Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Losing files in Docs folder after upgrade


  • Please log in to reply

#1
compidjt

compidjt

    Member

  • Member
  • PipPip
  • 27 posts

After upgrade to 10 files in my docs folders ( My PC, C: ) strtd to disappear and were replaced by a single "thumbs.db" file. Later the same day "File not available/access is denied" messages appeared so that in most cases I can't even get into the C: drive to investigate.

Looked for the docs in windows.old and was also denied access

Tried all of the permissions fixes

- checked all user account permissions and verified that they were allowed

- added another admin. user profile

- from command prompt executed "net user administrator/active:yes"

     and "control userpasswords2 - OK "commands

- reset computer

-reverted to win 8.1

-tried to access from an XP networked computer but was denied access to C:

- more that I can't remember

I'm hoping there's something in the logs that a kind and helpful experienced tech can find.

Any help will be greatly appreciated. Logs below!

 

 

After upgrade to 10 files in my docs folders ( My PC, C: ) strtd to disappear and were replaced by a single "thumbs.db" file. Later the same day "File not available/access is denied" messages appeared so that in most cases I can't even get into the C: drive to investigate.

Looked for the docs in windows.old and was also denied access

Tried all of the permissions fixes

- checked all user account permissions and verified that they were allowed

- added another admin. user profile

- from command prompt executed "net user administrator/active:yes"

     and "control userpasswords2 - OK "commands

- reset computer

-reverted to win 8.1

-tried to access from an XP networked computer but was denied access to C:

- more that I can't remember

I'm hoping there's something in the logs that a kind and helpful experienced tech can find.

Any help will be greatly appreciated.After upgrade to 10 files in my docs folders ( My PC, C: ) strtd to disappear and were replaced by a single "thumbs.db" file. Later the same day "File not available/access is denied" messages appeared so that in most cases I can't even get into the C: drive to investigate.

Looked for the docs in windows.old and was also denied access

Tried all of the permissions fixes

- checked all user account permissions and verified that they were allowed

- added another admin. user profile

- from command prompt executed "net user administrator/active:yes"

     and "control userpasswords2 - OK "commands

- reset computer

-reverted to win 8.1

-tried to access from an XP networked computer but was denied access to C:

- more that I can't remember

I'm hoping there's something in the logs that a kind and helpful experienced tech can find.

Any help will be greatly appreciated

 

 

 

 

.Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:19-12-2015
Ran by kevdoyle (administrator) on KDLAPTOP (19-12-2015 12:06:55)
Running from C:\Users\kevdoyle\Downloads
Loaded Profiles: kevdoyle & Administrator (Available Profiles: kevdoyle & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Gemalto N.V.) C:\Users\kevdoyle\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\WINDOWS\System32\alg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010952 2012-12-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [1219_11503521549542] => C:\Users\kevdoyle\AppData\Local\LMIR0001.tmp_r.bat [366 2015-12-19] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-09-04] (Qualcomm®Atheros®)
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\kevdoyle\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2012-02-15] (Gemalto N.V.)
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\Run: [Spotify Web Helper] => C:\Users\kevdoyle\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-11-30] (Spotify Ltd)
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\Run: [Spotify] => C:\Users\kevdoyle\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-11-30] (Spotify Ltd)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{499B8AF8-8B1B-46D4-B1FB-F067992F3685}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BC1C0FE9-4CCC-4FA8-A5A0-D0B7DB3B4AF9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\Software\Microsoft\Internet Explorer\Main,Start Page = washpost.com
HKU\S-1-5-21-923276780-2868197199-3824160207-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com
HKU\S-1-5-21-923276780-2868197199-3824160207-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-923276780-2868197199-3824160207-1001 -> {7233D618-32D5-4E2F-964B-1ED20712338B} URL =
SearchScopes: HKU\S-1-5-21-923276780-2868197199-3824160207-1001 -> {75E4EF03-5CE4-4F65-91D5-DA1FE99D4BAF} URL =
SearchScopes: HKU\S-1-5-21-923276780-2868197199-3824160207-1001 -> {B5E78670-9FA7-4234-866B-C09B266B9393} URL = hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q={searchTerms}&src=IE-SearchBox
DPF: HKLM-x32 {1EAF0371-58DE-479D-95F0-8888F82FBDB7} hxxp://v5.adesa.liveblockauctions.com/container_repository/laiLauncher.cab

FireFox:
========
FF ProfilePath: C:\Users\kevdoyle\AppData\Roaming\Mozilla\Firefox\Profiles\o1ixepgq.default-1396633353597
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: washpost.com
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Extension: Flashblock - C:\Users\kevdoyle\AppData\Roaming\Mozilla\Firefox\Profiles\o1ixepgq.default-1396633353597\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-11-30]
FF Extension: Manheim Media Player - C:\Users\kevdoyle\AppData\Roaming\Mozilla\Firefox\Profiles\o1ixepgq.default-1396633353597\Extensions\[email protected] [2014-04-24] [not signed]
FF Extension: Adblock Plus - C:\Users\kevdoyle\AppData\Roaming\Mozilla\Firefox\Profiles\o1ixepgq.default-1396633353597\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-09-04] (Windows ® Win 7 DDK provider) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-04] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-18] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28040 2012-12-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [32136 2012-12-21] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 iscFlash; \??\C:\Users\kevdoyle\AppData\Local\Temp\7zS67DC.tmp\iscflashx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-19 11:43 - 2015-12-19 11:43 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-12-19 11:21 - 2015-12-19 11:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-19 11:13 - 2015-12-19 11:29 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue RC - e5b9f9ab-db28-4364-a680-50447f137d88
2015-12-18 15:44 - 2015-12-18 15:44 - 00003388 _____ C:\WINDOWS\System32\Tasks\START SKYDRIVE
2015-12-18 14:47 - 2015-12-19 11:44 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-923276780-2868197199-3824160207-500

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-19 12:06 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS
2015-12-19 11:45 - 2013-09-29 23:04 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-19 11:45 - 2013-09-03 12:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-19 11:45 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-19 11:43 - 2013-09-03 11:47 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-923276780-2868197199-3824160207-1001
2015-12-19 11:41 - 2014-04-06 21:50 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-19 10:22 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-18 19:15 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-18 18:41 - 2014-04-06 21:50 - 00003582 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-18 18:08 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-18 17:46 - 2013-08-22 08:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-18 15:46 - 2014-01-16 13:55 - 00001732 _____ C:\WINDOWS\System32\Tasks\{074ABF52-536F-4507-9FE9-E489B59A07A8}
2015-12-18 15:46 - 2013-11-22 15:59 - 00001954 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-12-18 15:46 - 2013-11-22 15:59 - 00001928 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-12-18 15:46 - 2013-11-22 15:59 - 00001926 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-12-18 15:46 - 2013-11-22 15:59 - 00001898 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-12-18 15:46 - 2013-11-22 15:59 - 00001896 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-12-18 15:46 - 2013-07-08 07:07 - 00002098 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2015-12-18 15:46 - 2013-07-08 07:07 - 00002098 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2015-12-18 15:46 - 2013-07-08 06:29 - 00001826 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-12-18 15:10 - 2014-04-20 09:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-18 15:04 - 2013-11-13 15:21 - 00000000 ____D C:\Users\Administrator
2015-12-18 14:47 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-18 14:02 - 2014-07-12 12:54 - 00000000 ____D C:\WINDOWS\en
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Resources
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-12-18 14:02 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-18 14:02 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-18 14:02 - 2013-07-08 07:11 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-12-18 14:02 - 2013-07-08 07:00 - 00000000 ____D C:\Program Files (x86)\Dell Wireless
2015-12-18 14:02 - 2013-07-08 06:58 - 00000000 ____D C:\Program Files\Intel
2015-12-18 14:02 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-18 11:55 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-18 11:53 - 2013-11-13 15:21 - 00000000 ____D C:\Users\kevdoyle
2015-12-18 11:13 - 2015-10-30 04:42 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-18 07:48 - 2013-09-03 02:23 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-18 07:04 - 2013-07-08 06:11 - 00000000 ____D C:\DELL
2015-12-18 07:04 - 2007-10-21 15:27 - 00000000 ____D C:\QBOOKSW
2015-12-18 07:04 - 2007-10-03 16:50 - 00000000 ____D C:\MMR
2015-12-18 07:03 - 2009-08-07 11:00 - 00000000 ____D C:\bb0b3278e52d5305c14fd7d4
2015-12-18 07:03 - 2008-10-17 12:15 - 00000000 ____D C:\2a2ba2ba252753fc4c1eaa
2015-12-18 07:03 - 2008-10-17 12:14 - 00000000 ____D C:\26a98545803d281f592bf52b70969e
2015-12-18 06:45 - 2007-09-18 12:32 - 00000000 __RHD C:\~JTrg.000
2015-12-18 06:34 - 2007-09-21 15:52 - 00000000 ____D C:\ATI
2015-12-11 03:02 - 2014-01-02 19:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 03:02 - 2014-01-02 19:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-08 22:39 - 2013-09-03 02:55 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-11-30 17:33 - 2014-04-30 15:34 - 00000000 ____D C:\Program Files (x86)\Brother
2015-11-30 17:33 - 2014-04-30 11:02 - 00000013 _____ C:\WINDOWS\BRVIDEO.INI
2015-11-30 17:33 - 2014-04-30 11:02 - 00000012 _____ C:\WINDOWS\Brownie.ini
2015-11-30 17:16 - 2013-12-02 14:35 - 00000000 ____D C:\Program Files (x86)\EFILive
2015-11-27 22:52 - 2013-11-13 15:21 - 00041913 _____ C:\WINDOWS\diagwrn.xml
2015-11-27 22:52 - 2013-11-13 15:21 - 00041913 _____ C:\WINDOWS\diagerr.xml
2015-11-27 22:49 - 2013-11-13 15:36 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-27 22:49 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Registration
2015-11-27 22:39 - 2013-07-08 07:08 - 00879220 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-11-27 22:35 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-27 21:46 - 2013-11-13 18:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-21 10:40 - 2014-04-20 09:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

==================== Files in the root of some directories =======

2015-12-19 11:29 - 2015-12-19 11:29 - 0000366 _____ () C:\Users\kevdoyle\AppData\Local\LMIR0001.tmp_r.bat
2014-08-17 09:43 - 2014-08-17 09:43 - 0007605 _____ () C:\Users\kevdoyle\AppData\Local\Resmon.ResmonCfg
2013-09-03 21:40 - 2013-09-03 21:40 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-08 07:10 - 2013-07-08 07:10 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-07-08 07:06 - 2013-07-08 07:07 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-07-08 07:07 - 2013-07-08 07:09 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-07-08 07:06 - 2013-07-08 07:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-07-08 07:09 - 2013-07-08 07:10 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-23 05:41

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:19-12-2015
Ran by kevdoyle (2015-12-19 12:08:28)
Running from C:\Users\kevdoyle\Downloads
Windows 8.1 (X64) (2013-11-13 22:13:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-923276780-2868197199-3824160207-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-923276780-2868197199-3824160207-501 - Limited - Enabled)
kevdoyle (S-1-5-21-923276780-2868197199-3824160207-1001 - Administrator - Enabled) => C:\Users\kevdoyle

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) <==== ATTENTION
AMD Catalyst Install Manager (HKLM\...\{34397444-D51C-ADCC-799D-82361E573488}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Brother HL-4040CN (HKLM-x32\...\{5D0266D4-C7F5-49C0-AA68-80401CF1C9B8}) (Version: 1.00 - Brother)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Craigs List Anywhere Pro (HKLM-x32\...\com.cobaltfire.cladesktop.pro) (Version: 1.5.8 - UNKNOWN)
Craigs List Anywhere Pro (x32 Version: 1.5.8 - UNKNOWN) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.6 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.6 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.7.0 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
EFILive Scan And Tune (HKLM-x32\...\EFILive Scan And TuneV8.2) (Version: V8.2 - EFILive Limited)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 en-US)) (Version: 17.0.8 - Mozilla)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\@@[email protected]@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File
CustomCLSID: HKU\S-1-5-21-923276780-2868197199-3824160207-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => No File

==================== Restore Points =========================

18-12-2015 12:34:37 pre time machine

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D38F642-21A6-4F26-9BBE-289068D210E5} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {1A482067-29ED-43AF-B95A-75C0667693D9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {2DFEDD7E-D10A-4744-93D2-31A7CCAB6414} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-18] (Adobe Systems Incorporated)
Task: {34B4DB6F-07A2-4323-8618-569054EC9DCE} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {45D5349D-0749-4A20-B235-E24623B78B25} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {4BA91B85-5BC6-4E78-9F5C-E858178ACE1A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {63692C0F-D182-46EE-8E27-243A9C831A54} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-18] (Microsoft Corporation)
Task: {6B9023F6-3A55-4F15-B04E-8BEF39056238} - System32\Tasks\{074ABF52-536F-4507-9FE9-E489B59A07A8} => pcalua.exe -a C:\DELL\drivers\0WD12\Win8\Install_CD\setup.exe -d C:\DELL\drivers\0WD12\Win8\Install_CD
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {79BAA4CE-DD19-4639-9B6A-9A468CFDE8A8} - System32\Tasks\START SKYDRIVE => C:\WINDOWS\System32\SkyDrive.exe [2014-10-30] (Microsoft Corporation)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CBC9EEF7-F6A3-4A07-9697-324BBA785DD0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {D4C9CC38-4C4E-4E8B-91B4-E436C7099BAC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {E031D6BE-B9F8-4B7B-B3D3-3644DD170CFE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {FDAF5171-3767-4639-A4FB-306493874E15} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-07-08 07:09 - 2012-04-24 21:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-09-04 22:20 - 2013-09-04 22:20 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-04 22:17 - 2013-09-04 22:17 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-04 22:24 - 2013-09-04 22:24 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2015-11-14 11:15 - 2015-11-14 11:15 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\8a4ebd0132a76f2a7ce438310a41e9d1\PSIClient.ni.dll
2013-07-08 06:58 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-02-14 18:05 - 2012-02-14 18:37 - 11796096 _____ () C:\Users\kevdoyle\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
2013-07-08 07:07 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-09-03 14:11 - 2013-08-01 18:26 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-09-03 14:11 - 2013-08-01 18:26 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-09-03 14:11 - 2013-08-01 18:26 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\dell.com -> dell.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-923276780-2868197199-3824160207-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-923276780-2868197199-3824160207-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\StartupApproved\Run: => "HP Officejet 6500 E710n-z (NET)"
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-923276780-2868197199-3824160207-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2E4A90EF-69E9-4A9A-9C47-42A060D4F63E}] => (Allow) C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8D8567E1-DCCB-4005-9A0E-80E8F7262C3F}] => (Allow) C:\Users\kevdoyle\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9F189982-D0E6-4C16-9089-1079A422F3E2}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{78CDBA2A-075C-4DFB-86A2-43C2A29FFEB4}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{74F50EE1-7788-419C-895C-F86EBF4BDAF5}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{1DF3A0D7-AC80-473C-AA1E-63F7162299D1}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{A81E774F-DC87-4956-9C6B-EA4387ABA2D6}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{2589D586-1EC1-4B56-B5A7-78E0DCC45A40}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{95E080A1-73FC-458B-8673-38774B310CD4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{A373FB95-D82C-4289-9B6C-768CB1948066}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{1B76FE42-670A-4B13-9FAE-5E300F109916}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{3EAE79B2-4770-423F-B745-D9DBB8ECAA01}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{E1B99E8F-515B-4B5B-9445-3F7C245517E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{AC246C8D-E8DB-4280-B089-21DA0AFB70E6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{5CD3578C-FDF7-4BE7-A65E-E38F63A34C05}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{24878220-E346-4A87-9C5B-DFA43CB6596A}C:\users\kevdoyle\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevdoyle\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7CFAF73E-E090-45EA-9724-18E033255304}C:\users\kevdoyle\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevdoyle\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{B823B3D3-5CF4-4077-B649-130AF2F07447}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{F5AE91E6-2DEA-4A27-855A-32B8783BDA19}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{9E8DAF97-098C-4CFE-9CBF-F00E398DFAFD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8214EA55-5425-44A2-AC64-CBECBD38D842}] => (Allow) LPort=2869
FirewallRules: [{9A07DA33-6791-4565-BF41-0255910E80E9}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{4D011318-EC29-49CB-AD7F-E13E3FB476B1}C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3A2322A0-C677-4AE9-A78D-147E72739CFD}C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4DBA0BBC-D0EB-4AD9-8C82-FA50F6BE9C3A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{91259696-F202-4303-90FA-96FC80268434}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{82518C4C-573D-4A85-B32D-092C23A263AE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6DCAEC33-8DB3-4953-8927-65A31BF0B0E6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9D138CD8-3C1D-4467-897E-A82CEC3D4E03}C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D2A32D9E-D401-4CA2-BE14-8C53D9913D25}C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevdoyle\appdata\roaming\spotify\spotify.exe
FirewallRules: [{803C08A3-A13A-490E-A41D-4D35A7FF1903}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C93D5C-71C7-4612-9959-AE230D40A7BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC64D048-8221-456D-BEB7-F980B56CC311}] => (Allow) %systemroot%\system32\alg.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2015 05:35:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: syslinux.exe, version: 0.0.0.0, time stamp: 0x51f0f1aa
Faulting module name: syslinux.exe, version: 0.0.0.0, time stamp: 0x51f0f1aa
Exception code: 0xc0000005
Fault offset: 0x00002dd1
Faulting process id: 0x1540
Faulting application start time: 0xsyslinux.exe0
Faulting application path: syslinux.exe1
Faulting module path: syslinux.exe2
Report Id: syslinux.exe3
Faulting package full name: syslinux.exe4
Faulting package-relative application ID: syslinux.exe5

Error: (12/18/2015 05:30:47 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program RunSanDiskSecureAccess_Win.exe because of this error.

Program: RunSanDiskSecureAccess_Win.exe
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
    - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000098
Disk type: 0

Error: (12/18/2015 05:30:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RunSanDiskSecureAccess_Win.exe, version: 0.0.0.0, time stamp: 0x4f3af04b
Faulting module name: dmBackup.dll, version: 0.0.0.0, time stamp: 0x4f3ae632
Exception code: 0xc0000006
Fault offset: 0x005bb588
Faulting process id: 0x9d8
Faulting application start time: 0xRunSanDiskSecureAccess_Win.exe0
Faulting application path: RunSanDiskSecureAccess_Win.exe1
Faulting module path: RunSanDiskSecureAccess_Win.exe2
Report Id: RunSanDiskSecureAccess_Win.exe3
Faulting package full name: RunSanDiskSecureAccess_Win.exe4
Faulting package-relative application ID: RunSanDiskSecureAccess_Win.exe5

Error: (12/18/2015 03:54:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e74

Start Time: 01d139d58d7cba23

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 812d4178-a5c9-11e5-beb7-645a045495b6

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (12/18/2015 03:39:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 704

Start Time: 01d139d3751e20a4

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 699798d6-a5c7-11e5-beb7-645a045495b6

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (12/18/2015 03:08:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
Faulting module name: usercpl.dll, version: 6.3.9600.17415, time stamp: 0x54504367
Exception code: 0xc0000005
Fault offset: 0x0000000000017fe9
Faulting process id: 0x8bc
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (12/18/2015 12:10:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6c0

Start Time: 01d139b64525ed6a

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 38f15e20-a5aa-11e5-beb4-645a045495b6

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (12/18/2015 12:10:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d88

Start Time: 01d139b64555944a

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 39eb6855-a5aa-11e5-beb4-645a045495b6

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (12/18/2015 12:07:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KDLAPTOP)
Description: Activation of app Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/18/2015 11:15:21 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (12/18/2015 06:08:18 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (12/18/2015 06:07:19 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (12/18/2015 05:52:47 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (12/18/2015 05:50:05 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (12/18/2015 05:47:09 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (12/18/2015 03:05:08 PM) (Source: DCOM) (EventID: 10010) (User: KDlaptop)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/18/2015 03:05:07 PM) (Source: DCOM) (EventID: 10010) (User: KDlaptop)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/18/2015 03:05:07 PM) (Source: DCOM) (EventID: 10010) (User: KDlaptop)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/18/2015 03:05:06 PM) (Source: DCOM) (EventID: 10010) (User: KDlaptop)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/18/2015 03:05:06 PM) (Source: DCOM) (EventID: 10010) (User: KDlaptop)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


CodeIntegrity:
===================================
  Date: 2015-12-18 18:06:51.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 18:06:50.864
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 18:06:50.239
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 18:06:25.003
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 18:06:24.206
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 18:06:23.550
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 18:06:22.816
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-18 09:54:08.367
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-18 09:54:07.516
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-18 09:54:06.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU 2127U @ 1.90GHz
Percentage of memory in use: 33%
Total physical RAM: 8073.27 MB
Available physical RAM: 5359.29 MB
Total Virtual: 8073.27 MB
Available Virtual: 5512.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.46 GB) (Free:226.7 GB) NTFS
Drive f: (UUI) (Removable) (Total:59.56 GB) (Free:16.41 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 16A96274)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 59.6 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=59.6 GB) - (Type=0C)

==================== End of Addition.txt ============================

 


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP