Many times wifi won't load while still showing connection. It will just be searching to lad the page.
Also, downloading large files is a problem.
Thanks for your help.
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
Many times wifi won't load while still showing connection. It will just be searching to lad the page.
Also, downloading large files is a problem.
Thanks for your help.
# AdwCleaner v5.200 - Logfile created 20/06/2016 at 11:54:11
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-20.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Luke - RPLUKE-PC
# Running from : C:\Users\Luke\Downloads\AdwCleaner(1).exe
# Option : Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : CouponPrinterService
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\slimware utilities inc
[#] Folder Deleted : C:\ProgramData\Application Data\Ask
[#] Folder Deleted : C:\ProgramData\Application Data\slimware utilities inc
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\slimcleaner plus
[-] Folder Deleted : C:\Program Files (x86)\Coupons
[-] Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
[-] Folder Deleted : C:\Program Files\slimcleaner plus
[-] Folder Deleted : C:\Program Files\slimservice
***** [ Files ] *****
[-] File Deleted : C:\Users\Public\Desktop\eBay.lnk
[-] File Deleted : C:\Users\Public\Desktop\slimcleaner plus.lnk
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : SlimCleaner Plus (Scheduled Scan - rpluke)
[-] Task Deleted : SlimCleaner Plus (Scheduled Scan - rpluke)
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\inbox
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : [x64] HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key Deleted : HKU\S-1-5-21-2233979149-4233434921-1847507767-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Freecause
[-] Key Deleted : HKU\S-1-5-21-2233979149-4233434921-1847507767-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Freecause
[-] Key Deleted : HKU\S-1-5-21-2233979149-4233434921-1847507767-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKU\S-1-5-21-2233979149-4233434921-1847507767-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{034D35DF-73AB-494A-B194-4B82EE4E7055}
[-] Key Deleted : HKU\S-1-5-21-2233979149-4233434921-1847507767-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\apnews.myway.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\directionsace.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mapsgalaxy.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myway.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\radiorage.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\researchresults.com
***** [ Web browsers ] *****
[-] [C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4677 bytes] - [20/06/2016 11:54:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [4545 bytes] - [20/06/2016 11:49:21]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4823 bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64
Ran by Luke (Administrator) on Mon 06/20/2016 at 12:06:11.30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 292
Failed to delete: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0RBBQ4VQ (Temporary Internet Files Folder)
Failed to delete: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GE6BJA3 (Temporary Internet Files Folder)
Failed to delete: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\65MQPREB (Temporary Internet Files Folder)
Failed to delete: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9C2QK0TM (Temporary Internet Files Folder)
Failed to delete: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT4OGCKA (Temporary Internet Files Folder)
Successfully deleted: C:\windows\couponprinter.ocx (File)
Successfully deleted: C:\windows\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\ProgramData\SPL1.tmp (File)
Successfully deleted: C:\ProgramData\SPL1195.tmp (File)
Successfully deleted: C:\ProgramData\SPL11C5.tmp (File)
Successfully deleted: C:\ProgramData\SPL1365.tmp (File)
Successfully deleted: C:\ProgramData\SPL1368.tmp (File)
Successfully deleted: C:\ProgramData\SPL1564.tmp (File)
Successfully deleted: C:\ProgramData\SPL188D.tmp (File)
Successfully deleted: C:\ProgramData\SPL19F9.tmp (File)
Successfully deleted: C:\ProgramData\SPL1B65.tmp (File)
Successfully deleted: C:\ProgramData\SPL1B95.tmp (File)
Successfully deleted: C:\ProgramData\SPL1C15.tmp (File)
Successfully deleted: C:\ProgramData\SPL1C56.tmp (File)
Successfully deleted: C:\ProgramData\SPL1E05.tmp (File)
Successfully deleted: C:\ProgramData\SPL23C8.tmp (File)
Successfully deleted: C:\ProgramData\SPL258D.tmp (File)
Successfully deleted: C:\ProgramData\SPL26A3.tmp (File)
Successfully deleted: C:\ProgramData\SPL26D9.tmp (File)
Successfully deleted: C:\ProgramData\SPL28D2.tmp (File)
Successfully deleted: C:\ProgramData\SPL2903.tmp (File)
Successfully deleted: C:\ProgramData\SPL2906.tmp (File)
Successfully deleted: C:\ProgramData\SPL2970.tmp (File)
Successfully deleted: C:\ProgramData\SPL2A8.tmp (File)
Successfully deleted: C:\ProgramData\SPL2B38.tmp (File)
Successfully deleted: C:\ProgramData\SPL2DA5.tmp (File)
Successfully deleted: C:\ProgramData\SPL2E5F.tmp (File)
Successfully deleted: C:\ProgramData\SPL3156.tmp (File)
Successfully deleted: C:\ProgramData\SPL32C7.tmp (File)
Successfully deleted: C:\ProgramData\SPL3309.tmp (File)
Successfully deleted: C:\ProgramData\SPL338F.tmp (File)
Successfully deleted: C:\ProgramData\SPL346B.tmp (File)
Successfully deleted: C:\ProgramData\SPL35A0.tmp (File)
Successfully deleted: C:\ProgramData\SPL39E1.tmp (File)
Successfully deleted: C:\ProgramData\SPL3A42.tmp (File)
Successfully deleted: C:\ProgramData\SPL3CDF.tmp (File)
Successfully deleted: C:\ProgramData\SPL3EE2.tmp (File)
Successfully deleted: C:\ProgramData\SPL3F68.tmp (File)
Successfully deleted: C:\ProgramData\SPL3FB1.tmp (File)
Successfully deleted: C:\ProgramData\SPL4087.tmp (File)
Successfully deleted: C:\ProgramData\SPL4967.tmp (File)
Successfully deleted: C:\ProgramData\SPL49A.tmp (File)
Successfully deleted: C:\ProgramData\SPL49B.tmp (File)
Successfully deleted: C:\ProgramData\SPL4A17.tmp (File)
Successfully deleted: C:\ProgramData\SPL4AA6.tmp (File)
Successfully deleted: C:\ProgramData\SPL5088.tmp (File)
Successfully deleted: C:\ProgramData\SPL533D.tmp (File)
Successfully deleted: C:\ProgramData\SPL538C.tmp (File)
Successfully deleted: C:\ProgramData\SPL53ED.tmp (File)
Successfully deleted: C:\ProgramData\SPL5548.tmp (File)
Successfully deleted: C:\ProgramData\SPL564D.tmp (File)
Successfully deleted: C:\ProgramData\SPL56E3.tmp (File)
Successfully deleted: C:\ProgramData\SPL5772.tmp (File)
Successfully deleted: C:\ProgramData\SPL5A8C.tmp (File)
Successfully deleted: C:\ProgramData\SPL5B9A.tmp (File)
Successfully deleted: C:\ProgramData\SPL5C4C.tmp (File)
Successfully deleted: C:\ProgramData\SPL5C52.tmp (File)
Successfully deleted: C:\ProgramData\SPL5DDC.tmp (File)
Successfully deleted: C:\ProgramData\SPL5FCE.tmp (File)
Successfully deleted: C:\ProgramData\SPL60C6.tmp (File)
Successfully deleted: C:\ProgramData\SPL6159.tmp (File)
Successfully deleted: C:\ProgramData\SPL624E.tmp (File)
Successfully deleted: C:\ProgramData\SPL6386.tmp (File)
Successfully deleted: C:\ProgramData\SPL63A0.tmp (File)
Successfully deleted: C:\ProgramData\SPL64BE.tmp (File)
Successfully deleted: C:\ProgramData\SPL6663.tmp (File)
Successfully deleted: C:\ProgramData\SPL68B1.tmp (File)
Successfully deleted: C:\ProgramData\SPL6BEA.tmp (File)
Successfully deleted: C:\ProgramData\SPL6D7A.tmp (File)
Successfully deleted: C:\ProgramData\SPL6EB7.tmp (File)
Successfully deleted: C:\ProgramData\SPL6F88.tmp (File)
Successfully deleted: C:\ProgramData\SPL72C0.tmp (File)
Successfully deleted: C:\ProgramData\SPL77B2.tmp (File)
Successfully deleted: C:\ProgramData\SPL7829.tmp (File)
Successfully deleted: C:\ProgramData\SPL78D7.tmp (File)
Successfully deleted: C:\ProgramData\SPL7CC0.tmp (File)
Successfully deleted: C:\ProgramData\SPL7D1F.tmp (File)
Successfully deleted: C:\ProgramData\SPL7EC4.tmp (File)
Successfully deleted: C:\ProgramData\SPL82E5.tmp (File)
Successfully deleted: C:\ProgramData\SPL8369.tmp (File)
Successfully deleted: C:\ProgramData\SPL8504.tmp (File)
Successfully deleted: C:\ProgramData\SPL8555.tmp (File)
Successfully deleted: C:\ProgramData\SPL8631.tmp (File)
Successfully deleted: C:\ProgramData\SPL8747.tmp (File)
Successfully deleted: C:\ProgramData\SPL877.tmp (File)
Successfully deleted: C:\ProgramData\SPL8883.tmp (File)
Successfully deleted: C:\ProgramData\SPL89AA.tmp (File)
Successfully deleted: C:\ProgramData\SPL89C2.tmp (File)
Successfully deleted: C:\ProgramData\SPL8A6C.tmp (File)
Successfully deleted: C:\ProgramData\SPL8B41.tmp (File)
Successfully deleted: C:\ProgramData\SPL8C40.tmp (File)
Successfully deleted: C:\ProgramData\SPL8F9A.tmp (File)
Successfully deleted: C:\ProgramData\SPL904.tmp (File)
Successfully deleted: C:\ProgramData\SPL90AA.tmp (File)
Successfully deleted: C:\ProgramData\SPL9119.tmp (File)
Successfully deleted: C:\ProgramData\SPL9141.tmp (File)
Successfully deleted: C:\ProgramData\SPL91B1.tmp (File)
Successfully deleted: C:\ProgramData\SPL9319.tmp (File)
Successfully deleted: C:\ProgramData\SPL93C8.tmp (File)
Successfully deleted: C:\ProgramData\SPL95BA.tmp (File)
Successfully deleted: C:\ProgramData\SPL9694.tmp (File)
Successfully deleted: C:\ProgramData\SPL9720.tmp (File)
Successfully deleted: C:\ProgramData\SPL9953.tmp (File)
Successfully deleted: C:\ProgramData\SPL9989.tmp (File)
Successfully deleted: C:\ProgramData\SPL99A9.tmp (File)
Successfully deleted: C:\ProgramData\SPL9A6E.tmp (File)
Successfully deleted: C:\ProgramData\SPL9AE6.tmp (File)
Successfully deleted: C:\ProgramData\SPL9BD9.tmp (File)
Successfully deleted: C:\ProgramData\SPL9C3.tmp (File)
Successfully deleted: C:\ProgramData\SPL9D2A.tmp (File)
Successfully deleted: C:\ProgramData\SPL9D97.tmp (File)
Successfully deleted: C:\ProgramData\SPL9E45.tmp (File)
Successfully deleted: C:\ProgramData\SPL9F2.tmp (File)
Successfully deleted: C:\ProgramData\SPLA0B5.tmp (File)
Successfully deleted: C:\ProgramData\SPLA0F9.tmp (File)
Successfully deleted: C:\ProgramData\SPLA61C.tmp (File)
Successfully deleted: C:\ProgramData\SPLA67B.tmp (File)
Successfully deleted: C:\ProgramData\SPLA6F3.tmp (File)
Successfully deleted: C:\ProgramData\SPLA7C4.tmp (File)
Successfully deleted: C:\ProgramData\SPLA857.tmp (File)
Successfully deleted: C:\ProgramData\SPLA89D.tmp (File)
Successfully deleted: C:\ProgramData\SPLA8C0.tmp (File)
Successfully deleted: C:\ProgramData\SPLAC58.tmp (File)
Successfully deleted: C:\ProgramData\SPLADD9.tmp (File)
Successfully deleted: C:\ProgramData\SPLAE7A.tmp (File)
Successfully deleted: C:\ProgramData\SPLAF50.tmp (File)
Successfully deleted: C:\ProgramData\SPLB306.tmp (File)
Successfully deleted: C:\ProgramData\SPLB358.tmp (File)
Successfully deleted: C:\ProgramData\SPLB386.tmp (File)
Successfully deleted: C:\ProgramData\SPLB657.tmp (File)
Successfully deleted: C:\ProgramData\SPLB685.tmp (File)
Successfully deleted: C:\ProgramData\SPLB75.tmp (File)
Successfully deleted: C:\ProgramData\SPLBA1B.tmp (File)
Successfully deleted: C:\ProgramData\SPLBC37.tmp (File)
Successfully deleted: C:\ProgramData\SPLBCAA.tmp (File)
Successfully deleted: C:\ProgramData\SPLBDF9.tmp (File)
Successfully deleted: C:\ProgramData\SPLBFD3.tmp (File)
Successfully deleted: C:\ProgramData\SPLC033.tmp (File)
Successfully deleted: C:\ProgramData\SPLC063.tmp (File)
Successfully deleted: C:\ProgramData\SPLC0C0.tmp (File)
Successfully deleted: C:\ProgramData\SPLC323.tmp (File)
Successfully deleted: C:\ProgramData\SPLC532.tmp (File)
Successfully deleted: C:\ProgramData\SPLC683.tmp (File)
Successfully deleted: C:\ProgramData\SPLC861.tmp (File)
Successfully deleted: C:\ProgramData\SPLC9B8.tmp (File)
Successfully deleted: C:\ProgramData\SPLCA39.tmp (File)
Successfully deleted: C:\ProgramData\SPLCA90.tmp (File)
Successfully deleted: C:\ProgramData\SPLCB0E.tmp (File)
Successfully deleted: C:\ProgramData\SPLCCF2.tmp (File)
Successfully deleted: C:\ProgramData\SPLD181.tmp (File)
Successfully deleted: C:\ProgramData\SPLD4CC.tmp (File)
Successfully deleted: C:\ProgramData\SPLD659.tmp (File)
Successfully deleted: C:\ProgramData\SPLD7A7.tmp (File)
Successfully deleted: C:\ProgramData\SPLD846.tmp (File)
Successfully deleted: C:\ProgramData\SPLD913.tmp (File)
Successfully deleted: C:\ProgramData\SPLD98C.tmp (File)
Successfully deleted: C:\ProgramData\SPLDAB3.tmp (File)
Successfully deleted: C:\ProgramData\SPLDB89.tmp (File)
Successfully deleted: C:\ProgramData\SPLDF2B.tmp (File)
Successfully deleted: C:\ProgramData\SPLE108.tmp (File)
Successfully deleted: C:\ProgramData\SPLE16C.tmp (File)
Successfully deleted: C:\ProgramData\SPLE1A7.tmp (File)
Successfully deleted: C:\ProgramData\SPLE36C.tmp (File)
Successfully deleted: C:\ProgramData\SPLE36D.tmp (File)
Successfully deleted: C:\ProgramData\SPLE548.tmp (File)
Successfully deleted: C:\ProgramData\SPLE562.tmp (File)
Successfully deleted: C:\ProgramData\SPLE676.tmp (File)
Successfully deleted: C:\ProgramData\SPLE789.tmp (File)
Successfully deleted: C:\ProgramData\SPLE89D.tmp (File)
Successfully deleted: C:\ProgramData\SPLE917.tmp (File)
Successfully deleted: C:\ProgramData\SPLEA9D.tmp (File)
Successfully deleted: C:\ProgramData\SPLEBA4.tmp (File)
Successfully deleted: C:\ProgramData\SPLEC1A.tmp (File)
Successfully deleted: C:\ProgramData\SPLEC40.tmp (File)
Successfully deleted: C:\ProgramData\SPLEDF4.tmp (File)
Successfully deleted: C:\ProgramData\SPLEE25.tmp (File)
Successfully deleted: C:\ProgramData\SPLEF7.tmp (File)
Successfully deleted: C:\ProgramData\SPLF1F4.tmp (File)
Successfully deleted: C:\ProgramData\SPLF49.tmp (File)
Successfully deleted: C:\ProgramData\SPLF605.tmp (File)
Successfully deleted: C:\ProgramData\SPLF68E.tmp (File)
Successfully deleted: C:\ProgramData\SPLF778.tmp (File)
Successfully deleted: C:\ProgramData\SPLF879.tmp (File)
Successfully deleted: C:\ProgramData\SPLF8D2.tmp (File)
Successfully deleted: C:\ProgramData\SPLFAA1.tmp (File)
Successfully deleted: C:\ProgramData\SPLFC8.tmp (File)
Successfully deleted: C:\ProgramData\SPLFD84.tmp (File)
Successfully deleted: C:\ProgramData\SPLFED0.tmp (File)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UYU0P7I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8GMYKTVK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNB53T8C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRJJC51W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F2S96R0F (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHN2DC5V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQFIA8LT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFKRLPDC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NPLAMO1W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJ6S0C6I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XLDMLDXT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPDP0TCE (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0RBBQ4VQ (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GE6BJA3 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\65MQPREB (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UYU0P7I (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8GMYKTVK (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9C2QK0TM (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNB53T8C (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRJJC51W (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F2S96R0F (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHN2DC5V (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQFIA8LT (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT4OGCKA (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFKRLPDC (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NPLAMO1W (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJ6S0C6I (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XLDMLDXT (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPDP0TCE (Temporary Internet Files Folder)
Successfully deleted: C:\windows\SysWOW64\sho115.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho1248.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho12A0.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho1427.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho187B.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho1EB5.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho207A.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho20A7.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho21F.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho225E.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho2B08.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho2E6F.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho2FA.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho2FAF.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho3321.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho3552.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho3B3B.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho3C44.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho4027.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho40B5.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho4517.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho48E1.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho4AF2.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho5AA9.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho5DD5.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho5E7.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho5F5.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho60C3.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho6566.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho6D80.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho7172.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho7174.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho72FC.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho784B.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho7992.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho7AB9.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho8130.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho8341.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho85C2.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho88D6.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho91B1.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho9338.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho9626.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho98B3.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho9996.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho9C1D.tmp (File)
Successfully deleted: C:\windows\SysWOW64\sho9C8A.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoA603.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoA66B.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoAB69.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoAC5.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoB74E.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoB806.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoBB18.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoC08F.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoC0E.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoD191.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoD436.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoD4E8.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoD923.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoDB4F.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoDD04.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoE1F3.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoE61A.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoE6FE.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoEEE4.tmp (File)
Successfully deleted: C:\windows\SysWOW64\shoF4B5.tmp (File)
Registry: 4
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SlimService (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 06/20/2016 at 12:13:25.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2016 01
Ran by Luke (administrator) on RPLUKE-PC (20-06-2016 12:19:21)
Running from C:\Users\Luke\Downloads
Loaded Profiles: QBDataServiceUser24 & Luke (Available Profiles: Richard P. Luke & QBDataServiceUser24 & Luke)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
( ) C:\Windows\System32\lxdicoms.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.223.2074.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1065032 2012-09-13] (Carbonite, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3775800 2014-06-26] (Intuit Inc. All rights reserved.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-10-08] (Google)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2012-09-13] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2012-09-13] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2012-09-13] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2012-09-13] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2012-09-13] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2012-09-13] (Carbonite, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2586DD56-5E75-4A1E-B93F-90A97320C324}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8184F250-DCBA-43B6-A3C2-6B773F6C6F7E}: [DhcpNameServer] 192.168.1.1 71.250.0.12
Internet Explorer:
==================
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.com/
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-24] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho.dll [2010-05-03] ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-05-08] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-05-08] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2011-05-05] (Cozi Group, Inc.)
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll [2012-05-12] (Intuit, Inc.)
Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2014-12-10] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sq7f9n4y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-08-24] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-05-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-05-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-31]
CHR Extension: (Google Drive) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Google Search) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-31]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-10-08] (Google)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 lxdi_device; C:\windows\system32\lxdicoms.exe [876976 2007-06-11] ( )
R2 lxdi_device; C:\windows\SysWOW64\lxdicoms.exe [517040 2007-06-11] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-12-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2014-06-26] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2014-06-26] (Intuit Inc.) [File not signed]
R3 QuickBooksDB24; C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe [679936 2014-06-26] (Intuit, Inc.) [File not signed]
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-20] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-20 12:19 - 2016-06-20 12:20 - 00019249 _____ C:\Users\Luke\Downloads\FRST.txt
2016-06-20 12:18 - 2016-06-20 12:19 - 00000000 ____D C:\FRST
2016-06-20 12:17 - 2016-06-20 12:17 - 02387456 _____ (Farbar) C:\Users\Luke\Downloads\FRST64.exe
2016-06-20 12:14 - 2016-06-20 12:14 - 00004906 _____ C:\Users\Luke\Desktop\AdwCleaner[C1].txt
2016-06-20 12:13 - 2016-06-20 12:15 - 00022098 _____ C:\Users\Luke\Desktop\JRT.txt
2016-06-20 12:04 - 2016-06-20 12:04 - 01610816 _____ (Malwarebytes) C:\Users\Luke\Downloads\JRT.exe
2016-06-20 11:48 - 2016-06-20 11:54 - 00000000 ____D C:\AdwCleaner
2016-06-20 11:48 - 2016-06-20 11:48 - 03703360 _____ C:\Users\Luke\Downloads\AdwCleaner(1).exe
2016-06-20 11:46 - 2016-06-20 11:46 - 03703360 _____ C:\Users\Luke\Downloads\AdwCleaner.exe
2016-06-20 11:44 - 2016-06-20 11:44 - 00000000 ____D C:\Users\Luke\AppData\Local\Macromedia
2016-06-20 11:38 - 2016-06-20 11:45 - 00000000 ____D C:\Users\Luke\AppData\Local\Mozilla
2016-06-20 11:38 - 2016-06-20 11:39 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Mozilla
2016-06-20 11:37 - 2016-06-20 11:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-20 11:37 - 2016-06-20 11:37 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-20 11:37 - 2016-06-20 11:37 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-20 11:37 - 2016-06-20 11:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-20 11:35 - 2016-06-20 11:36 - 00242136 _____ C:\Users\Luke\Desktop\Firefox Setup Stub 47.0.exe
2016-06-17 20:23 - 2016-05-23 19:37 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-06-17 20:23 - 2016-05-23 18:54 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-06-17 20:23 - 2016-05-21 12:57 - 20341248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-06-17 20:23 - 2016-05-20 18:27 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-06-17 20:23 - 2016-05-20 18:27 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-06-17 20:23 - 2016-05-20 18:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-06-17 20:23 - 2016-05-20 18:10 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-06-17 20:23 - 2016-05-20 18:09 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-17 20:23 - 2016-05-20 18:09 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-06-17 20:23 - 2016-05-20 18:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-06-17 20:23 - 2016-05-20 18:08 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-17 20:23 - 2016-05-20 18:08 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-06-17 20:23 - 2016-05-20 18:02 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-17 20:23 - 2016-05-20 18:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-06-17 20:23 - 2016-05-20 17:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-06-17 20:23 - 2016-05-20 17:56 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-06-17 20:23 - 2016-05-20 17:56 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-06-17 20:23 - 2016-05-20 17:55 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-06-17 20:23 - 2016-05-20 17:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-06-17 20:23 - 2016-05-20 17:50 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-06-17 20:23 - 2016-05-20 17:49 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-06-17 20:23 - 2016-05-20 17:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-06-17 20:23 - 2016-05-20 17:45 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-06-17 20:23 - 2016-05-20 17:45 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-06-17 20:23 - 2016-05-20 17:44 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-06-17 20:23 - 2016-05-20 17:44 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-06-17 20:23 - 2016-05-20 17:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-06-17 20:23 - 2016-05-20 17:41 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-06-17 20:23 - 2016-05-20 17:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-06-17 20:23 - 2016-05-20 17:33 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-06-17 20:23 - 2016-05-20 17:32 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-06-17 20:23 - 2016-05-20 17:29 - 13815808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-06-17 20:23 - 2016-05-20 17:27 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-06-17 20:23 - 2016-05-20 17:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-17 20:23 - 2016-05-20 17:26 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-06-17 20:23 - 2016-05-20 17:25 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-06-17 20:23 - 2016-05-20 17:23 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-06-17 20:23 - 2016-05-20 17:23 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-06-17 20:23 - 2016-05-20 17:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-06-17 20:23 - 2016-05-20 17:21 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-06-17 20:23 - 2016-05-20 17:19 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-06-17 20:23 - 2016-05-20 17:14 - 04610048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-06-17 20:23 - 2016-05-20 17:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-06-17 20:23 - 2016-05-20 17:11 - 15420928 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-17 20:23 - 2016-05-20 17:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-06-17 20:23 - 2016-05-20 17:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-06-17 20:23 - 2016-05-20 17:09 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-06-17 20:23 - 2016-05-20 17:08 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-06-17 20:23 - 2016-05-20 17:08 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-17 20:23 - 2016-05-20 17:07 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-06-17 20:23 - 2016-05-20 17:07 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-06-17 20:23 - 2016-05-20 17:06 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-06-17 20:23 - 2016-05-20 16:46 - 02597888 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-17 20:23 - 2016-05-20 16:42 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-06-17 20:23 - 2016-05-20 16:38 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-06-17 20:23 - 2016-05-20 16:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-06-17 20:23 - 2016-05-20 16:34 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-17 20:23 - 2016-05-20 16:23 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-06-17 20:22 - 2016-05-21 13:28 - 25802752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-17 20:22 - 2016-05-20 17:28 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-06-17 15:24 - 2016-06-17 15:24 - 00000000 ____D C:\Users\Luke\AppData\Roaming\TeamViewer
2016-06-17 13:04 - 2016-05-18 12:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-06-17 13:04 - 2016-05-18 12:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-17 13:04 - 2016-05-12 13:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-06-17 13:04 - 2016-05-12 13:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-17 13:04 - 2016-05-12 13:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-06-17 13:04 - 2016-05-11 11:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-06-17 13:04 - 2016-05-11 11:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-06-17 13:04 - 2016-05-11 10:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-17 13:03 - 2016-05-12 13:20 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-17 13:03 - 2016-05-12 13:20 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-06-17 13:03 - 2016-05-12 13:15 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-06-17 13:03 - 2016-05-12 11:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-06-17 13:03 - 2016-05-12 10:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-06-17 13:03 - 2016-05-12 10:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-06-17 13:03 - 2016-05-12 10:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-06-17 13:03 - 2016-05-12 10:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-06-17 13:03 - 2016-05-12 09:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-17 13:03 - 2016-05-12 09:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-17 13:03 - 2016-05-12 09:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-06-17 13:02 - 2016-06-06 12:58 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-17 13:02 - 2016-06-06 12:50 - 01204224 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-17 13:02 - 2016-06-03 09:05 - 01413120 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-06-17 13:02 - 2016-05-22 09:06 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-17 13:02 - 2016-05-13 18:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-06-17 13:02 - 2016-05-13 17:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-06-17 13:02 - 2016-05-13 17:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-06-17 13:02 - 2016-05-13 17:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-06-17 13:02 - 2016-05-13 17:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-06-17 13:02 - 2016-05-13 17:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-06-17 13:02 - 2016-05-12 11:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-06-17 13:02 - 2016-05-11 13:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-17 13:02 - 2016-05-11 11:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-06-17 13:02 - 2016-04-09 02:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-06-17 13:02 - 2016-04-09 02:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-06-17 13:02 - 2016-04-09 02:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-06-17 13:02 - 2016-04-09 02:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-06-17 13:02 - 2016-04-09 01:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-17 13:02 - 2016-04-09 01:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-06-17 13:02 - 2016-03-09 15:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-06-17 13:02 - 2016-03-09 14:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-06-17 13:01 - 2016-04-14 12:46 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-06-17 13:01 - 2016-04-14 12:42 - 03243520 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-06-17 13:01 - 2016-04-14 11:19 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-06-17 13:01 - 2016-04-14 11:11 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-06-08 17:27 - 2016-06-08 17:27 - 04260592 _____ C:\Users\Luke\Desktop\trim66.7087D436-D603-4598-923A-6C6D86AC154C.MOV
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-20 12:10 - 2012-11-02 20:10 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-20 12:08 - 2015-06-22 12:23 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-20 12:08 - 2009-07-14 00:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-20 12:08 - 2009-07-14 00:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-20 11:59 - 2013-12-18 11:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-20 11:58 - 2012-11-02 20:10 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-20 11:57 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-20 11:23 - 2011-09-21 11:02 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000UA.job
2016-06-19 18:57 - 2011-08-24 03:01 - 00000000 ____D C:\ProgramData\Sonic
2016-06-19 15:03 - 2009-07-13 23:20 - 00000000 ____D C:\windows\rescache
2016-06-19 14:23 - 2011-09-21 11:02 - 00000860 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000Core.job
2016-06-18 13:20 - 2011-11-21 08:15 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC\AppData\Local\Google
2016-06-18 11:04 - 2009-07-14 00:45 - 00873560 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-18 11:01 - 2014-12-11 04:35 - 00000000 ____D C:\windows\system32\appraiser
2016-06-17 20:39 - 2013-08-15 03:02 - 00000000 ____D C:\windows\system32\MRT
2016-06-17 20:20 - 2011-09-06 09:21 - 142482544 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-06-17 15:24 - 2015-06-28 21:07 - 00000000 ____D C:\Users\Luke\AppData\Local\Google
2016-06-16 16:50 - 2013-12-18 11:08 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 16:50 - 2013-12-18 11:08 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 16:50 - 2011-08-24 02:31 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-15 16:40 - 2010-11-20 23:27 - 00484008 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-06-14 19:31 - 2013-12-16 18:29 - 00889344 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.bcf
2016-06-14 19:31 - 2013-12-16 18:29 - 00330643 _____ C:\Users\Luke\Documents\Christmas Card List 2013.mlb
2016-06-14 19:31 - 2013-12-16 18:29 - 00002396 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.fsif
2016-06-14 19:31 - 2013-12-16 18:29 - 00001748 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.msif
2016-06-14 17:33 - 2009-07-14 01:13 - 00783424 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-14 17:33 - 2009-07-13 23:20 - 00000000 ____D C:\windows\inf
2016-06-14 10:30 - 2014-10-10 15:28 - 00000000 ____D C:\Users\Luke\Desktop\QuickBooksAutoDataRecovery
2016-06-14 10:07 - 2014-10-20 11:26 - 00000000 ____D C:\quickbooks files
2016-06-14 07:46 - 2009-07-14 01:08 - 00032616 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-06-13 16:24 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\NDF
2016-06-11 19:12 - 2015-06-30 11:20 - 00000000 ____D C:\Users\Luke\AppData\Roaming\SoftGrid Client
2016-06-02 12:41 - 2009-07-13 23:20 - 00000000 ____D C:\windows\tracing
2016-05-27 03:20 - 2015-04-04 20:56 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-27 03:20 - 2015-04-04 20:56 - 00000000 ___SD C:\windows\system32\GWX
==================== Files in the root of some directories =======
2013-07-26 14:18 - 2013-07-26 14:18 - 0000057 _____ () C:\ProgramData\Ament.ini
Files to move or delete:
====================
C:\Users\rpluke\jagex_runescape_preferences.dat
C:\Users\rpluke\jagex_runescape_preferences2.dat
Some files in TEMP:
====================
C:\Users\Luke\AppData\Local\Temp\HPPSdr.exe
C:\Users\rpluke\AppData\Local\Temp\Abspdf.exe
C:\Users\rpluke\AppData\Local\Temp\acfpdfu.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuamd64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfui.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuia64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuiamd64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuiia64.dll
C:\Users\rpluke\AppData\Local\Temp\cdintf.dll
C:\Users\rpluke\AppData\Local\Temp\dplinst.exe
C:\Users\rpluke\AppData\Local\Temp\GUR45B7.exe
C:\Users\rpluke\AppData\Local\Temp\GURC68D.exe
C:\Users\rpluke\AppData\Local\Temp\install_reader11_en_gtbp_chrd_aih.exe
C:\Users\rpluke\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\rpluke\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\rpluke\AppData\Local\Temp\PDFPRT400.exe
C:\Users\rpluke\AppData\Local\Temp\setup.exe
C:\Users\rpluke\AppData\Local\Temp\utz_bhus.dll
C:\Users\rpluke\AppData\Local\Temp\xmllite.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-19 14:54
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-06-2016 01
Ran by Luke (2016-06-20 12:22:16)
Running from C:\Users\Luke\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-02 14:07:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2233979149-4233434921-1847507767-500 - Administrator - Disabled)
Guest (S-1-5-21-2233979149-4233434921-1847507767-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2233979149-4233434921-1847507767-1002 - Limited - Enabled)
Luke (S-1-5-21-2233979149-4233434921-1847507767-1006 - Administrator - Enabled) => C:\Users\Luke
QBDataServiceUser24 (S-1-5-21-2233979149-4233434921-1847507767-1005 - Limited - Enabled) => C:\Users\QBDataServiceUser24
Richard P. Luke (S-1-5-21-2233979149-4233434921-1847507767-1004 - Limited - Enabled) => C:\Users\Richard P. Luke.rpluke-PC
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
Active@ UNDELETE (HKLM-x32\...\Active@ UNDELETE) (Version: - )
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.3.2 build 2312 (Sep-13-2012) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}) (Version: 1.0.135 - Citrix)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{89263C19-557E-4D23-AAD7-113F6175DFC1}) (Version: 1.5.402.0 - Fingertapps)
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{39D06E77-8921-4056-8901-36D0035BAECA}) (Version: 1.5.420.0 - Fingertapps)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Update (HKLM-x32\...\{3F862535-33F3-4F3F-864E-6D4F6FD3258D}) (Version: 1.5.2000.0 - Dell Inc.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DJ3525FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark 3500-4500 Series (HKLM\...\Lexmark 3500-4500 Series) (Version: - Lexmark International, Inc.)
Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version: - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyLabel Designer Deluxe (HKLM-x32\...\{9D9C6FD3-1B43-43D7-AA90-94E643A312BD}) (Version: 8.0.0.0 - Avanquest USA, LLC)
MySoftware Fonts (HKLM-x32\...\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}) (Version: - )
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
QuickBooks (x32 Version: 19.0.4013.705 - Intuit Inc.) Hidden
QuickBooks (x32 Version: 24.0.4008.2403 - Intuit Inc.) Hidden
QuickBooks Pro 2009 (HKLM-x32\...\{9A2F0810-3622-4E86-9072-973FBE1679C5}) (Version: 19.0.4013.705 - Intuit Inc.)
QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4007.2403 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.20 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimCleaner Plus (HKLM\...\{C5A62BD3-AF28-47C5-A5BD-5B0F92A94F5A}) (Version: 1.4.1 - SlimWare Utilities, Inc.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11C4BCB3-8A1C-4368-B46C-52905D4403C2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000UA => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {26E617DA-163A-4F66-9ED3-D18DD288DDF8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {2CDE5F3D-7D9E-47F0-A672-29A6C490909A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {444C5634-3F5A-4396-B7F1-82B27BEA3BF0} - System32\Tasks\HP AR Program Upload - dd2e32d36bfe40a8b0cf07d42bd4d6bda15b567946f544b9949c33df5709b460 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {5FF302DF-C2E5-4AC0-A9C5-C7F23A9F393C} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {6272E94A-7D59-4674-BE1A-7AD3B5AF22E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {63F269C7-8B4A-498D-A86A-132ACF6094DC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {674F62FD-D05C-48F3-9426-1A1903AE89D2} - System32\Tasks\HP AR Program Upload - 6d2525a27ac8449180447fcae82a2d22da66b744b29f49dd8f7d8fa00bd0b9fd => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {7ECA217F-5EE4-4560-B3AF-526CFF0F0A60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000Core => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {96C07585-2EAF-4114-9CAC-877B5F0850E2} - System32\Tasks\HP AR Program Upload - 76c7104eb58a416aa85a7ca45c9fb712aef1dcc13fdb43eaa35083e39f220e7b => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {AE7CFAA2-DBE3-4DBF-A406-0785460148B8} - System32\Tasks\HP AR Program Upload - e0d9687ddc9f4a35a00d0350b09537311c9d80ef6c914328950fdeb93110cd84 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {D941DBEE-4100-4D21-97AC-1C223C3A411D} - System32\Tasks\HP AR Program Upload - 1eb4c2c179694a67862cbc719146cc70331380debe5d469aa3a893b8cd2f0634 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {DF0BD2CB-9181-4963-9944-BC77E569EC70} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)
Task: {E58A50C8-9C7C-4ADF-BC37-7EE3E50A46F6} - System32\Tasks\HP AR Program Upload - 70005777ff9e4cb883863b5be266bc003b494f40cae8441999dec37560dc9b31 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {F6418AAB-C759-4353-9DC5-B83DA0FA6030} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {FAE2DFEB-6B9B-4BBF-AADB-65428518989D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000Core.job => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000UA.job => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-12-17 14:53 - 2010-12-17 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-09-15 10:36 - 2007-02-22 03:15 - 00045056 _____ () C:\windows\System32\LXF3PMON.DLL
2011-09-15 10:36 - 2006-11-07 11:02 - 00036864 _____ () C:\windows\System32\LXF3OEM.DLL
2011-09-15 10:35 - 2007-02-22 03:11 - 00081408 _____ () C:\Program Files (x86)\Lexmark Fax Solutions\ipcmt64.dll
2011-09-15 10:36 - 2007-02-22 03:15 - 00003584 _____ () C:\windows\System32\LXF3PMRC.DLL
2012-03-18 14:05 - 2007-03-15 23:11 - 00138240 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxdidrpp.dll
2016-05-12 09:36 - 2016-05-12 09:36 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f1b815cf32572cea383bc47659c174fa\IsdiInterop.ni.dll
2011-08-24 02:30 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\rpluke\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_0favicon-2079221766 [638]
AlternateDataStreams: C:\Users\rpluke\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_1favicon1313128964 [638]
AlternateDataStreams: C:\Users\rpluke\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_2favicon-2092717923 [638]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ntrexeservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: FaxCenterServer => "C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe" /s
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: Google Update => "C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
MSCONFIG\startupreg: lxdiamon => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe"
MSCONFIG\startupreg: lxdimon.exe => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe"
MSCONFIG\startupreg: MapsGalaxy AppIntegrator 32-bit => C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator.exe
MSCONFIG\startupreg: MapsGalaxy AppIntegrator 64-bit => C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe
MSCONFIG\startupreg: MapsGalaxy EPM Support => "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{079215A6-BF79-4459-8886-5EBC2B5DB96E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{EF5B6C4F-EAEE-4450-9E6B-34A3A7AD617D}] => (Allow) C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{3964FFF7-1505-4795-9C22-2FDA598B9456}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE784847-1C86-4196-BD48-66BA38354734}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7A796783-E2A7-44F3-9227-D4FD620E10C6}] => (Allow) LPort=2869
FirewallRules: [{FE1805EB-EC81-4973-95D3-692D36E2E53D}] => (Allow) LPort=1900
FirewallRules: [{808C7C1B-DA7D-4046-8B02-6C47E121F8C6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{063E5A9D-4C1C-42E6-A363-338EDC3E3291}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2FC72722-6563-4D15-9932-CB7BD0AB6F69}] => (Allow) C:\Windows\SysWOW64\lxdicoms.exe
FirewallRules: [{95AF1FD2-3071-446F-B5E2-689A1769A4FC}] => (Allow) C:\Windows\SysWOW64\lxdicoms.exe
FirewallRules: [TCP Query User{F37DE1F0-5B7C-42FF-949D-A1650B68A7E3}C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe
FirewallRules: [UDP Query User{CFEFEC3F-C83C-4B36-8888-C406532ABAE0}C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe
FirewallRules: [TCP Query User{9A67A706-9EC6-4609-8F86-3C757010A078}C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe] => (Allow) C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe
FirewallRules: [UDP Query User{468659C3-FD6B-4A15-9547-AC39C78EEE05}C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe] => (Allow) C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe
FirewallRules: [{F6DC4C70-C457-474A-91E3-327A0FD6738C}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\TroubleShooter.exe
FirewallRules: [{A5322586-2D4E-44B5-A436-E2577A83AAAC}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\TroubleShooter.exe
FirewallRules: [{A7E9D9FE-EE7E-4C93-BB3F-8B95F092ECD7}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\ToolbarUpdate.exe
FirewallRules: [{8B80A696-81CC-452A-822A-3AA1E1C6B273}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\ToolbarUpdate.exe
FirewallRules: [{7899ABE3-E347-42F9-A9E2-7D27FF4C8C51}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{2BC0CBEC-F6DC-4316-9C02-D992B9B43532}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{C9413B91-66FE-4355-A565-7F2458DF79D0}] => (Allow) C:\Program Files (x86)\Lexmark Fax Solutions\FaxCtr.exe
FirewallRules: [{7DE07FEF-D64C-4BF9-9E01-5AC694E9A7B8}] => (Allow) C:\Program Files (x86)\Lexmark Fax Solutions\FaxCtr.exe
FirewallRules: [{3393369D-64BA-4D99-9305-F69FCEA7A8A1}] => (Allow) C:\Windows\System32\lxdicoms.exe
FirewallRules: [{B32873C6-2F12-4403-BC4F-235D69E57A8C}] => (Allow) C:\Windows\System32\lxdicoms.exe
FirewallRules: [{4E4ADBF0-8EF1-4390-910B-627C0F5F03F0}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
FirewallRules: [{8C0F74C2-A5D9-4303-8281-3988F60EB191}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
FirewallRules: [{2DC415E6-9BDE-48D2-BC2C-CB8A3725B6CD}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.exe
FirewallRules: [{ECF96635-2407-41CA-B95F-9B6A98E269B1}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.exe
FirewallRules: [{CC22EBB9-8566-432A-9513-33DA4C8404C7}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
FirewallRules: [{8ACB1EFE-B7A8-4CA5-BDC9-D60A9BB43B26}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
FirewallRules: [{0AE9C3A0-30BB-42F0-9910-C566BAF44146}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdipswx.exe
FirewallRules: [{ED301484-C6DB-49FA-AE29-BF0F0502CD2D}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdipswx.exe
FirewallRules: [{9BEE3BFC-FAD4-464B-9A3F-62D777F25827}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxditime.exe
FirewallRules: [{3FF5C28E-AF83-404F-9883-B377B63D8ECF}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxditime.exe
FirewallRules: [TCP Query User{12DE12EB-AC98-4F32-B093-B2874E82F10B}C:\program files (x86)\lexmark 3500-4500 series\app4r.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\app4r.exe
FirewallRules: [UDP Query User{7FDC8DF9-FB38-4A14-B8DD-4EF44C4A2A1D}C:\program files (x86)\lexmark 3500-4500 series\app4r.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\app4r.exe
FirewallRules: [{09002221-659D-4010-847A-66A9FFDE31F5}] => (Allow) C:\Users\rpluke\AppData\Local\Temp\7zS3B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{E9E1D0E8-8D0E-40E0-921B-3AF31D65498B}] => (Allow) C:\Users\rpluke\AppData\Local\Temp\7zS3B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{0B585A8D-71B6-475C-AF20-0C009F2AB9B4}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{2DDF5073-E980-4BC9-9723-31A59DF65904}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{606A2E2D-B46F-407A-8C02-15FB53393830}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DCC4C21C-C5AC-4D1A-BBC9-493C759841B5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A6097FE0-F416-4A39-BDAE-5A7357007BD3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{D575371B-1787-431A-96D4-556838FB5AFB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E0EBF8E7-2245-4FB1-9FE8-728D35E66386}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D4CEF7DC-38AF-450C-84CC-8D33E3F17FBE}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0DC1\HPDiagnosticCoreUI.exe
FirewallRules: [{D5729D92-8CBC-4F89-8C2E-4F9203FF844E}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0DC1\HPDiagnosticCoreUI.exe
FirewallRules: [{06401AFB-6083-47FB-BE89-3B1C591E55BD}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0E5E\HPDiagnosticCoreUI.exe
FirewallRules: [{D831BA0C-5BB8-4EDC-8DC5-C6FBF07100F3}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0E5E\HPDiagnosticCoreUI.exe
FirewallRules: [{335171AA-0E6C-4B20-83C8-A1649F8DC453}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS453C\HPDiagnosticCoreUI.exe
FirewallRules: [{B4BB8DFD-D915-481B-B621-287D903063E8}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS453C\HPDiagnosticCoreUI.exe
FirewallRules: [{86FFFB19-12A8-496C-9B8D-4F05330994AF}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5D7D\HPDiagnosticCoreUI.exe
FirewallRules: [{6988605F-CC62-40C4-9F69-F4AB8FEBA928}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5D7D\HPDiagnosticCoreUI.exe
FirewallRules: [{70E434C9-E424-4941-9672-4F09C16D0FCD}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5DF9\HPDiagnosticCoreUI.exe
FirewallRules: [{2267C23E-E837-4C15-9FA0-D86BC748258F}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5DF9\HPDiagnosticCoreUI.exe
FirewallRules: [{147D715F-5D23-400C-B6C3-9385CB53A5A3}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS62DB\HPDiagnosticCoreUI.exe
FirewallRules: [{E6F25767-36A2-4D20-BC4B-E5D443A26A82}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS62DB\HPDiagnosticCoreUI.exe
FirewallRules: [{F4A72FA3-5AA9-4101-B8A7-84FF699BFC95}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS7D97\HPDiagnosticCoreUI.exe
FirewallRules: [{F625FE3E-A002-4B91-8EC7-A6BBEBB0ACA8}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS7D97\HPDiagnosticCoreUI.exe
FirewallRules: [{70937669-BFCB-454D-9CB1-66DBF5B5A815}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7E591D6-46E9-42C5-8A33-7C07FDD14CED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
24-05-2016 09:08:53 Windows Update
27-05-2016 03:01:03 Windows Update
30-05-2016 13:25:46 Windows Update
02-06-2016 21:52:40 Windows Update
06-06-2016 16:47:59 Windows Update
09-06-2016 21:02:26 Windows Update
13-06-2016 08:53:47 Windows Update
17-06-2016 20:08:22 Windows Update
18-06-2016 11:12:40 Windows Update
20-06-2016 12:06:20 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/20/2016 12:06:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {d4fe3ee3-250e-43f7-a7cf-daeecec43fc7}
Error: (06/20/2016 11:59:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.41110.0, time stamp: 0x55261ad4
Faulting module name: TeamViewer_Service.exe, version: 9.0.41110.0, time stamp: 0x55261ad4
Exception code: 0x40000015
Fault offset: 0x0030b027
Faulting process id: 0x1040
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3
Error: (06/20/2016 11:59:15 AM) (Source: Application Virtualization Client) (EventID: 2005) (User: )
Description: The Application Virtualization Core Service could not contact the Service Control Dispatcher.
Error: (06/20/2016 11:59:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/20/2016 01:28:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/19/2016 06:54:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/19/2016 09:23:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/18/2016 03:22:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/18/2016 03:16:50 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
Error: (06/18/2016 03:05:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/20/2016 12:00:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
Error: (06/20/2016 11:59:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (06/20/2016 11:59:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%-2147467243 = The class is configured to run as a security id different from the caller
Error: (06/20/2016 11:59:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Application Virtualization Client service terminated with the following error:
%%-2147467243 = The class is configured to run as a security id different from the caller
Error: (06/20/2016 11:58:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SlimWare Utility Service Launcher service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/20/2016 11:57:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxdiCATSCustConnectService service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (06/20/2016 11:57:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.
Error: (06/20/2016 11:56:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Modules Installer service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (06/20/2016 11:56:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CarboniteService service.
Error: (06/20/2016 11:55:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\System32\IWMSSvc.dll
CodeIntegrity:
===================================
Date: 2015-06-21 15:35:25.345
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Antivirus\HitmanPro35.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-06-21 15:35:25.064
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Antivirus\HitmanPro35.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-06-21 15:34:58.887
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Antivirus\HitmanPro35.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-06-21 15:34:58.606
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Antivirus\HitmanPro35.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Pentium® CPU B940 @ 2.00GHz
Percentage of memory in use: 81%
Total physical RAM: 2979.17 MB
Available physical RAM: 562.29 MB
Total Virtual: 5956.53 MB
Available Virtual: 3252.31 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:200.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 71895B4D)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
sfc /scannow
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Luke (administrator) on RPLUKE-PC (25-06-2016 08:41:06)
Running from C:\Users\Luke\Downloads
Loaded Profiles: QBDataServiceUser24 & Luke (Available Profiles: Richard P. Luke & QBDataServiceUser24 & Luke)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
() C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
( ) C:\Windows\System32\lxdicoms.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [lxdimon.exe] => C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe [434856 2009-04-27] ()
HKLM\...\Run: [lxdiamon] => C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe [25256 2009-04-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055816 2011-05-30] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3775800 2014-06-26] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [MapsGalaxy EPM Support] => "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [MapsGalaxy AppIntegrator 64-bit] => C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [MapsGalaxy AppIntegrator 32-bit] => C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-10-08] (Google)
HKLM-x32\...\Run: [FaxCenterServer] => C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe [312240 2007-05-07] ()
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-05-30] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\...\Run: [Google Update] => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-17] (Google Inc.)
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-10-08] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2014-10-10]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2014-10-10]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2014-10-10]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2586DD56-5E75-4A1E-B93F-90A97320C324}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8184F250-DCBA-43B6-A3C2-6B773F6C6F7E}: [DhcpNameServer] 192.168.1.1 71.250.0.12
Internet Explorer:
==================
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.com/
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2233979149-4233434921-1847507767-1006 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=PhCGb1TUaj3O1lvSLKwwzAxWCus?q={searchTerms}
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho.dll [2010-05-03] ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2011-05-05] (Cozi Group, Inc.)
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll [2012-05-12] (Intuit, Inc.)
Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2014-12-10] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sq7f9n4y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-05-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-31]
CHR Extension: (Google Drive) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Google Search) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-31]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-10-08] (Google)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 lxdi_device; C:\windows\system32\lxdicoms.exe [876976 2007-06-11] ( )
R2 lxdi_device; C:\windows\SysWOW64\lxdicoms.exe [517040 2007-06-11] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-12-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2014-06-26] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2014-06-26] (Intuit Inc.) [File not signed]
R3 QuickBooksDB24; C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe [679936 2014-06-26] (Intuit, Inc.) [File not signed]
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 CarboniteService; "C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-25 08:40 - 2016-06-25 08:40 - 00000000 ____D C:\Users\Luke\Downloads\FRST-OlderVersion
2016-06-24 08:08 - 2016-06-24 08:08 - 00000000 ____D C:\1f4c50587cad276d64e2796ec98ebf41
2016-06-21 16:22 - 2016-06-21 16:23 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC\AppData\Roaming\Mozilla
2016-06-21 16:22 - 2016-06-21 16:22 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC\AppData\Local\Mozilla
2016-06-21 16:16 - 2016-06-21 16:16 - 00007396 _____ C:\Users\Luke\Desktop\fixlist.txt
2016-06-21 15:49 - 2016-06-21 15:49 - 00000000 ____D C:\Users\Luke\AppData\LocalLow\Sun
2016-06-21 15:41 - 2016-06-21 15:41 - 00000000 ____D C:\Users\Luke\AppData\Roaming\HpUpdate
2016-06-21 15:39 - 2016-06-21 15:39 - 00000000 ____D C:\Users\Luke\AppData\Local\Dell
2016-06-21 15:37 - 2016-06-21 15:37 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Roxio
2016-06-21 15:37 - 2016-06-21 15:37 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Fingertapps
2016-06-21 15:37 - 2016-06-21 15:37 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Dell
2016-06-21 15:36 - 2016-06-21 15:36 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Intel Corporation
2016-06-21 15:36 - 2016-06-21 15:36 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Dell Touch Zone
2016-06-20 12:22 - 2016-06-20 12:24 - 00041717 _____ C:\Users\Luke\Downloads\Addition.txt
2016-06-20 12:19 - 2016-06-25 08:41 - 00019923 _____ C:\Users\Luke\Downloads\FRST.txt
2016-06-20 12:18 - 2016-06-25 08:41 - 00000000 ____D C:\FRST
2016-06-20 12:17 - 2016-06-25 08:40 - 02387456 _____ (Farbar) C:\Users\Luke\Downloads\FRST64.exe
2016-06-20 12:04 - 2016-06-20 12:04 - 01610816 _____ (Malwarebytes) C:\Users\Luke\Downloads\JRT.exe
2016-06-20 11:48 - 2016-06-20 11:54 - 00000000 ____D C:\AdwCleaner
2016-06-20 11:48 - 2016-06-20 11:48 - 03703360 _____ C:\Users\Luke\Downloads\AdwCleaner(1).exe
2016-06-20 11:46 - 2016-06-20 11:46 - 03703360 _____ C:\Users\Luke\Downloads\AdwCleaner.exe
2016-06-20 11:44 - 2016-06-20 11:44 - 00000000 ____D C:\Users\Luke\AppData\Local\Macromedia
2016-06-20 11:38 - 2016-06-20 11:45 - 00000000 ____D C:\Users\Luke\AppData\Local\Mozilla
2016-06-20 11:38 - 2016-06-20 11:39 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Mozilla
2016-06-20 11:37 - 2016-06-20 11:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-20 11:37 - 2016-06-20 11:37 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-20 11:37 - 2016-06-20 11:37 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-20 11:37 - 2016-06-20 11:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-20 11:35 - 2016-06-20 11:36 - 00242136 _____ C:\Users\Luke\Desktop\Firefox Setup Stub 47.0.exe
2016-06-17 20:23 - 2016-05-23 19:37 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-06-17 20:23 - 2016-05-23 18:54 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-06-17 20:23 - 2016-05-21 12:57 - 20341248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-06-17 20:23 - 2016-05-20 18:27 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-06-17 20:23 - 2016-05-20 18:27 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-06-17 20:23 - 2016-05-20 18:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-06-17 20:23 - 2016-05-20 18:10 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-06-17 20:23 - 2016-05-20 18:09 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-17 20:23 - 2016-05-20 18:09 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-06-17 20:23 - 2016-05-20 18:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-06-17 20:23 - 2016-05-20 18:08 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-17 20:23 - 2016-05-20 18:08 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-06-17 20:23 - 2016-05-20 18:02 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-17 20:23 - 2016-05-20 18:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-06-17 20:23 - 2016-05-20 17:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-06-17 20:23 - 2016-05-20 17:56 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-06-17 20:23 - 2016-05-20 17:56 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-06-17 20:23 - 2016-05-20 17:55 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-06-17 20:23 - 2016-05-20 17:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-06-17 20:23 - 2016-05-20 17:50 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-06-17 20:23 - 2016-05-20 17:49 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-06-17 20:23 - 2016-05-20 17:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-06-17 20:23 - 2016-05-20 17:45 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-06-17 20:23 - 2016-05-20 17:45 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-06-17 20:23 - 2016-05-20 17:44 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-06-17 20:23 - 2016-05-20 17:44 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-06-17 20:23 - 2016-05-20 17:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-06-17 20:23 - 2016-05-20 17:41 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-06-17 20:23 - 2016-05-20 17:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-06-17 20:23 - 2016-05-20 17:33 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-06-17 20:23 - 2016-05-20 17:32 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-06-17 20:23 - 2016-05-20 17:29 - 13815808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-06-17 20:23 - 2016-05-20 17:27 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-06-17 20:23 - 2016-05-20 17:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-17 20:23 - 2016-05-20 17:26 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-06-17 20:23 - 2016-05-20 17:25 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-06-17 20:23 - 2016-05-20 17:23 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-06-17 20:23 - 2016-05-20 17:23 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-06-17 20:23 - 2016-05-20 17:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-06-17 20:23 - 2016-05-20 17:21 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-06-17 20:23 - 2016-05-20 17:19 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-06-17 20:23 - 2016-05-20 17:14 - 04610048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-06-17 20:23 - 2016-05-20 17:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-06-17 20:23 - 2016-05-20 17:11 - 15420928 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-17 20:23 - 2016-05-20 17:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-06-17 20:23 - 2016-05-20 17:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-06-17 20:23 - 2016-05-20 17:09 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-06-17 20:23 - 2016-05-20 17:08 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-06-17 20:23 - 2016-05-20 17:08 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-17 20:23 - 2016-05-20 17:07 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-06-17 20:23 - 2016-05-20 17:07 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-06-17 20:23 - 2016-05-20 17:06 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-06-17 20:23 - 2016-05-20 16:46 - 02597888 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-17 20:23 - 2016-05-20 16:42 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-06-17 20:23 - 2016-05-20 16:38 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-06-17 20:23 - 2016-05-20 16:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-06-17 20:23 - 2016-05-20 16:34 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-17 20:23 - 2016-05-20 16:23 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-06-17 20:22 - 2016-05-21 13:28 - 25802752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-17 20:22 - 2016-05-20 17:28 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-06-17 15:24 - 2016-06-21 16:08 - 00000000 ____D C:\Users\Luke\AppData\Roaming\TeamViewer
2016-06-17 13:04 - 2016-05-18 12:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-06-17 13:04 - 2016-05-18 12:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-17 13:04 - 2016-05-12 13:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-06-17 13:04 - 2016-05-12 13:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-17 13:04 - 2016-05-12 13:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-06-17 13:04 - 2016-05-11 11:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-06-17 13:04 - 2016-05-11 11:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-06-17 13:04 - 2016-05-11 10:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-17 13:03 - 2016-05-12 13:20 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-17 13:03 - 2016-05-12 13:20 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-06-17 13:03 - 2016-05-12 13:15 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-06-17 13:03 - 2016-05-12 11:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-06-17 13:03 - 2016-05-12 10:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-06-17 13:03 - 2016-05-12 10:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-06-17 13:03 - 2016-05-12 10:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-06-17 13:03 - 2016-05-12 10:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-06-17 13:03 - 2016-05-12 09:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-17 13:03 - 2016-05-12 09:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-17 13:03 - 2016-05-12 09:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-06-17 13:02 - 2016-06-06 12:58 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-17 13:02 - 2016-06-06 12:50 - 01204224 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-17 13:02 - 2016-06-03 09:05 - 01413120 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-06-17 13:02 - 2016-05-22 09:06 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-17 13:02 - 2016-05-13 18:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-06-17 13:02 - 2016-05-13 17:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-06-17 13:02 - 2016-05-13 17:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-06-17 13:02 - 2016-05-13 17:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-06-17 13:02 - 2016-05-13 17:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-06-17 13:02 - 2016-05-13 17:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-06-17 13:02 - 2016-05-12 11:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-06-17 13:02 - 2016-05-11 13:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-17 13:02 - 2016-05-11 11:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-06-17 13:02 - 2016-04-09 02:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-06-17 13:02 - 2016-04-09 02:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-06-17 13:02 - 2016-04-09 02:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-06-17 13:02 - 2016-04-09 02:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-06-17 13:02 - 2016-04-09 01:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-17 13:02 - 2016-04-09 01:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-06-17 13:02 - 2016-03-09 15:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-06-17 13:02 - 2016-03-09 14:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-06-17 13:01 - 2016-04-14 12:46 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-06-17 13:01 - 2016-04-14 12:42 - 03243520 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-06-17 13:01 - 2016-04-14 11:19 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-06-17 13:01 - 2016-04-14 11:11 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-06-08 17:27 - 2016-06-08 17:27 - 04260592 _____ C:\Users\Luke\Desktop\trim66.7087D436-D603-4598-923A-6C6D86AC154C.MOV
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-25 08:41 - 2009-07-14 00:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-25 08:41 - 2009-07-14 00:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-25 08:39 - 2015-06-28 21:07 - 00000000 ____D C:\Users\Luke\AppData\Local\Google
2016-06-25 08:39 - 2015-06-22 12:23 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-25 08:36 - 2013-12-18 11:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-25 08:36 - 2011-09-21 11:02 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000UA.job
2016-06-25 05:08 - 2014-10-10 15:28 - 00000000 ____D C:\Users\Luke\Desktop\QuickBooksAutoDataRecovery
2016-06-25 05:03 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-24 17:08 - 2011-09-21 11:02 - 00000860 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000Core.job
2016-06-24 08:27 - 2013-03-21 21:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-24 08:27 - 2013-03-21 21:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-24 08:24 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\NDF
2016-06-24 08:20 - 2013-03-21 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-24 08:12 - 2014-10-10 10:55 - 00000000 ____D C:\Users\QBDataServiceUser24
2016-06-24 08:10 - 2015-06-22 17:19 - 00000000 ____D C:\Users\Luke
2016-06-21 16:29 - 2015-06-22 17:22 - 00283976 _____ C:\Users\Luke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-21 16:28 - 2011-10-08 10:15 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-21 16:28 - 2009-07-14 00:45 - 00872760 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-21 16:21 - 2011-11-21 08:15 - 00283976 _____ C:\Users\Richard P. Luke.rpluke-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-21 16:08 - 2011-11-18 10:28 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC
2016-06-21 16:07 - 2011-11-18 10:23 - 00000000 ____D C:\ProgramData\Carbonite
2016-06-21 15:57 - 2011-08-24 03:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-21 15:37 - 2011-08-24 03:01 - 00000000 ____D C:\ProgramData\Sonic
2016-06-21 15:36 - 2015-06-22 18:31 - 00000000 ____D C:\Users\Luke\AppData\Local\Intuit
2016-06-21 15:32 - 2015-06-21 15:38 - 00000000 ____D C:\windows\pss
2016-06-19 15:03 - 2009-07-13 23:20 - 00000000 ____D C:\windows\rescache
2016-06-18 13:20 - 2011-11-21 08:15 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC\AppData\Local\Google
2016-06-18 11:01 - 2014-12-11 04:35 - 00000000 ____D C:\windows\system32\appraiser
2016-06-17 20:39 - 2013-08-15 03:02 - 00000000 ____D C:\windows\system32\MRT
2016-06-17 20:20 - 2011-09-06 09:21 - 142482544 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-06-16 16:50 - 2013-12-18 11:08 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 16:50 - 2013-12-18 11:08 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 16:50 - 2011-08-24 02:31 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-15 16:40 - 2010-11-20 23:27 - 00484008 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-06-14 19:31 - 2013-12-16 18:29 - 00889344 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.bcf
2016-06-14 19:31 - 2013-12-16 18:29 - 00330643 _____ C:\Users\Luke\Documents\Christmas Card List 2013.mlb
2016-06-14 19:31 - 2013-12-16 18:29 - 00002396 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.fsif
2016-06-14 19:31 - 2013-12-16 18:29 - 00001748 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.msif
2016-06-14 17:33 - 2009-07-14 01:13 - 00783424 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-14 17:33 - 2009-07-13 23:20 - 00000000 ____D C:\windows\inf
2016-06-14 10:07 - 2014-10-20 11:26 - 00000000 ____D C:\quickbooks files
2016-06-14 07:46 - 2009-07-14 01:08 - 00032616 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-06-11 19:12 - 2015-06-30 11:20 - 00000000 ____D C:\Users\Luke\AppData\Roaming\SoftGrid Client
2016-06-02 12:41 - 2009-07-13 23:20 - 00000000 ____D C:\windows\tracing
2016-05-27 03:20 - 2015-04-04 20:56 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-27 03:20 - 2015-04-04 20:56 - 00000000 ___SD C:\windows\system32\GWX
==================== Files in the root of some directories =======
2013-07-26 14:18 - 2013-07-26 14:18 - 0000057 _____ () C:\ProgramData\Ament.ini
Files to move or delete:
====================
C:\Users\rpluke\jagex_runescape_preferences.dat
C:\Users\rpluke\jagex_runescape_preferences2.dat
Some files in TEMP:
====================
C:\Users\Luke\AppData\Local\Temp\HPPSdr.exe
C:\Users\rpluke\AppData\Local\Temp\Abspdf.exe
C:\Users\rpluke\AppData\Local\Temp\acfpdfu.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuamd64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfui.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuia64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuiamd64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuiia64.dll
C:\Users\rpluke\AppData\Local\Temp\cdintf.dll
C:\Users\rpluke\AppData\Local\Temp\dplinst.exe
C:\Users\rpluke\AppData\Local\Temp\GUR45B7.exe
C:\Users\rpluke\AppData\Local\Temp\GURC68D.exe
C:\Users\rpluke\AppData\Local\Temp\install_reader11_en_gtbp_chrd_aih.exe
C:\Users\rpluke\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\rpluke\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\rpluke\AppData\Local\Temp\PDFPRT400.exe
C:\Users\rpluke\AppData\Local\Temp\setup.exe
C:\Users\rpluke\AppData\Local\Temp\utz_bhus.dll
C:\Users\rpluke\AppData\Local\Temp\xmllite.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-19 14:54
==================== End of FRST.txt ============================
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 25/06/2016 9:21:51 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/06/2016 12:09:50 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 24/06/2016 12:44:25 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 19/06/2016 10:52:47 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 17/05/2016 10:25:11 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 13/05/2016 12:29:53 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 10/05/2016 7:35:32 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 28/04/2016 7:22:43 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 17/02/2016 5:12:10 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 25/06/2016 9:05:05 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Dell SupportAssist Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 25/06/2016 9:05:05 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
Log: 'System' Date/Time: 25/06/2016 9:04:11 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 25/06/2016 9:04:11 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.
Log: 'System' Date/Time: 25/06/2016 9:04:11 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HP Support Solutions Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 25/06/2016 9:04:11 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
Log: 'System' Date/Time: 24/06/2016 12:34:52 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 43. The internal error state is 252.
Log: 'System' Date/Time: 24/06/2016 12:34:52 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 43. The internal error state is 252.
Log: 'System' Date/Time: 24/06/2016 12:29:33 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Dell SupportAssist Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 24/06/2016 12:29:33 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
Log: 'System' Date/Time: 24/06/2016 12:28:39 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 24/06/2016 12:28:39 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.
Log: 'System' Date/Time: 24/06/2016 12:28:39 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HP Support Solutions Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 24/06/2016 12:28:39 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
Log: 'System' Date/Time: 24/06/2016 12:11:37 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Dell SupportAssist Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 24/06/2016 12:11:37 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
Log: 'System' Date/Time: 24/06/2016 12:10:50 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
Log: 'System' Date/Time: 24/06/2016 12:10:50 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.
Log: 'System' Date/Time: 24/06/2016 12:10:13 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 8:08:47 AM on ?6/?24/?2016 was unexpected.
Log: 'System' Date/Time: 24/06/2016 12:01:41 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxdiCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 25/06/2016 12:36:47 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name qb24bgocd.quickbooks.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:22:57 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:21:27 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:19:32 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:19:19 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:17:14 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:17:05 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:16:33 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.msftncsi.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:16:24 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:15:39 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:04:55 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 25/06/2016 9:03:04 AM
Type: Warning Category: 0
Event: 1 Source: RTL8167
Realtek PCIe FE Family Controller is disconnected from network.
Log: 'System' Date/Time: 25/06/2016 12:04:03 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\windows\System32\IWMSSvc.dll
Log: 'System' Date/Time: 24/06/2016 11:48:29 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name watson.microsoft.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 24/06/2016 11:48:07 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 24/06/2016 9:08:48 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 24/06/2016 9:08:34 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 24/06/2016 4:28:15 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 24/06/2016 4:28:08 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 24/06/2016 2:56:25 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name sync.adaptv.advertising.com timed out after none of the configured DNS servers responded.
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 25/06/2016 9:24:30 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 25/06/2016 9:16:05 AM
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
Log: 'Application' Date/Time: 25/06/2016 9:05:18 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 24/06/2016 11:48:14 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-CEIP
A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Log: 'Application' Date/Time: 24/06/2016 12:29:48 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 24/06/2016 12:22:58 PM
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
Log: 'Application' Date/Time: 24/06/2016 12:16:56 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid. .
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {27477cc6-885e-4f66-b9ba-e2b6fde5a053}
Log: 'Application' Date/Time: 24/06/2016 12:12:07 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 24/06/2016 12:06:50 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid. .
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {befcefa3-b50d-4e2c-8193-a79d2eca18c8}
Log: 'Application' Date/Time: 24/06/2016 12:02:37 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 24/06/2016 12:46:52 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 23/06/2016 7:56:05 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program IEXPLORE.EXE version 11.0.9600.18347 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: bb4 Start Time: 01d1cd59b6309507 Termination Time: 193 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id:
Log: 'Application' Date/Time: 23/06/2016 3:00:18 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-CEIP
A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Log: 'Application' Date/Time: 23/06/2016 2:10:19 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 22/06/2016 6:35:43 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program IEXPLORE.EXE version 11.0.9600.18347 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 16f0 Start Time: 01d1ccb3e918909b Termination Time: 64 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id:
Log: 'Application' Date/Time: 22/06/2016 3:07:58 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-CEIP
A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Log: 'Application' Date/Time: 22/06/2016 9:35:29 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 21/06/2016 8:30:53 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Log: 'Application' Date/Time: 21/06/2016 8:05:30 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid. .
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {184b8aba-02c6-420b-80d3-f274fc63a0ec}
Log: 'Application' Date/Time: 21/06/2016 7:58:38 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid. .
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {184b8aba-02c6-420b-80d3-f274fc63a0ec}
Log: 'Application' Date/Time: 21/06/2016 7:57:41 PM
Type: Error Category: 0
Event: 8193 Source: VSS
Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid. .
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {184b8aba-02c6-420b-80d3-f274fc63a0ec}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 25/06/2016 9:16:05 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. Failed to complete bits job
Log: 'Application' Date/Time: 25/06/2016 9:05:46 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=5BC}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: RPLUKE-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 25/06/2016 9:05:37 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=5BC}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 24/06/2016 12:40:18 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 24/06/2016 12:40:18 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 24/06/2016 12:30:07 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=1374}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: RPLUKE-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 24/06/2016 12:29:49 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=1374}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 24/06/2016 12:26:24 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 7 user registry handles leaked from \Registry\User\S-1-5-21-2233979149-4233434921-1847507767-1006:
Process 516 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
Process 516 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2233979149-4233434921-1847507767-1006\Software
Process 516 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Policies
Process 516 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 516 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 516 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Microsoft\Internet Explorer\Main
Process 516 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Microsoft\Internet Explorer\Main\FeatureControl
Log: 'Application' Date/Time: 24/06/2016 12:22:57 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. Failed to complete bits job
Log: 'Application' Date/Time: 24/06/2016 12:16:52 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{45cd49f7-dc9e-11e0-b050-ac7289372ee9}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 24/06/2016 12:12:37 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=10E8}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: RPLUKE-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 24/06/2016 12:12:16 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=10E8}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 24/06/2016 12:06:47 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{45cd49f7-dc9e-11e0-b050-ac7289372ee9}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Log: 'Application' Date/Time: 24/06/2016 12:02:51 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=13E0}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: RPLUKE-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 24/06/2016 12:02:38 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=13E0}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 24/06/2016 12:47:20 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=12B4}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: RPLUKE-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Log: 'Application' Date/Time: 24/06/2016 12:47:06 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=12B4}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Log: 'Application' Date/Time: 23/06/2016 2:20:53 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Log: 'Application' Date/Time: 23/06/2016 2:20:53 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Log: 'Application' Date/Time: 23/06/2016 2:10:45 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=1394}
The Application Virtualization Client Core initialized correctly. Installed Product: Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: RPLUKE-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
AdobeARM.exe 4,416 K 11,384 K 3440 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems
AESTSr64.exe 1,000 K 2,820 K 1864 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
armsvc.exe 1,176 K 4,184 K 1756 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
audiodg.exe 22,488 K 24,444 K 2572 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
btplayerctrl.exe 2,112 K 5,668 K 5272 Bluetooth Media Player Controller Intel Corporation (No signature was present in the subject) Intel Corporation
conhost.exe 1,452 K 4,788 K 5512 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 892 K 2,796 K 1560 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
CVHSVC.EXE 5,164 K 10,548 K 4768 Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
DellDataVault.exe 8,824 K 16,600 K 5344 Dell Data Vault Service Dell Inc. (Verified) Techporch Incorporated
DellDataVaultWiz.exe 5,312 K 11,140 K 5396 Dell Data Vault Wizard Dell Inc. (Verified) Techporch Incorporated
devmonsrv.exe 2,580 K 6,632 K 1900 Bluetooth Device Monitor Intel Corporation (No signature was present in the subject) Intel Corporation
dllhost.exe 2,412 K 7,420 K 2108 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 2,028 K 5,844 K 5968 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
EvtEng.exe 6,968 K 15,252 K 1992 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation - Mobile Wireless Group
GWX.exe 3,832 K 844 K 1860 GWX Microsoft Corporation (Verified) Microsoft Windows
hidfind.exe 1,520 K 4,552 K 5680 Alps Pointing-device Driver Alps Electric Co., Ltd. (Verified) Alps Electric Co.
hkcmd.exe 2,184 K 6,432 K 2596 hkcmd Module Intel Corporation (Verified) Intel Corporation
hpwuschd2.exe 960 K 3,800 K 3916 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
iFrmewrk.exe 8,784 K 20,896 K 2732 Intel® PROSet/Wireless Framework Intel® Corporation (Verified) Intel Corporation - Mobile Wireless Group
igfxpers.exe 3,212 K 9,540 K 2624 persistence Module Intel Corporation (Verified) Intel Corporation
igfxtray.exe 2,344 K 6,608 K 2556 igfxTray Module Intel Corporation (Verified) Intel Corporation
ipoint.exe 7,032 K 17,200 K 2752 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
lsm.exe 2,708 K 4,644 K 672 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lxdiamon.exe 16,192 K 18,484 K 2836 Device Monitor Application (Verified) Lexmark International
lxdicoms.exe 4,128 K 10,612 K 2900 Printer Communication System (Verified) Lexmark International
lxdimon.exe 2,716 K 7,192 K 2816 Device Monitor (Verified) Lexmark International
mbamscheduler.exe 5,908 K 10,820 K 2944 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
mbamservice.exe 356,268 K 157,436 K 2404 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
msseces.exe 6,080 K 14,540 K 2760 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
NisSrv.exe 17,840 K 10,724 K 5220 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
procexp.exe 2,360 K 7,632 K 6536 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
QBCFMonitorService.exe 9,088 K 15,444 K 3132 QuickBooks Company File Monitoring Service Intuit (No signature was present in the subject) Intuit
QBIDPService.exe 8,276 K 13,108 K 3404 QBIDPService Intuit Inc. (No signature was present in the subject) Intuit Inc.
qbupdate.exe 13,156 K 24,312 K 2472 QuickBooks Automatic Update Intuit Inc. (Verified) Intuit
quickset.exe 8,312 K 10,448 K 2708 QuickSet Dell Inc. (Verified) Dell Inc
RegSrvc.exe 1,980 K 6,492 K 3468 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation - Mobile Wireless Group
RoxioBurnLauncher.exe 4,372 K 12,652 K 3324 Roxio Burn Launcher (Verified) Sonic Solutions
rundll32.exe 2,536 K 7,984 K 2740 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,396 K 12,600 K 624 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
sftlist.exe 7,636 K 16,904 K 4776 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
sftvsa.exe 1,396 K 4,980 K 3732 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
smss.exe 444 K 1,152 K 336 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 9,144 K 16,968 K 1612 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
sttray64.exe 8,412 K 18,964 K 2648 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 2,492 K 6,072 K 5172 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,728 K 4,896 K 3048 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,904 K 5,824 K 3988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 27,092 K 26,308 K 312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7,880 K 13,136 K 880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 3,068 K 7,400 K 7128 User Notification Service Intel Corporation (Verified) Intel Corporation
unsecapp.exe 1,484 K 5,048 K 4620 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,696 K 6,012 K 6800 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
WebcamDell2.exe 48,528 K 8,140 K 3740 Webcam Central Creative Technology Ltd (No signature was present in the subject) Creative Technology Ltd
wininit.exe 1,460 K 4,580 K 564 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,684 K 7,272 K 660 Windows Logon Application Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
wlanext.exe 8,084 K 18,136 K 1544 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 1,200 K 3,404 K 4944 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WmiPrvSE.exe 9,480 K 15,644 K 1656 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 4,940 K 9,324 K 3840 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
stacsv64.exe < 0.01 13,296 K 9,732 K 952 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe < 0.01 13,724 K 17,068 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
mediasrv.exe < 0.01 4,084 K 7,992 K 4764 Bluetooth Media Service Intel Corporation (No signature was present in the subject) Intel Corporation
QBW32.EXE < 0.01 53,680 K 91,880 K 2592 QuickBooks Intuit Inc. (Verified) Intuit
WmiPrvSE.exe < 0.01 21,812 K 29,412 K 4392 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVC.EXE < 0.01 6,684 K 15,536 K 2252 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
csrss.exe < 0.01 2,172 K 4,876 K 440 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
IAStorIcon.exe < 0.01 25,304 K 23,348 K 3884 IAStorIcon Intel Corporation (Verified) Intel Corporation
taskhost.exe < 0.01 16,384 K 19,812 K 2216 Host Process for Windows Tasks Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe < 0.01 5,456 K 11,372 K 1952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 6,416 K 14,564 K 632 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 12,056 K 20,572 K 504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 16,016 K 18,116 K 1428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 70,448 K 81,868 K 476 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.01 31,936 K 21,756 K 5016 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe 0.01 14,968 K 13,392 K 3892 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
nusb3mon.exe 0.01 1,772 K 5,888 K 3748 USB 3.0 Monitor Renesas Electronics Corporation (Verified) Renesas Electronics Corporation
svchost.exe 0.01 30,184 K 47,476 K 444 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 13,252 K 17,264 K 6484 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 0.02 2,676 K 5,224 K 5260 Local Manageability Service Intel Corporation (Verified) Intel Corporation
QBDBMgrN.exe 0.02 143,492 K 15,544 K 1984 Intuit Network Database Manager Intuit, Inc. (No signature was present in the subject) Intuit, Inc.
svchost.exe 0.03 5,292 K 11,636 K 796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.03 7,564 K 14,636 K 1444 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
IAStorDataMgrSvc.exe 0.05 18,596 K 16,512 K 5464 IAStorDataSvc Intel Corporation (Verified) Intel Corporation
GoogleDesktop.exe 0.09 21,408 K 9,136 K 3964 Google Desktop Google (Verified) Google Inc
Apoint.exe 0.12 2,716 K 9,712 K 2692 Alps Pointing-device Driver Alps Electric Co., Ltd. (Verified) Alps Electric Co.
ApMsgFwd.exe 0.16 2,032 K 5,456 K 6084 ApMsgFwd Alps Electric Co., Ltd. (Verified) Alps Electric Co.
explorer.exe 0.22 46,676 K 72,332 K 2332 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
accuweather.exe 0.33 115,300 K 3,412 K 112 AccuWeather.com desktop weather widget (No signature was present in the subject)
mbam.exe 0.43 35,228 K 56,600 K 612 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
ApntEx.exe 0.63 1,944 K 5,304 K 5276 Alps Pointing-device Driver for Windows NT/2000/XP/Vista Alps Electric Co., Ltd. (Verified) Alps Electric Co.
csrss.exe 0.70 3,072 K 27,884 K 588 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
System 0.97 212 K 1,616 K 4
Interrupts 1.23 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 1.43 91,880 K 72,908 K 2272 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
firefox.exe 2.03 336,172 K 318,948 K 4808 Firefox Mozilla Corporation (Verified) Mozilla Corporation
MsMpEng.exe 4.11 142,012 K 167,656 K 968 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
procexp64.exe 4.32 28,148 K 49,452 K 4652 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
CCleaner64.exe 20.58 14,740 K 9,760 K 4928 CCleaner Piriform Ltd (Verified) Piriform Ltd
System Idle Process 62.40 0 K 24 K 0
I think you misunderstood what I wanted with the Fixlist. Once you down load it to the same folder as FRST you need to start up FRST then hit the FIX button not the Scan button.
Uninstall CCLeaner. It's hogging the CPU:
CCleaner64.exe 20.58 14,740 K 9,760 K 4928 CCleaner Piriform Ltd (Verified) Piriform Ltd
Uninstall these:
Lexmark 3500-4500 Series
You have Microsoft Office 2010 installed but still have
Microsoft Office Click-to-Run 2010
I do not think you need both and Click to Run is causing problems so please uninstall it.
Log: 'Application' Date/Time: 21/06/2016 8:30:53 PMType: Error Category: 0Event: 10 Source: Microsoft-Windows-WMIEvent filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
To fix these:
Log: 'System' Date/Time: 24/06/2016 4:28:08 PMType: Warning Category: 0Event: 1014 Source: Microsoft-Windows-DNS-ClientName resolution for the name wpad.fios-router.home timed out after none of the configured DNS servers responded.
Open Internet Explorer, click on the gear icon in the upper right. Click on Internet Options then on Connections then on LAN Settings then UNCHECK all boxes then OK. Close IE.
Download the attached prolist.zip file and Save it.
[attachment=81624:prolist.zip]
Right click on the file and Extract All. Find prolist.reg and right click on it and Merge.
This should fix these errors:
Log: 'Application' Date/Time: 24/06/2016 12:06:50 PMType: Error Category: 0Event: 8193 Source: VSSVolume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid. .Operation:OnIdentify eventGathering Writer DataContext:Execution Context: Shadow Copy Optimization WriterWriter Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}Writer Name: Shadow Copy Optimization WriterWriter Instance ID: {befcefa3-b50d-4e2c-8193-a79d2eca18c8}
I did an FRST Fix and now my keyboard is not working and the computer
is slow.
Should I do a system restore?
Ok I did one system restore and its good again.
Apparently they moved it. Try https://support.micr...n-us/kb/2545227
Not sure what happend with the fixlist. Can you find a fixlist.txt file?
Still not finding FIX It from the link
FRST logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02
Ran by Luke (administrator) on RPLUKE-PC (27-06-2016 10:09:27)
Running from C:\Users\Luke\Desktop
Loaded Profiles: QBDataServiceUser24 & Luke (Available Profiles: Richard P. Luke & QBDataServiceUser24 & Luke)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
( ) C:\Windows\System32\lxdicoms.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
() C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [lxdimon.exe] => C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe [434856 2009-04-27] ()
HKLM\...\Run: [lxdiamon] => C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe [25256 2009-04-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055816 2011-05-30] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3775800 2014-06-26] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [MapsGalaxy EPM Support] => "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [MapsGalaxy AppIntegrator 64-bit] => C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [MapsGalaxy AppIntegrator 32-bit] => C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-10-08] (Google)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-05-30] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\...\Run: [Google Update] => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-17] (Google Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-10-08] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2014-10-10]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2014-10-10]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2014-10-10]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2586DD56-5E75-4A1E-B93F-90A97320C324}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8184F250-DCBA-43B6-A3C2-6B773F6C6F7E}: [DhcpNameServer] 192.168.1.1 71.250.0.12
Internet Explorer:
==================
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.com/
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2233979149-4233434921-1847507767-1006 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=PhCGb1TUaj3O1lvSLKwwzAxWCus?q={searchTerms}
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho.dll [2010-05-03] ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2011-05-05] (Cozi Group, Inc.)
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll [2012-05-12] (Intuit, Inc.)
Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2014-12-10] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sq7f9n4y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-05-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-31]
CHR Extension: (Google Drive) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Google Search) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-25]
CHR Extension: (No Name) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2016-06-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-25]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-10-08] (Google)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 lxdi_device; C:\windows\system32\lxdicoms.exe [876976 2007-06-11] ( )
R2 lxdi_device; C:\windows\SysWOW64\lxdicoms.exe [517040 2007-06-11] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-12-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2014-06-26] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2014-06-26] (Intuit Inc.) [File not signed]
R3 QuickBooksDB24; C:\Program Files (x86)\Intuit\QuickBooks 2014\QBDBMgrN.exe [679936 2014-06-26] (Intuit, Inc.) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 CarboniteService; "C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-27 10:09 - 2016-06-27 10:09 - 00000000 ____D C:\Users\Luke\Desktop\FRST-OlderVersion
2016-06-25 16:25 - 2016-06-25 16:25 - 00000000 ____D C:\Users\Luke\AppData\Local\ElevatedDiagnostics
2016-06-25 15:46 - 2016-06-25 15:59 - 00019859 _____ C:\Users\Luke\Desktop\Fixlog.txt
2016-06-25 09:43 - 2016-06-25 09:43 - 00892561 _____ C:\Users\Luke\Desktop\RPLUKE-PC.txt
2016-06-25 09:41 - 2016-06-25 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-06-25 09:40 - 2016-06-25 17:29 - 00000000 ____D C:\Program Files\Speccy
2016-06-25 09:40 - 2016-06-25 09:40 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-25 09:39 - 2016-06-25 09:45 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-25 09:35 - 2016-06-25 09:36 - 05111240 _____ (Piriform Ltd) C:\Users\Luke\Downloads\spsetup129.exe
2016-06-25 09:33 - 2016-06-25 09:33 - 00011784 _____ C:\Users\Luke\Desktop\System Idle Process.txt
2016-06-25 09:25 - 2016-06-25 09:25 - 00018063 _____ C:\Users\Luke\Desktop\VEW application.txt
2016-06-25 09:22 - 2016-06-25 09:22 - 00012537 _____ C:\Users\Luke\Desktop\VEW.txt
2016-06-25 09:21 - 2016-06-25 09:24 - 00018063 _____ C:\VEW.txt
2016-06-25 09:18 - 2016-06-25 09:18 - 00000000 _____ C:\Program
2016-06-25 08:43 - 2016-06-27 10:10 - 00018756 _____ C:\Users\Luke\Desktop\FRST.txt
2016-06-24 08:08 - 2016-06-24 08:08 - 00000000 ____D C:\1f4c50587cad276d64e2796ec98ebf41
2016-06-21 16:22 - 2016-06-21 16:23 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC\AppData\Roaming\Mozilla
2016-06-21 16:22 - 2016-06-21 16:22 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC\AppData\Local\Mozilla
2016-06-21 15:49 - 2016-06-21 15:49 - 00000000 ____D C:\Users\Luke\AppData\LocalLow\Sun
2016-06-21 15:41 - 2016-06-21 15:41 - 00000000 ____D C:\Users\Luke\AppData\Roaming\HpUpdate
2016-06-21 15:39 - 2016-06-21 15:39 - 00000000 ____D C:\Users\Luke\AppData\Local\Dell
2016-06-21 15:37 - 2016-06-21 15:37 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Roxio
2016-06-21 15:37 - 2016-06-21 15:37 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Fingertapps
2016-06-21 15:37 - 2016-06-21 15:37 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Dell
2016-06-21 15:36 - 2016-06-21 15:36 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Intel Corporation
2016-06-21 15:36 - 2016-06-21 15:36 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Dell Touch Zone
2016-06-20 12:22 - 2016-06-20 12:24 - 00041717 _____ C:\Users\Luke\Downloads\Addition.txt
2016-06-20 12:19 - 2016-06-25 08:48 - 00050281 _____ C:\Users\Luke\Downloads\FRST.txt
2016-06-20 12:18 - 2016-06-27 10:09 - 00000000 ____D C:\FRST
2016-06-20 12:17 - 2016-06-27 10:09 - 02389504 _____ (Farbar) C:\Users\Luke\Desktop\FRST64.exe
2016-06-20 12:04 - 2016-06-20 12:04 - 01610816 _____ (Malwarebytes) C:\Users\Luke\Downloads\JRT.exe
2016-06-20 11:48 - 2016-06-25 17:29 - 00000000 ____D C:\AdwCleaner
2016-06-20 11:48 - 2016-06-20 11:48 - 03703360 _____ C:\Users\Luke\Downloads\AdwCleaner(1).exe
2016-06-20 11:46 - 2016-06-20 11:46 - 03703360 _____ C:\Users\Luke\Downloads\AdwCleaner.exe
2016-06-20 11:44 - 2016-06-20 11:44 - 00000000 ____D C:\Users\Luke\AppData\Local\Macromedia
2016-06-20 11:38 - 2016-06-20 11:45 - 00000000 ____D C:\Users\Luke\AppData\Local\Mozilla
2016-06-20 11:38 - 2016-06-20 11:39 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Mozilla
2016-06-20 11:37 - 2016-06-20 11:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-20 11:37 - 2016-06-20 11:37 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-20 11:37 - 2016-06-20 11:37 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-20 11:37 - 2016-06-20 11:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-20 11:35 - 2016-06-20 11:36 - 00242136 _____ C:\Users\Luke\Desktop\Firefox Setup Stub 47.0.exe
2016-06-17 20:23 - 2016-05-23 19:37 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-06-17 20:23 - 2016-05-23 18:54 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-06-17 20:23 - 2016-05-21 12:57 - 20341248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-06-17 20:23 - 2016-05-20 18:27 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-06-17 20:23 - 2016-05-20 18:27 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-06-17 20:23 - 2016-05-20 18:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-06-17 20:23 - 2016-05-20 18:10 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-06-17 20:23 - 2016-05-20 18:09 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-17 20:23 - 2016-05-20 18:09 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-06-17 20:23 - 2016-05-20 18:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-06-17 20:23 - 2016-05-20 18:08 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-17 20:23 - 2016-05-20 18:08 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-06-17 20:23 - 2016-05-20 18:02 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-17 20:23 - 2016-05-20 18:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-06-17 20:23 - 2016-05-20 17:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-06-17 20:23 - 2016-05-20 17:57 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-06-17 20:23 - 2016-05-20 17:56 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-06-17 20:23 - 2016-05-20 17:56 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-06-17 20:23 - 2016-05-20 17:55 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-06-17 20:23 - 2016-05-20 17:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-06-17 20:23 - 2016-05-20 17:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-06-17 20:23 - 2016-05-20 17:50 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-06-17 20:23 - 2016-05-20 17:49 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-06-17 20:23 - 2016-05-20 17:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-06-17 20:23 - 2016-05-20 17:45 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-06-17 20:23 - 2016-05-20 17:45 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-06-17 20:23 - 2016-05-20 17:44 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-06-17 20:23 - 2016-05-20 17:44 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-06-17 20:23 - 2016-05-20 17:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-06-17 20:23 - 2016-05-20 17:41 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-06-17 20:23 - 2016-05-20 17:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-06-17 20:23 - 2016-05-20 17:33 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-06-17 20:23 - 2016-05-20 17:32 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-06-17 20:23 - 2016-05-20 17:29 - 13815808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-06-17 20:23 - 2016-05-20 17:27 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-06-17 20:23 - 2016-05-20 17:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-17 20:23 - 2016-05-20 17:26 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-06-17 20:23 - 2016-05-20 17:25 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-06-17 20:23 - 2016-05-20 17:23 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-06-17 20:23 - 2016-05-20 17:23 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-06-17 20:23 - 2016-05-20 17:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-06-17 20:23 - 2016-05-20 17:21 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-06-17 20:23 - 2016-05-20 17:19 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-06-17 20:23 - 2016-05-20 17:14 - 04610048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-06-17 20:23 - 2016-05-20 17:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-06-17 20:23 - 2016-05-20 17:11 - 15420928 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-17 20:23 - 2016-05-20 17:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-06-17 20:23 - 2016-05-20 17:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-06-17 20:23 - 2016-05-20 17:09 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-06-17 20:23 - 2016-05-20 17:08 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-06-17 20:23 - 2016-05-20 17:08 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-17 20:23 - 2016-05-20 17:07 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-06-17 20:23 - 2016-05-20 17:07 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-06-17 20:23 - 2016-05-20 17:06 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-06-17 20:23 - 2016-05-20 16:46 - 02597888 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-17 20:23 - 2016-05-20 16:42 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-06-17 20:23 - 2016-05-20 16:38 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-06-17 20:23 - 2016-05-20 16:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-06-17 20:23 - 2016-05-20 16:34 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-17 20:23 - 2016-05-20 16:23 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-06-17 20:22 - 2016-05-21 13:28 - 25802752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-17 20:22 - 2016-05-20 17:28 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-06-17 15:24 - 2016-06-21 16:08 - 00000000 ____D C:\Users\Luke\AppData\Roaming\TeamViewer
2016-06-17 13:04 - 2016-05-18 12:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-06-17 13:04 - 2016-05-18 12:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-17 13:04 - 2016-05-12 13:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-06-17 13:04 - 2016-05-12 13:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-17 13:04 - 2016-05-12 13:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-17 13:04 - 2016-05-12 13:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-06-17 13:04 - 2016-05-12 11:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-17 13:04 - 2016-05-11 13:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-06-17 13:04 - 2016-05-11 11:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-06-17 13:04 - 2016-05-11 11:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-06-17 13:04 - 2016-05-11 11:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-06-17 13:04 - 2016-05-11 10:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-17 13:03 - 2016-05-12 13:20 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-17 13:03 - 2016-05-12 13:20 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-06-17 13:03 - 2016-05-12 13:15 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-06-17 13:03 - 2016-05-12 13:15 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-06-17 13:03 - 2016-05-12 13:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-06-17 13:03 - 2016-05-12 11:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-06-17 13:03 - 2016-05-12 11:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-06-17 13:03 - 2016-05-12 10:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-06-17 13:03 - 2016-05-12 10:58 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-06-17 13:03 - 2016-05-12 10:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-06-17 13:03 - 2016-05-12 10:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-06-17 13:03 - 2016-05-12 10:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-06-17 13:03 - 2016-05-12 09:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-17 13:03 - 2016-05-12 09:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-17 13:03 - 2016-05-12 09:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-06-17 13:02 - 2016-06-06 12:58 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-17 13:02 - 2016-06-06 12:50 - 01204224 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-17 13:02 - 2016-06-03 09:05 - 01413120 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-17 13:02 - 2016-05-27 09:06 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-06-17 13:02 - 2016-05-22 09:06 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-17 13:02 - 2016-05-13 18:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-06-17 13:02 - 2016-05-13 18:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-06-17 13:02 - 2016-05-13 17:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-06-17 13:02 - 2016-05-13 17:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-06-17 13:02 - 2016-05-13 17:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-06-17 13:02 - 2016-05-13 17:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-06-17 13:02 - 2016-05-13 17:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-06-17 13:02 - 2016-05-12 11:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-06-17 13:02 - 2016-05-11 13:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-17 13:02 - 2016-05-11 11:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-06-17 13:02 - 2016-04-09 02:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-06-17 13:02 - 2016-04-09 02:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-06-17 13:02 - 2016-04-09 02:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-06-17 13:02 - 2016-04-09 02:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-06-17 13:02 - 2016-04-09 01:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-17 13:02 - 2016-04-09 01:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-06-17 13:02 - 2016-03-09 15:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-06-17 13:02 - 2016-03-09 14:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-06-17 13:01 - 2016-04-14 12:46 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-06-17 13:01 - 2016-04-14 12:42 - 03243520 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-06-17 13:01 - 2016-04-14 12:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-06-17 13:01 - 2016-04-14 11:33 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-06-17 13:01 - 2016-04-14 11:19 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-06-17 13:01 - 2016-04-14 11:11 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-06-08 17:27 - 2016-06-08 17:27 - 04260592 _____ C:\Users\Luke\Desktop\trim66.7087D436-D603-4598-923A-6C6D86AC154C.MOV
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-27 09:58 - 2013-12-18 11:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-27 09:53 - 2009-07-14 00:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-27 09:53 - 2009-07-14 00:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-27 09:48 - 2014-10-10 15:28 - 00000000 ____D C:\Users\Luke\Desktop\QuickBooksAutoDataRecovery
2016-06-27 09:45 - 2015-06-22 12:23 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-27 09:42 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-27 09:41 - 2011-09-15 10:35 - 00000000 ____D C:\Program Files (x86)\Lexmark Fax Solutions
2016-06-27 09:40 - 2011-09-15 10:31 - 00072493 _____ C:\windows\system32\LexFiles.ulf
2016-06-27 09:40 - 2011-08-24 03:13 - 00000000 ____D C:\Program Files\mcafee
2016-06-27 09:40 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-06-27 09:39 - 2011-08-24 03:13 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-06-27 09:31 - 2011-09-21 11:02 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000UA.job
2016-06-27 08:31 - 2009-07-14 01:13 - 00782470 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-27 08:31 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\NDF
2016-06-27 08:31 - 2009-07-13 23:20 - 00000000 ____D C:\windows\inf
2016-06-26 14:45 - 2011-09-21 11:02 - 00000860 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000Core.job
2016-06-26 11:14 - 2013-03-21 21:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-26 11:14 - 2013-03-21 21:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-25 19:34 - 2013-03-21 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-25 18:04 - 2011-09-11 14:04 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-25 18:04 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-25 18:03 - 2015-06-30 11:20 - 00000000 ____D C:\Users\Luke\AppData\Roaming\SoftGrid Client
2016-06-25 17:35 - 2014-10-10 10:55 - 00000000 ____D C:\Users\QBDataServiceUser24
2016-06-25 17:34 - 2015-06-22 17:19 - 00000000 ____D C:\Users\Luke
2016-06-25 17:33 - 2011-10-08 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop
2016-06-25 17:31 - 2015-04-04 20:56 - 00000000 ___SD C:\windows\system32\GWX
2016-06-25 17:31 - 2011-11-18 10:28 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC
2016-06-25 17:31 - 2011-11-18 10:27 - 00000000 ____D C:\Users\Richard P. Luke
2016-06-25 17:31 - 2011-09-02 10:07 - 00000000 ____D C:\Users\rpluke
2016-06-25 17:30 - 2015-09-08 17:36 - 00000000 ____D C:\Users\Luke\Documents\HpReg_Backup
2016-06-25 17:30 - 2014-11-07 21:33 - 00000000 ____D C:\Users\Luke\Downloads\HP Downloads
2016-06-25 17:30 - 2014-10-20 11:26 - 00000000 ____D C:\quickbooks files
2016-06-25 17:30 - 2012-07-19 13:21 - 00000000 ____D C:\Users\Luke\Desktop\Dad's USB Drive
2016-06-25 17:29 - 2011-10-08 10:15 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-25 17:29 - 2011-09-09 09:08 - 00000000 ____D C:\FIND_EULA_PATH
2016-06-25 17:29 - 2011-08-24 02:38 - 00000000 ____D C:\Program Files\DellTPad
2016-06-25 17:29 - 2009-07-13 23:20 - 00000000 ____D C:\windows\registration
2016-06-25 17:16 - 2015-06-28 21:07 - 00000000 ____D C:\Users\Luke\AppData\Local\Google
2016-06-25 15:57 - 2015-06-29 12:20 - 00000000 ____D C:\Users\Luke\AppData\LocalLow\Temp
2016-06-25 15:50 - 2014-10-22 19:01 - 00000000 ____D C:\Users\rpluke\AppData\LocalLow\Temp
2016-06-21 16:29 - 2015-06-22 17:22 - 00283976 _____ C:\Users\Luke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-21 16:28 - 2009-07-14 00:45 - 00872760 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-21 16:21 - 2011-11-21 08:15 - 00283976 _____ C:\Users\Richard P. Luke.rpluke-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-21 16:07 - 2011-11-18 10:23 - 00000000 ____D C:\ProgramData\Carbonite
2016-06-21 15:57 - 2011-08-24 03:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-21 15:37 - 2011-08-24 03:01 - 00000000 ____D C:\ProgramData\Sonic
2016-06-21 15:36 - 2015-06-22 18:31 - 00000000 ____D C:\Users\Luke\AppData\Local\Intuit
2016-06-21 15:32 - 2015-06-21 15:38 - 00000000 ____D C:\windows\pss
2016-06-19 15:03 - 2009-07-13 23:20 - 00000000 ____D C:\windows\rescache
2016-06-18 13:20 - 2011-11-21 08:15 - 00000000 ____D C:\Users\Richard P. Luke.rpluke-PC\AppData\Local\Google
2016-06-18 11:01 - 2014-12-11 04:35 - 00000000 ____D C:\windows\system32\appraiser
2016-06-17 20:39 - 2013-08-15 03:02 - 00000000 ____D C:\windows\system32\MRT
2016-06-17 20:20 - 2011-09-06 09:21 - 142482544 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-06-16 16:50 - 2013-12-18 11:08 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 16:50 - 2013-12-18 11:08 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 16:50 - 2011-08-24 02:31 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-15 16:40 - 2010-11-20 23:27 - 00484008 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-06-14 19:31 - 2013-12-16 18:29 - 00889344 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.bcf
2016-06-14 19:31 - 2013-12-16 18:29 - 00330643 _____ C:\Users\Luke\Documents\Christmas Card List 2013.mlb
2016-06-14 19:31 - 2013-12-16 18:29 - 00002396 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.fsif
2016-06-14 19:31 - 2013-12-16 18:29 - 00001748 _____ C:\Users\Luke\Documents\Christmas Card List 2013mlb.msif
2016-06-14 07:46 - 2009-07-14 01:08 - 00032616 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-06-02 12:41 - 2009-07-13 23:20 - 00000000 ____D C:\windows\tracing
==================== Files in the root of some directories =======
2013-07-26 14:18 - 2013-07-26 14:18 - 0000057 _____ () C:\ProgramData\Ament.ini
Files to move or delete:
====================
C:\Users\rpluke\jagex_runescape_preferences.dat
C:\Users\rpluke\jagex_runescape_preferences2.dat
Some files in TEMP:
====================
C:\Users\Luke\AppData\Local\Temp\HPPSdr.exe
C:\Users\rpluke\AppData\Local\Temp\Abspdf.exe
C:\Users\rpluke\AppData\Local\Temp\acfpdfu.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuamd64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfui.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuia64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuiamd64.dll
C:\Users\rpluke\AppData\Local\Temp\acfpdfuiia64.dll
C:\Users\rpluke\AppData\Local\Temp\cdintf.dll
C:\Users\rpluke\AppData\Local\Temp\dplinst.exe
C:\Users\rpluke\AppData\Local\Temp\GUR45B7.exe
C:\Users\rpluke\AppData\Local\Temp\GURC68D.exe
C:\Users\rpluke\AppData\Local\Temp\install_reader11_en_gtbp_chrd_aih.exe
C:\Users\rpluke\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\rpluke\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\rpluke\AppData\Local\Temp\PDFPRT400.exe
C:\Users\rpluke\AppData\Local\Temp\setup.exe
C:\Users\rpluke\AppData\Local\Temp\utz_bhus.dll
C:\Users\rpluke\AppData\Local\Temp\xmllite.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-19 14:54
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
Ran by Luke (2016-06-27 10:11:37)
Running from C:\Users\Luke\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-02 14:07:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2233979149-4233434921-1847507767-500 - Administrator - Disabled)
Guest (S-1-5-21-2233979149-4233434921-1847507767-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2233979149-4233434921-1847507767-1002 - Limited - Enabled)
Luke (S-1-5-21-2233979149-4233434921-1847507767-1006 - Administrator - Enabled) => C:\Users\Luke
QBDataServiceUser24 (S-1-5-21-2233979149-4233434921-1847507767-1005 - Limited - Enabled) => C:\Users\QBDataServiceUser24
Richard P. Luke (S-1-5-21-2233979149-4233434921-1847507767-1004 - Limited - Enabled) => C:\Users\Richard P. Luke.rpluke-PC
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
Active@ UNDELETE (HKLM-x32\...\Active@ UNDELETE) (Version: - )
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Citrix Online Launcher (HKLM-x32\...\{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}) (Version: 1.0.135 - Citrix)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{89263C19-557E-4D23-AAD7-113F6175DFC1}) (Version: 1.5.402.0 - Fingertapps)
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{39D06E77-8921-4056-8901-36D0035BAECA}) (Version: 1.5.420.0 - Fingertapps)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Update (HKLM-x32\...\{3F862535-33F3-4F3F-864E-6D4F6FD3258D}) (Version: 1.5.2000.0 - Dell Inc.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DJ3525FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark 3500-4500 Series (HKLM\...\Lexmark 3500-4500 Series) (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyLabel Designer Deluxe (HKLM-x32\...\{9D9C6FD3-1B43-43D7-AA90-94E643A312BD}) (Version: 8.0.0.0 - Avanquest USA, LLC)
MySoftware Fonts (HKLM-x32\...\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}) (Version: - )
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
QuickBooks (x32 Version: 19.0.4013.705 - Intuit Inc.) Hidden
QuickBooks (x32 Version: 24.0.4008.2403 - Intuit Inc.) Hidden
QuickBooks Pro 2009 (HKLM-x32\...\{9A2F0810-3622-4E86-9072-973FBE1679C5}) (Version: 19.0.4013.705 - Intuit Inc.)
QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4007.2403 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.20 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11C4BCB3-8A1C-4368-B46C-52905D4403C2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000UA => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {26E617DA-163A-4F66-9ED3-D18DD288DDF8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {2CDE5F3D-7D9E-47F0-A672-29A6C490909A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {444C5634-3F5A-4396-B7F1-82B27BEA3BF0} - System32\Tasks\HP AR Program Upload - dd2e32d36bfe40a8b0cf07d42bd4d6bda15b567946f544b9949c33df5709b460 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {674F62FD-D05C-48F3-9426-1A1903AE89D2} - System32\Tasks\HP AR Program Upload - 6d2525a27ac8449180447fcae82a2d22da66b744b29f49dd8f7d8fa00bd0b9fd => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {7ECA217F-5EE4-4560-B3AF-526CFF0F0A60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000Core => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {96C07585-2EAF-4114-9CAC-877B5F0850E2} - System32\Tasks\HP AR Program Upload - 76c7104eb58a416aa85a7ca45c9fb712aef1dcc13fdb43eaa35083e39f220e7b => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {AE7CFAA2-DBE3-4DBF-A406-0785460148B8} - System32\Tasks\HP AR Program Upload - e0d9687ddc9f4a35a00d0350b09537311c9d80ef6c914328950fdeb93110cd84 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {D941DBEE-4100-4D21-97AC-1C223C3A411D} - System32\Tasks\HP AR Program Upload - 1eb4c2c179694a67862cbc719146cc70331380debe5d469aa3a893b8cd2f0634 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {DF0BD2CB-9181-4963-9944-BC77E569EC70} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)
Task: {E58A50C8-9C7C-4ADF-BC37-7EE3E50A46F6} - System32\Tasks\HP AR Program Upload - 70005777ff9e4cb883863b5be266bc003b494f40cae8441999dec37560dc9b31 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {FAE2DFEB-6B9B-4BBF-AADB-65428518989D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000Core.job => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233979149-4233434921-1847507767-1000UA.job => C:\Users\rpluke\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Public\Desktop\Checks & More for QuickBooks.lnk -> hxxp://www.intuitmarket.com/Desktop08 (No File)
==================== Loaded Modules (Whitelisted) ==============
2010-12-17 14:53 - 2010-12-17 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-09-15 10:36 - 2007-02-22 03:15 - 00045056 _____ () C:\windows\System32\LXF3PMON.DLL
2011-09-15 10:36 - 2006-11-07 11:02 - 00036864 _____ () C:\windows\System32\LXF3OEM.DLL
2011-09-15 10:36 - 2007-02-22 03:15 - 00003584 _____ () C:\windows\System32\LXF3PMRC.DLL
2012-03-18 14:05 - 2007-03-15 23:11 - 00138240 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxdidrpp.dll
2007-02-07 03:31 - 2007-02-07 03:31 - 01389568 _____ () C:\windows\system32\spool\DRIVERS\x64\3\lxdiptpc.dll
2007-03-15 23:12 - 2007-03-15 23:12 - 00180224 _____ () C:\windows\system32\spool\DRIVERS\x64\3\lxdidrui.dll
2011-08-24 04:46 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-03-18 14:03 - 2009-04-27 13:30 - 00434856 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
2012-03-18 14:03 - 2009-04-27 13:30 - 00025256 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
2010-11-17 11:35 - 2010-11-17 11:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-05-30 10:30 - 2011-05-30 10:30 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2012-03-18 14:03 - 2007-03-23 15:41 - 00278528 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiscw.dll
2012-03-18 14:03 - 2007-03-05 10:45 - 00589824 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdidatr.dll
2012-03-18 14:03 - 2006-12-28 11:47 - 00073728 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdicats.dll
2012-03-18 14:03 - 2007-05-02 05:11 - 00040960 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.Monitor.Core.dll
2012-03-18 14:03 - 2007-05-02 05:11 - 00028672 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.Monitor.Common.dll
2012-03-18 14:03 - 2007-05-02 05:10 - 00057344 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.dll
2012-03-18 14:03 - 2007-04-30 08:19 - 00020480 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.DevMons.NetworkCardDevMon.dll
2012-03-18 14:03 - 2007-04-30 08:19 - 00020480 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.DevMons.ScanDevMon.dll
2012-03-18 14:03 - 2007-04-30 08:20 - 00011776 _____ () C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
2014-12-10 07:29 - 2014-12-10 07:29 - 00623432 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\boost_regex-vc100-mt-1_47.dll
2014-12-10 07:30 - 2014-12-10 07:30 - 00021320 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBCompressor.dll
2014-06-26 06:42 - 2014-06-26 06:42 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\zlib1.dll
2014-12-10 07:30 - 2014-12-10 07:30 - 00149320 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBMAPILibrary.dll
2014-12-10 07:29 - 2014-12-10 07:29 - 00247112 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\boost_serialization-vc100-mt-1_47.dll
2014-12-10 07:29 - 2014-12-10 07:29 - 00623944 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\FtuEngine.dll
2014-12-10 07:29 - 2014-12-10 07:29 - 00582472 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\BackupLib.dll
2014-12-10 07:30 - 2014-12-10 07:30 - 00142664 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBProActiveCore.dll
2014-12-10 07:29 - 2014-12-10 07:29 - 00791880 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\FeaturesBridge.dll
2014-12-10 07:30 - 2014-12-10 07:30 - 00043848 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\mbpopup.dll
2010-11-24 23:44 - 2010-11-24 23:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2011-05-30 10:25 - 2011-05-30 10:25 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2011-05-30 10:25 - 2011-05-30 10:25 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2016-05-12 09:36 - 2016-05-12 09:36 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f1b815cf32572cea383bc47659c174fa\IsdiInterop.ni.dll
2011-08-24 02:30 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ntrexeservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2233979149-4233434921-1847507767-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{079215A6-BF79-4459-8886-5EBC2B5DB96E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{EF5B6C4F-EAEE-4450-9E6B-34A3A7AD617D}] => (Allow) C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{3964FFF7-1505-4795-9C22-2FDA598B9456}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE784847-1C86-4196-BD48-66BA38354734}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7A796783-E2A7-44F3-9227-D4FD620E10C6}] => (Allow) LPort=2869
FirewallRules: [{FE1805EB-EC81-4973-95D3-692D36E2E53D}] => (Allow) LPort=1900
FirewallRules: [{808C7C1B-DA7D-4046-8B02-6C47E121F8C6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{063E5A9D-4C1C-42E6-A363-338EDC3E3291}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2FC72722-6563-4D15-9932-CB7BD0AB6F69}] => (Allow) C:\Windows\SysWOW64\lxdicoms.exe
FirewallRules: [{95AF1FD2-3071-446F-B5E2-689A1769A4FC}] => (Allow) C:\Windows\SysWOW64\lxdicoms.exe
FirewallRules: [TCP Query User{F37DE1F0-5B7C-42FF-949D-A1650B68A7E3}C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe
FirewallRules: [UDP Query User{CFEFEC3F-C83C-4B36-8888-C406532ABAE0}C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe
FirewallRules: [TCP Query User{9A67A706-9EC6-4609-8F86-3C757010A078}C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe] => (Allow) C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe
FirewallRules: [UDP Query User{468659C3-FD6B-4A15-9547-AC39C78EEE05}C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe] => (Allow) C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe
FirewallRules: [{F6DC4C70-C457-474A-91E3-327A0FD6738C}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\TroubleShooter.exe
FirewallRules: [{A5322586-2D4E-44B5-A436-E2577A83AAAC}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\TroubleShooter.exe
FirewallRules: [{A7E9D9FE-EE7E-4C93-BB3F-8B95F092ECD7}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\ToolbarUpdate.exe
FirewallRules: [{8B80A696-81CC-452A-822A-3AA1E1C6B273}] => (Allow) C:\Program Files (x86)\Dogpile Bundle Toolbar\ToolbarUpdate.exe
FirewallRules: [{7899ABE3-E347-42F9-A9E2-7D27FF4C8C51}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{2BC0CBEC-F6DC-4316-9C02-D992B9B43532}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{C9413B91-66FE-4355-A565-7F2458DF79D0}] => (Allow) C:\Program Files (x86)\Lexmark Fax Solutions\FaxCtr.exe
FirewallRules: [{7DE07FEF-D64C-4BF9-9E01-5AC694E9A7B8}] => (Allow) C:\Program Files (x86)\Lexmark Fax Solutions\FaxCtr.exe
FirewallRules: [{3393369D-64BA-4D99-9305-F69FCEA7A8A1}] => (Allow) C:\Windows\System32\lxdicoms.exe
FirewallRules: [{B32873C6-2F12-4403-BC4F-235D69E57A8C}] => (Allow) C:\Windows\System32\lxdicoms.exe
FirewallRules: [{4E4ADBF0-8EF1-4390-910B-627C0F5F03F0}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
FirewallRules: [{8C0F74C2-A5D9-4303-8281-3988F60EB191}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
FirewallRules: [{2DC415E6-9BDE-48D2-BC2C-CB8A3725B6CD}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.exe
FirewallRules: [{ECF96635-2407-41CA-B95F-9B6A98E269B1}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\App4R.exe
FirewallRules: [{CC22EBB9-8566-432A-9513-33DA4C8404C7}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
FirewallRules: [{8ACB1EFE-B7A8-4CA5-BDC9-D60A9BB43B26}] => (Allow) C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
FirewallRules: [{0AE9C3A0-30BB-42F0-9910-C566BAF44146}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdipswx.exe
FirewallRules: [{ED301484-C6DB-49FA-AE29-BF0F0502CD2D}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdipswx.exe
FirewallRules: [{9BEE3BFC-FAD4-464B-9A3F-62D777F25827}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxditime.exe
FirewallRules: [{3FF5C28E-AF83-404F-9883-B377B63D8ECF}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxditime.exe
FirewallRules: [TCP Query User{12DE12EB-AC98-4F32-B093-B2874E82F10B}C:\program files (x86)\lexmark 3500-4500 series\app4r.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\app4r.exe
FirewallRules: [UDP Query User{7FDC8DF9-FB38-4A14-B8DD-4EF44C4A2A1D}C:\program files (x86)\lexmark 3500-4500 series\app4r.exe] => (Block) C:\program files (x86)\lexmark 3500-4500 series\app4r.exe
FirewallRules: [{09002221-659D-4010-847A-66A9FFDE31F5}] => (Allow) C:\Users\rpluke\AppData\Local\Temp\7zS3B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{E9E1D0E8-8D0E-40E0-921B-3AF31D65498B}] => (Allow) C:\Users\rpluke\AppData\Local\Temp\7zS3B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{0B585A8D-71B6-475C-AF20-0C009F2AB9B4}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{2DDF5073-E980-4BC9-9723-31A59DF65904}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{606A2E2D-B46F-407A-8C02-15FB53393830}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DCC4C21C-C5AC-4D1A-BBC9-493C759841B5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A6097FE0-F416-4A39-BDAE-5A7357007BD3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{D575371B-1787-431A-96D4-556838FB5AFB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E0EBF8E7-2245-4FB1-9FE8-728D35E66386}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D4CEF7DC-38AF-450C-84CC-8D33E3F17FBE}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0DC1\HPDiagnosticCoreUI.exe
FirewallRules: [{D5729D92-8CBC-4F89-8C2E-4F9203FF844E}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0DC1\HPDiagnosticCoreUI.exe
FirewallRules: [{06401AFB-6083-47FB-BE89-3B1C591E55BD}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0E5E\HPDiagnosticCoreUI.exe
FirewallRules: [{D831BA0C-5BB8-4EDC-8DC5-C6FBF07100F3}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS0E5E\HPDiagnosticCoreUI.exe
FirewallRules: [{335171AA-0E6C-4B20-83C8-A1649F8DC453}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS453C\HPDiagnosticCoreUI.exe
FirewallRules: [{B4BB8DFD-D915-481B-B621-287D903063E8}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS453C\HPDiagnosticCoreUI.exe
FirewallRules: [{86FFFB19-12A8-496C-9B8D-4F05330994AF}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5D7D\HPDiagnosticCoreUI.exe
FirewallRules: [{6988605F-CC62-40C4-9F69-F4AB8FEBA928}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5D7D\HPDiagnosticCoreUI.exe
FirewallRules: [{70E434C9-E424-4941-9672-4F09C16D0FCD}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5DF9\HPDiagnosticCoreUI.exe
FirewallRules: [{2267C23E-E837-4C15-9FA0-D86BC748258F}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS5DF9\HPDiagnosticCoreUI.exe
FirewallRules: [{147D715F-5D23-400C-B6C3-9385CB53A5A3}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS62DB\HPDiagnosticCoreUI.exe
FirewallRules: [{E6F25767-36A2-4D20-BC4B-E5D443A26A82}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS62DB\HPDiagnosticCoreUI.exe
FirewallRules: [{F4A72FA3-5AA9-4101-B8A7-84FF699BFC95}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS7D97\HPDiagnosticCoreUI.exe
FirewallRules: [{F625FE3E-A002-4B91-8EC7-A6BBEBB0ACA8}] => (Allow) C:\Users\Luke\AppData\Local\Temp\7zS7D97\HPDiagnosticCoreUI.exe
FirewallRules: [{70937669-BFCB-454D-9CB1-66DBF5B5A815}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7E591D6-46E9-42C5-8A33-7C07FDD14CED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
17-06-2016 20:08:22 Windows Update
18-06-2016 11:12:40 Windows Update
20-06-2016 12:06:20 JRT Pre-Junkware Removal
21-06-2016 15:25:05 Windows Update
21-06-2016 15:56:12 Removed Skype Toolbars
21-06-2016 15:57:06 Removed Skype Toolbars
21-06-2016 15:57:41 Removed SlimCleaner Plus
21-06-2016 15:58:38 Removed Java 7 Update 21
21-06-2016 16:05:30 Removed Java 6 Update 24 (64-bit)
24-06-2016 08:06:49 Windows Update
24-06-2016 08:16:55 Windows Update
25-06-2016 17:09:15 Restore Operation
25-06-2016 17:41:16 Removed Microsoft Office Enterprise 2007
25-06-2016 17:52:00 Windows Update
25-06-2016 18:03:27 Removed Microsoft Office Click-to-Run 2010
25-06-2016 19:31:29 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/27/2016 09:43:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2016 03:00:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18347 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2120
Start Time: 01d1cfdc9f002cc8
Termination Time: 140
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:
Error: (06/26/2016 02:57:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18347 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1a90
Start Time: 01d1cfbebee33941
Termination Time: 199
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:
Error: (06/26/2016 11:52:25 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/26/2016 11:17:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2016 07:31:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9b61188a-85b7-499c-853d-af18ef833c12}
Error: (06/25/2016 06:08:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2016 06:03:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {b0c915ed-a495-4220-aa3c-1f424caece4d}
Error: (06/25/2016 05:52:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2233979149-4233434921-1847507767-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {831031b4-73d0-4bc5-8692-7a5045c72d70}
Error: (06/25/2016 05:49:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program setup.exe version 12.0.6606.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 11cc
Start Time: 01d1cf2a3513f430
Termination Time: 0
Application Path: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe
Report Id:
System errors:
=============
Error: (06/27/2016 09:48:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Intel® Management and Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error:
%%193
Error: (06/27/2016 09:48:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:46:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:45:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® PROSet/Wireless Registry Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:45:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® PROSet/Wireless Registry Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:45:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® PROSet/Wireless Registry Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:45:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® PROSet/Wireless Registry Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:45:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® PROSet/Wireless Registry Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:44:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® PROSet/Wireless Registry Service service failed to start due to the following error:
%%193
Error: (06/27/2016 09:44:29 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 193RegSrvc-Service{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}
==================== Memory info ===========================
Processor: Intel® Pentium® CPU B940 @ 2.00GHz
Percentage of memory in use: 71%
Total physical RAM: 2979.17 MB
Available physical RAM: 839.05 MB
Total Virtual: 5956.53 MB
Available Virtual: 3319.93 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:206.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 71895B4D)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Try this one:
https://support.micr...n-us/kb/2545227
That's where it is today.
Rerun AdwCleaner again as before.
still no download link for FIX IT
# AdwCleaner v5.200 - Logfile created 27/06/2016 at 12:01:28
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Luke - RPLUKE-PC
# Running from : C:\Users\Luke\Downloads\AdwCleaner.exe
# Option : Scan
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4906 bytes] - [20/06/2016 11:54:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [4545 bytes] - [20/06/2016 11:49:21]
C:\AdwCleaner\AdwCleaner[S2].txt - [788 bytes] - [27/06/2016 12:01:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [860 bytes] ##########
OK. I see now that they have dropped the fixit. Let's do it the hard way.
Download the attached fix10.zip file.
[attachment=81663:fix10.zip]
Save it then right click on it and Extract All. Extract. Right click on fix10.vbs and Run As Administrator.
Let's try another fixlist. This one should not need to reboot.
Right Click on FIX10 only options are Extract Files, Extract Here, Extract to fix10
Also,
When you say run FRST do you mean Scan?
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.