I'm not sure what is going on, but I thought I would start here and make sure she's not infected. She says her phone and her hubby's tablets work just fine at home on the internet, but
her laptop moves like crap
Help Please
FRST Scan
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by MICHELE (administrator) on MICHELE-PC (15-02-2016 11:53:33)
Running from C:\Users\MICHELE\Desktop
Loaded Profiles: MICHELE (Available Profiles: MICHELE)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Symantec Corporation) C:\Program Files (x86)\PC Checkup\PCCU.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKU\S-1-5-21-47984466-8570645-183781455-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-19] (Google Inc.)
HKU\S-1-5-21-47984466-8570645-183781455-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6564120 2014-07-25] (SUPERAntiSpyware)
HKU\S-1-5-21-47984466-8570645-183781455-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1044224 2013-04-07] ()
HKU\S-1-5-21-47984466-8570645-183781455-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{40F5B95F-8709-4673-BC63-8F8E7FA2012D}: [DhcpNameServer] 10.0.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.coupons.com/
HKU\S-1-5-21-47984466-8570645-183781455-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.coupons.com/
HKU\S-1-5-21-47984466-8570645-183781455-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com/?cid=C001B2Y
SearchScopes: HKLM -> DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
SearchScopes: HKLM-x32 -> DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
SearchScopes: HKU\S-1-5-21-47984466-8570645-183781455-1000 -> DefaultScope {E4923A94-0CC4-4622-A6F6-7F60642CB36D} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO_enUS483
SearchScopes: HKU\S-1-5-21-47984466-8570645-183781455-1000 -> C9CED3DFB6A44CE38909215F02EFD1E2 URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO_enUS483
SearchScopes: HKU\S-1-5-21-47984466-8570645-183781455-1000 -> {E4923A94-0CC4-4622-A6F6-7F60642CB36D} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO_enUS483
SearchScopes: HKU\S-1-5-21-47984466-8570645-183781455-1000 -> {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-30] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-47984466-8570645-183781455-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-47984466-8570645-183781455-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-30] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.moondographics.com/kady.htm
CHR StartupUrls: Default -> "hxxp://www.moondographics.com/kady.htm"
CHR NewTab: Default -> "chrome-extension://fddgbombopilgefffbcgcfneiejeclia/stubby.html"
CHR Profile: C:\Users\MICHELE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\MICHELE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\MICHELE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (BetterCareerSearch) - C:\Users\MICHELE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fddgbombopilgefffbcgcfneiejeclia [2016-01-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MICHELE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\MICHELE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-12-21] (SUPERAntiSpyware.com) [File not signed]
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413104 2015-03-04] (Coupons.com Inc.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-09-28] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2013-09-02] (CACE Technologies, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-15 11:53 - 2016-02-15 11:55 - 00017074 _____ C:\Users\MICHELE\Desktop\FRST.txt
2016-02-15 11:53 - 2016-02-15 11:53 - 00000000 ____D C:\FRST
2016-02-15 11:52 - 2016-02-15 11:25 - 02370560 _____ (Farbar) C:\Users\MICHELE\Desktop\FRST64.exe
2016-02-09 18:02 - 2016-02-09 18:02 - 08817344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-21 20:35 - 2016-01-21 20:35 - 00000000 ____D C:\Users\MICHELE\AppData\Local\{0C78106F-1960-46B6-B5E2-3A8610B90BF1}
2016-01-21 20:27 - 2016-01-21 20:27 - 00000000 ____D C:\Users\MICHELE\AppData\Local\{6FD1866A-7EC4-4460-BF8E-F23DB230E486}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-15 12:02 - 2013-02-24 19:37 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-02-15 12:01 - 2012-09-06 20:57 - 00000260 _____ C:\windows\Tasks\HP Photo Creations Messager.job
2016-02-15 11:49 - 2012-03-19 08:29 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-15 11:47 - 2009-07-13 22:20 - 00000000 ____D C:\windows\inf
2016-02-15 11:39 - 2009-07-14 00:13 - 00783464 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-15 11:37 - 2015-03-03 21:29 - 00000000 ____D C:\windows\system32\MRT
2016-02-15 11:34 - 2012-03-19 08:29 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-14 12:26 - 2015-03-03 21:29 - 146614896 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-02-14 11:58 - 2013-01-16 19:30 - 00003966 _____ C:\windows\System32\Tasks\PC Checkup 3 Weekly Scan
2016-02-14 11:55 - 2009-07-13 23:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-14 11:55 - 2009-07-13 23:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-14 11:53 - 2012-03-19 08:23 - 00000000 ____D C:\Program Files (x86)\TOSHIBA Games
2016-02-14 11:53 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-14 11:51 - 2012-03-19 08:23 - 00000000 ____D C:\ProgramData\WildTangent
2016-02-14 11:51 - 2012-03-19 08:23 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-02-12 05:59 - 2012-05-10 23:18 - 00000000 ____D C:\Users\MICHELE\AppData\Local\Google
2016-02-11 19:36 - 2012-12-31 20:46 - 00015872 ___SH C:\Users\MICHELE\Desktop\Thumbs.db
2016-02-11 19:35 - 2012-03-19 08:29 - 00002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-11 06:36 - 2014-07-06 10:11 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-09 18:03 - 2013-02-24 19:37 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 18:03 - 2013-02-24 19:37 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 18:03 - 2011-10-30 22:37 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-06 09:33 - 2013-09-13 14:56 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-02-04 06:54 - 2012-06-26 20:28 - 05370880 ___SH C:\Users\MICHELE\Downloads\Thumbs.db
2016-02-02 22:04 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-02 07:03 - 2012-03-19 08:29 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 07:03 - 2012-03-19 08:29 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 07:07 - 2015-10-28 18:33 - 00000000 ____D C:\Users\MICHELE\AppData\Local\ElevatedDiagnostics
2016-01-16 08:19 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache
==================== Files in the root of some directories =======
2014-07-26 11:56 - 2014-07-26 11:56 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{09AFF31B-4306-4CF0-92F7-7A372E55CF8A}
2014-12-26 02:38 - 2014-12-26 02:38 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{1C6D4A61-9939-477E-8885-1D78E04D1D1D}
2014-12-18 22:57 - 2014-12-18 22:57 - 0001477 _____ () C:\Users\MICHELE\AppData\Local\{1F84ECA3-7E5A-4D10-A861-6D35881C4C67}
2015-09-19 07:16 - 2015-09-19 07:16 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{8B9BB3AB-2EBD-4203-8F35-E042AA763AF3}
2014-08-15 23:33 - 2014-08-15 23:33 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{9A5CCE76-5229-4B4B-AA67-7A73D69799F3}
2014-07-21 10:39 - 2014-07-21 10:39 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{A28F2EAA-B8B0-457F-B53F-99B5527B5FB1}
2015-01-03 04:02 - 2015-01-03 04:02 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{CBCAFFFB-BD52-45F9-80E7-18DBA0646D3B}
2015-04-12 19:23 - 2015-04-12 19:23 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{DBD6E44E-1B87-4BCD-8D65-FBA7EDD55167}
2014-12-30 03:46 - 2014-12-30 03:46 - 0000000 _____ () C:\Users\MICHELE\AppData\Local\{DCEDFDA6-ACD5-4B24-A607-D05C27C318AA}
2012-09-06 20:55 - 2012-09-06 20:55 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-11 06:21
==================== End of FRST.txt ============================
Addition Scan
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by MICHELE (2016-02-15 12:07:19)
Running from C:\Users\MICHELE\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-05-11 04:12:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-47984466-8570645-183781455-500 - Administrator - Disabled)
Guest (S-1-5-21-47984466-8570645-183781455-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-47984466-8570645-183781455-1002 - Limited - Enabled)
MICHELE (S-1-5-21-47984466-8570645-183781455-1000 - Administrator - Enabled) => C:\Users\MICHELE
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{4ACA5AE7-E68C-5A48-F8E6-D67946267506}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bing Bar (HKLM-x32\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.5) (Version: 5.0.1.5 - Coupons.com Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ETDWare PS/2-X64 8.0.8.0_R01 (HKLM\...\Elantech) (Version: 8.0.8.0 - ELAN Microelectronic Corp.)
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
Java 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.2.28.24.exe - NETGEAR Inc.)
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.4.81.0 - Symantec Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1134 - SUPERAntiSpyware.com)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}) (Version: 2.2.7530 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.3 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.15.0 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3B889121-CD55-4117-A478-7DE37ACF78E8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {50E3E14C-D7C4-49C6-9360-D7E2F80F74DB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {60871062-59B3-4644-A038-96E50566B456} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {663FEFC8-114C-4BDC-B5C8-EEB8FAF49873} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {7DAA7B3D-E9DC-459F-BEF6-2DAA60BF819B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A4383552-15D5-46BB-8D8F-2ADFC79F3268} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {C6161881-3501-48E3-869D-76FEF9403733} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\PC Checkup\NLAppLauncher.exe [2013-09-28] (Symantec Corporation)
Task: {CB6CFF31-6B38-43F7-AD95-8F883563F736} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {F30345E9-8720-4E6A-8A27-366B3E200C2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-11-18 19:18 - 2010-11-18 19:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2013-04-07 06:38 - 2013-04-07 06:38 - 01044224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
2013-04-07 06:42 - 2013-04-07 06:42 - 00123136 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2011-06-08 00:11 - 2011-06-08 00:11 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 12:17 - 2011-03-22 12:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-09 23:09 - 2011-06-09 23:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 00011362 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\mingwm10.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 00043008 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtCore4.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 09814016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtGui4.dll
2013-06-04 20:22 - 2013-06-04 20:22 - 00481280 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2013-03-27 03:42 - 2013-03-27 03:42 - 01553920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 01140224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtNetwork4.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 00399360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtXml4.dll
2013-05-09 22:12 - 2013-05-09 22:12 - 00229888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2013-03-27 03:43 - 2013-03-27 03:43 - 01067520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2013-05-28 01:21 - 2013-05-28 01:21 - 04334592 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2013-03-27 03:52 - 2013-03-27 03:52 - 00500736 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2013-03-27 03:50 - 2013-03-27 03:50 - 00186368 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2013-03-27 03:51 - 2013-03-27 03:51 - 01198080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2013-05-14 21:56 - 2013-05-14 21:56 - 08432128 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2013-04-28 01:25 - 2013-04-28 01:25 - 01205760 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2013-03-27 03:42 - 2013-03-27 03:42 - 00088064 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2013-03-27 03:51 - 2013-03-27 03:51 - 00641536 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2013-05-14 00:18 - 2013-05-14 00:18 - 00931840 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2013-03-27 03:49 - 2013-03-27 03:49 - 00438272 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif4.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico4.dll
2013-02-19 01:46 - 2013-02-19 01:46 - 00287232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2013-03-27 03:42 - 2013-03-27 03:42 - 00137728 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2013-03-26 21:58 - 2013-03-26 21:58 - 00139264 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2012-11-29 04:56 - 2012-11-29 04:56 - 03332720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2013-03-26 21:58 - 2013-03-26 21:58 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.DLL
2013-03-26 21:58 - 2013-03-26 21:58 - 00074752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2013-03-26 21:58 - 2013-03-26 21:58 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2013-03-27 03:51 - 2013-03-27 03:51 - 00714240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2013-03-27 03:49 - 2013-03-27 03:49 - 00485376 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2013-03-27 03:49 - 2013-03-27 03:49 - 00116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2013-03-26 21:58 - 2013-03-26 21:58 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2016-02-11 19:34 - 2016-02-09 06:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-11 19:34 - 2016-02-09 06:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2016-02-14 11:49 - 00000832 ____A C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-47984466-8570645-183781455-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MICHELE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A75294BF-6D28-4190-9F30-9486B0656966}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D09F841C-3ED7-4C01-9C4F-C0D9B114F558}] => (Allow) LPort=2869
FirewallRules: [{43FD5422-C754-41E9-80F0-F7306695CD76}] => (Allow) LPort=1900
FirewallRules: [{18E36171-96E6-486F-BF4E-777316285C52}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3C8ED9E3-A07F-4BF8-8452-E16E2B3ACD0F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{17F97F53-4F88-483D-9B3F-632CA04ECF6E}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{AD5884C6-E380-4314-B210-2565B57BB0C1}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{3D4F8488-CBB9-4E20-ADDB-1BE90D8ABDFC}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{EFB146BE-9234-44B0-AA52-DCBDA8F76107}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{D6C32582-5BC9-46D8-A89A-527BAD9F0197}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
12-01-2016 07:04:37 Windows Update
14-01-2016 06:03:02 Windows Update
15-01-2016 06:48:30 Windows Modules Installer
19-01-2016 19:54:57 Windows Update
26-01-2016 23:54:13 Windows Update
03-02-2016 06:12:34 Windows Update
03-02-2016 06:15:01 Scheduled Checkpoint
11-02-2016 07:45:09 Windows Update
12-02-2016 05:56:46 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/15/2016 11:33:35 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
Error: (02/13/2016 11:41:21 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
ErrorCode: 14007(0x36b7).
Error: (02/11/2016 07:30:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 3.28.0.1913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1b3c
Start Time: 01d1652bbf5897d7
Termination Time: 7472
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: b8e49e10-d11f-11e5-bd7b-00266c0d3307
Error: (02/11/2016 06:04:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 3.28.0.1913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 5e0
Start Time: 01d1651cf09a0965
Termination Time: 18595
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: cd622b1a-d113-11e5-bd7b-00266c0d3307
Error: (02/11/2016 06:04:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 3.28.0.1913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1408
Start Time: 01d1651c70194739
Termination Time: 15912
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: c3c4dc40-d113-11e5-bd7b-00266c0d3307
Error: (02/11/2016 05:38:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 3.28.0.1913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1da4
Start Time: 01d1651c437c3ce0
Termination Time: 11559
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: 1b4c3bbb-d110-11e5-bd7b-00266c0d3307
Error: (02/11/2016 05:37:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 3.28.0.1913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 10c4
Start Time: 01d1651c71537cdd
Termination Time: 23416
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: 000d67f7-d110-11e5-bd7b-00266c0d3307
Error: (02/11/2016 05:37:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 3.28.0.1913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1ec4
Start Time: 01d1651c5bdd94ea
Termination Time: 20700
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: f51c0f41-d10f-11e5-bd7b-00266c0d3307
Error: (02/11/2016 05:33:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 3.28.0.1913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1ef0
Start Time: 01d1651b9740aff0
Termination Time: 16333
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: 725414f0-d10f-11e5-bd7b-00266c0d3307
Error: (02/11/2016 03:39:52 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
System errors:
=============
Error: (02/14/2016 06:35:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
Error: (02/14/2016 12:23:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053
Error: (02/14/2016 12:23:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
Error: (02/14/2016 11:44:47 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
Error: (02/13/2016 05:45:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (02/13/2016 11:41:42 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
Error: (02/13/2016 08:17:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
Error: (02/13/2016 08:16:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
Error: (02/13/2016 03:01:01 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
Error: (02/12/2016 08:04:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
==================== Memory info ===========================
Processor: AMD E-300 APU with Radeon HD Graphics
Percentage of memory in use: 73%
Total physical RAM: 3686.87 MB
Available physical RAM: 963.77 MB
Total Virtual: 7371.94 MB
Available Virtual: 3034.41 MB
==================== Drives ================================
Drive c: (TI106302W0C) (Fixed) (Total:282.92 GB) (Free:154.66 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (STORE N GO) (Removable) (Total:14.41 GB) (Free:7.23 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 20C94C86)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=282.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=17)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: 9C9ECCA9)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0C)
==================== End of Addition.txt ============================