] (Capital Intellect, Inc.)
Task: {6872BC22-5614-4132-93C8-C22B68FEC43D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {728DDB4C-775E-42FA-8988-A859C485B3FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {86F832C1-1CF1-4B93-9F8A-7610DBDDD254} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {872052B6-EAEF-465B-8B8F-14F0643383A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-07] (Hewlett-Packard)
Task: {87E2AE89-AAAF-4CF7-B627-FBFFAEC8B8C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-07-15] (Microsoft)
Task: {A72CE8D2-670E-4D1E-B881-2E937AF70310} - System32\Tasks\HPCeeScheduleForLorraine => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B27ABBF0-9269-4BE1-B1D5-787B51C6BF28} - \Updater26278.exe No Task File <==== ATTENTION
Task: {CE7B9B69-9151-46D8-9676-49183EEE1CE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.)
Task: {E8771F58-CDBB-4EA0-96F7-BCF42EB71A93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.)
Task: {EB10843F-4A68-4606-A065-296463075E1B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {F1BA3C7D-C485-4345-927A-B2BEFD7C469E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {F5C053B6-5BA1-4689-A8EE-8C884230BB29} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BeFrugal.com Toolbar.job => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe9C:\Program Files (x86)\Common Files\BeFrugal.com\ToolbarBeFrugal.com
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLorraine.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-19 21:53 - 2012-05-02 15:27 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
2014-10-19 21:53 - 2012-05-02 15:24 - 00731136 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2014-10-19 21:53 - 2012-05-02 15:24 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
2014-10-19 21:53 - 2012-05-02 15:25 - 01719808 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2014-10-19 21:53 - 2012-05-02 15:25 - 00016896 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_49.dll
2014-10-19 21:31 - 2012-07-25 11:53 - 00289088 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2011-04-02 02:06 - 2011-04-02 02:06 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-04-18 18:50 - 2005-04-22 00:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2011-04-02 02:06 - 2011-04-02 02:06 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-04 15:25 - 2011-03-04 15:25 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-02 01:57 - 2011-04-02 01:57 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-27 17:05 - 2011-04-27 17:05 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2013-09-07 13:20 - 2013-09-07 13:20 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\zlib.dll
2013-09-07 13:19 - 2013-09-07 13:19 - 21117440 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libcef.dll
2013-09-07 13:19 - 2013-09-07 13:19 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libglesv2.dll
2013-09-07 13:19 - 2013-09-07 13:19 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7a\libegl.dll
2013-04-18 18:49 - 2009-02-27 19:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-04-27 17:05 - 2011-04-27 17:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3986036094-1776288158-3684659066-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: BeFrugal.com Service => 2
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D4B95F77-4267-480D-B09E-807D32B7C362}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{7357D7DB-1CAD-4176-B5B6-192981E07CA8}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{DEC67F9A-A8AC-40CF-A18A-8C26657DD6FB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{AF9FF664-C954-4F68-AB8B-6FD685D46EA7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{B0DA4B59-C283-41C5-AA72-7341B700D288}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D126EF6F-86FB-40B1-BCC8-D01BF7F7D5DE}] => (Allow) LPort=2869
FirewallRules: [{C011CF40-36A6-408F-9B56-E32FF48A32EA}] => (Allow) LPort=1900
FirewallRules: [{B1C1D001-4706-42E0-B9F9-E3867BEEFB7A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CDDECEB0-0F24-40FF-A919-F2F2EF152D73}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{30D0AE33-E08F-4FCB-93E2-AB5A3B2F5E1C}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{131AE71A-7568-496B-A075-1C44726E6AF3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{08B2D65B-BC7C-4E3B-962B-24F83F3276C4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{A11D002E-F9B6-434F-9DD8-D740315AEF3C}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{15EC30DF-DF59-4FF9-9712-D76512F1117B}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{A2C692F1-FB86-4910-A042-D025E4338EB3}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{A79B2DC6-9C29-485C-BE8F-7E84C43CB0CC}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1366320924\ee\aolsoftware.exe
FirewallRules: [{3AC0057E-3AFA-448B-AF02-DC0DD2D1C883}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1366320924\ee\aolsoftware.exe
FirewallRules: [{D327F2D5-CF27-49F1-984D-3B3382FBB269}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{6737D48C-00E8-420F-BA84-D3E863E8C2EF}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{C867DFB3-80F5-4410-BCA0-061336D6A8E3}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{3C00556F-3006-4957-BDF6-F3513E9FF131}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{B1E54A0D-A538-412D-AC4B-9B3992FCAB84}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{22DDA8C8-24DE-4989-8E72-79151E6EDE9E}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{C5119849-E71D-4232-B51A-CD4EFB8A9865}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{630A1FB5-5953-4402-9D0F-A996FF1119E2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{DD09F837-7917-4DAA-A632-DA412D971356}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{B9C7FB19-518B-4158-9C1F-4C59BE31A74D}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{C31B9ED2-786F-4637-9430-50933D7A0903}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{AC2F8570-FC7D-4729-A4AA-64663F133CAD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{28B2AAAB-6A31-49E2-8014-C381753B6ED8}] => (Allow) LPort=54925
FirewallRules: [{C8E226E0-F8D0-42DA-BF81-AC3677CA7F58}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
FirewallRules: [{E4BD7EC5-ACE3-42AF-9FD6-D2C49DF4D7AB}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
FirewallRules: [{D1D448C9-CBDB-41D3-BCEA-EDD08C8BD229}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe
FirewallRules: [{B0FB406F-19D5-4611-9E53-E0CBFAF9F86A}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe
FirewallRules: [{3D2F8D9A-3A3D-45C6-AD14-969745A67A5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B26236CC-0794-4BDB-8151-B99DD7503E59}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E58D869B-7F3A-4B53-806E-4E467089896D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68921817-32C0-440C-90A8-D3C2177A27A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{34FF67AC-583E-41C7-8466-A9BF69258854}C:\program files (x86)\mydvr\mydvr.exe] => (Allow) C:\program files (x86)\mydvr\mydvr.exe
FirewallRules: [UDP Query User{71F1862E-8A02-4CD2-9447-DE82696D852B}C:\program files (x86)\mydvr\mydvr.exe] => (Allow) C:\program files (x86)\mydvr\mydvr.exe
FirewallRules: [{5AC252BA-6A4B-473F-B1D7-63E20A0E672B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{077F2DDA-CC44-43C9-8040-CE72ADE35E8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0720EAA6-0E02-4CCB-89D2-7F3D84900CF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2B42416F-F122-41BD-B1A5-86BB91760B92}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8E5DA540-339F-466F-876D-C3A7177F3FF8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Faulty Device Manager Devices =============
Name: WAN Miniport (ATW) #2
Description: WAN Miniport (ATW)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: America Online, Inc.
Service: wanatw
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: WAN Miniport (ATW) #3
Description: WAN Miniport (ATW)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: America Online, Inc.
Service: wanatw
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/24/2015 11:14:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/24/2015 06:57:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62431
Error: (07/24/2015 06:57:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62431
Error: (07/24/2015 06:57:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/24/2015 06:57:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46785
Error: (07/24/2015 06:57:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46785
Error: (07/24/2015 06:57:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/24/2015 06:57:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31184
Error: (07/24/2015 06:57:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31184
Error: (07/24/2015 06:57:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (07/24/2015 07:18:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {548E275F-0290-40E7-B454-738B0C61DE60}
Error: (07/24/2015 07:05:39 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (07/24/2015 06:57:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
Error: (07/22/2015 01:59:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/22/2015 01:59:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 3 time(s).
Error: (07/22/2015 01:59:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
Error: (07/22/2015 01:58:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
Error: (07/22/2015 01:58:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (07/22/2015 01:58:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/22/2015 01:58:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Coupon Printer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Microsoft Office:
=========================
Error: (07/24/2015 11:14:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/24/2015 06:57:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62431
Error: (07/24/2015 06:57:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62431
Error: (07/24/2015 06:57:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/24/2015 06:57:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46785
Error: (07/24/2015 06:57:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46785
Error: (07/24/2015 06:57:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/24/2015 06:57:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31184
Error: (07/24/2015 06:57:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31184
Error: (07/24/2015 06:57:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2015-06-26 13:00:37.764
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-06-26 13:00:37.704
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD A6-3400M APU with Radeon HD Graphics
Percentage of memory in use: 28%
Total physical RAM: 7657.91 MB
Available physical RAM: 5485.2 MB
Total Virtual: 15314.02 MB
Available Virtual: 12837.2 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:681.73 GB) (Free:612.89 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.61 GB) (Free:1.81 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D6C0B88A)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=681.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=104 MB) - (Type=0E)
==================== End of log ============================