Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Think I'm Infected?


  • This topic is locked This topic is locked
1 reply to this topic

#1 twiggy1214

twiggy1214

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 07 March 2015 - 08:09 AM

Periodically when I am using Internet Explorer or Google Chrome, I am getting random popups for no reason other than I may be trying to print something.  Instead of bringing up the print screen, it brings up a popup window with an ad.  I have run SUPERantispyware and Malwarebytes and cleaned all the random things they have found, but then a few days later, it will startup again.  Any help would be greatly appreciated.  I am posting the Farbar recovery scans to this post.  I have also run Windows Defender and that has found nothing.  I am running Windows 8.1 64-bit on my computer.  Thank you in advance.  
 
Cheryl
 


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by Cheryl (administrator) on CHERYL-WORK on 07-03-2015 08:04:55
Running from C:\Users\Cheryl\Desktop
Loaded Profiles: Cheryl (Available profiles: Cheryl)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Dell Inc.) C:\Program Files (x86)\DELL\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(DELL INC.) C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(DELL INC.) C:\Program Files (x86)\DELL\DELLOSD\DELLOSD.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Genie-soft) C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
(Dell) C:\Users\Cheryl\AppData\Local\Apps\2.0\4LOB6BA3.1YL\YEN6VEGK.610\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(John Taylor & Associates) C:\Program Files (x86)\Snappy Fax Version 5\sf5.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-08-09] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2014-12-23] (Google)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_25\bin\jusched.exe"
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-08-12] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-28] (SUPERAntiSpyware)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [GoogleChromeAutoLaunch_62F6791B316C2135405725A1F90AAFC3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [GBMPro9Agent] => C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe [250456 2012-05-29] (Genie-soft)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [LaplinkOffers] => C:\Program Files (x86)\Laplink\PCmover\ThirdParty\LaplinkOffers.exe [579432 2014-06-02] (Laplink Software, Inc.)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [Snappy Fax] => [X]
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Run: [DellSystemDetect] => C:\Users\Cheryl\AppData\Local\Apps\2.0\4LOB6BA3.1YL\YEN6VEGK.610\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [276776 2015-01-07] (Dell)
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\Winlogon: [Shell] C:\WINDOWS\EXPLORER.EXE [2501368 2014-10-28] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2014-12-23] (Google)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://att.yahoo.com/
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3069631454-2324491217-872186414-1001 -> {0D4BCFA3-A40C-4230-BF92-BEECF78A7ABD} URL = https://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20141252,20028,0,31,0
SearchScopes: HKU\S-1-5-21-3069631454-2324491217-872186414-1001 -> {84F7F779-E205-4BB4-A951-FBDC5EA68BC3} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3069631454-2324491217-872186414-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3069631454-2324491217-872186414-1001 -> No Name - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3069631454-2324491217-872186414-1001: @nsroblox.roblox.com/launcher -> C:\Users\Cheryl\AppData\Local\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3069631454-2324491217-872186414-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Cheryl\AppData\Local\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy64.dll ( ROBLOX Corporation)
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Cheryl\AppData\Local\Google\Chrome\User Data\Default
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Agent; C:\WINDOWS\VPDAgent_x64.exe [156672 2012-10-01] (Two Pilots) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-08-12] (Windows ® Win 7 DDK provider) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [73728 2013-05-10] () [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2014-12-23] (Google)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
S3 LWWLicenseService; C:\Program Files (x86)\Common Files\WoltersKluwerLWW Shared\Service\LWWLicenseService.exe [79360 2014-12-23] (WoltersKluwerLWW) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-21] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-07-15] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-08-12] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R3 FintekCIR; C:\Windows\System32\drivers\FintekCIR.sys [33064 2013-07-23] (Fintek)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 MODEMCSA; C:\Windows\system32\drivers\MODEMCSA.sys [24064 2014-10-28] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 usbkey; C:\Windows\System32\drivers\USBKey64.sys [40288 2014-12-20] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-07 07:17 - 2015-03-07 07:17 - 00000000 ___RD () C:\Users\Cheryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-03-05 13:23 - 2015-03-05 13:23 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-03 11:22 - 2015-03-03 11:23 - 00035900 _____ () C:\Users\Cheryl\Desktop\Addition.txt
2015-03-03 11:21 - 2015-03-07 08:04 - 00019866 _____ () C:\Users\Cheryl\Desktop\FRST.txt
2015-03-03 11:21 - 2015-03-07 08:04 - 00000000 ____D () C:\FRST
2015-03-03 11:06 - 2015-03-03 11:06 - 02092544 _____ (Farbar) C:\Users\Cheryl\Desktop\FRST64.exe
2015-03-02 20:36 - 2015-03-02 20:36 - 00000000 ____D () C:\Users\Cheryl\AppData\Roaming\CyberLink
2015-03-02 20:36 - 2015-03-02 20:36 - 00000000 ____D () C:\Users\Cheryl\AppData\Local\CyberLink
2015-03-01 22:01 - 2015-03-01 22:01 - 00000896 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2015-03-01 21:55 - 2015-03-05 09:09 - 00000664 _____ () C:\WINDOWS\PFRO.log
2015-03-01 21:55 - 2015-03-05 09:09 - 00000232 _____ () C:\WINDOWS\setupact.log
2015-03-01 21:55 - 2015-03-01 21:55 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-01 20:24 - 2015-03-01 20:24 - 00000016 _____ () C:\WINDOWS\system32\config\software.szfi
2015-02-27 07:41 - 2015-03-03 10:35 - 00000000 ____D () C:\ProgramData\STOPzilla!
2015-02-27 07:39 - 2015-02-27 07:39 - 00593488 _____ () C:\Users\Cheryl\Downloads\STOPzillaAVM_Setup.exe
2015-02-26 19:13 - 2015-03-07 07:37 - 00926471 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-26 19:13 - 2015-02-26 19:13 - 04176437 _____ () C:\Users\Cheryl\Downloads\tdsskiller (1).zip
2015-02-25 09:49 - 2015-02-25 09:49 - 05325696 _____ (Piriform Ltd) C:\Users\Cheryl\Downloads\ccsetup503.exe
2015-02-25 07:05 - 2014-12-13 16:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 07:05 - 2014-12-13 16:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-24 07:12 - 2012-10-01 11:02 - 00054784 _____ () C:\WINDOWS\system32\sfppm.dll
2015-02-19 08:33 - 2015-02-19 08:33 - 00000000 ____D () C:\ProgramData\Panda Security
2015-02-16 06:58 - 2015-02-16 07:11 - 00000000 ____D () C:\Users\Cheryl\AppData\Roaming\Firetrust
2015-02-16 06:58 - 2015-02-16 06:58 - 15190448 _____ (Firetrust) C:\Users\Cheryl\Downloads\mailwasher_pro_setup_7_4_0_10112014.exe
2015-02-12 13:06 - 2015-03-05 13:23 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-02-12 13:06 - 2015-03-05 13:23 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-02-12 10:48 - 2015-02-12 10:48 - 00004036 _____ () C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-12 10:48 - 2015-02-12 10:48 - 00003484 _____ () C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2015-02-12 10:48 - 2015-02-12 10:48 - 00003226 _____ () C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2015-02-12 10:47 - 2015-02-12 10:47 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-12 10:47 - 2015-02-12 10:47 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-12 06:46 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-12 06:46 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 12:05 - 2015-01-15 17:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 12:05 - 2015-01-15 17:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 12:05 - 2015-01-13 23:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 12:05 - 2015-01-13 22:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 12:05 - 2015-01-13 17:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 12:05 - 2015-01-13 17:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 12:05 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 12:05 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 12:05 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 12:05 - 2015-01-10 04:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 12:05 - 2015-01-10 04:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 12:05 - 2015-01-10 03:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 12:05 - 2015-01-10 02:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 12:05 - 2015-01-10 01:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 12:05 - 2014-12-19 03:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 12:05 - 2014-12-19 03:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 12:05 - 2014-12-08 22:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 12:05 - 2014-12-08 20:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 12:05 - 2014-12-08 18:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 12:04 - 2015-02-03 18:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-11 12:04 - 2015-02-03 18:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-11 12:04 - 2015-02-03 18:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-11 12:04 - 2015-02-02 18:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-11 12:04 - 2015-02-02 18:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-11 12:04 - 2015-02-02 18:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-11 12:04 - 2015-01-19 13:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 12:04 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 12:04 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 12:04 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 12:04 - 2015-01-11 21:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 12:04 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 12:04 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 12:04 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 12:04 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 12:04 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 12:04 - 2015-01-11 20:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 12:04 - 2015-01-11 20:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 12:04 - 2015-01-11 20:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 12:04 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 12:04 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 12:04 - 2015-01-11 20:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 12:04 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 12:04 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 12:04 - 2015-01-11 20:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 12:04 - 2015-01-11 20:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 12:04 - 2015-01-11 20:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 12:04 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 12:04 - 2015-01-11 20:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 12:04 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 12:04 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 12:04 - 2015-01-11 20:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 12:04 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 12:04 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 12:04 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 12:04 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 12:04 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 12:04 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 12:04 - 2015-01-10 03:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-09 20:18 - 2015-02-21 17:49 - 00001367 _____ () C:\Users\Cheryl\Desktop\ROBLOX Player.lnk
2015-02-09 20:17 - 2015-02-21 17:49 - 00001182 _____ () C:\Users\Cheryl\Desktop\ROBLOX Studio.lnk
2015-02-09 20:17 - 2015-02-21 17:49 - 00000000 ____D () C:\Users\Cheryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2015-02-08 10:01 - 2015-03-03 18:45 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-08 10:01 - 2015-02-12 10:46 - 00000000 ____D () C:\Users\Cheryl\AppData\Roaming\PCDr
2015-02-08 08:04 - 2015-02-08 08:04 - 00000750 _____ () C:\Users\Cheryl\Desktop\JRT.txt
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-07 08:05 - 2014-08-15 18:46 - 00000000 ____D () C:\Users\Cheryl\Documents\Outlook Files
2015-03-07 08:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-07 07:45 - 2014-12-20 04:23 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{899F2FCE-F237-4558-BE69-A3F0B8BFA598}
2015-03-07 07:40 - 2014-12-20 20:35 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-07 07:37 - 2014-12-20 19:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-07 07:32 - 2014-12-20 20:38 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-07 07:32 - 2014-12-20 19:01 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-07 07:17 - 2014-12-20 20:35 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-07 07:17 - 2014-07-25 10:14 - 00000000 __RDO () C:\Users\Cheryl\SkyDrive
2015-03-06 19:43 - 2014-08-15 18:46 - 00000000 ____D () C:\Users\Cheryl\Documents\Personal
2015-03-06 19:43 - 2014-08-15 18:42 - 00000000 ____D () C:\Users\Cheryl\Documents\CAM
2015-03-06 12:08 - 2014-10-23 09:49 - 00000000 ____D () C:\Users\Cheryl\Documents\Facebook
2015-03-06 07:02 - 2014-12-20 20:15 - 00000161 _____ () C:\WINDOWS\Brfaxrx.ini
2015-03-06 07:02 - 2014-08-06 17:53 - 00000000 ____D () C:\sh10_01b
2015-03-05 20:06 - 2015-02-01 11:01 - 00000020 _____ () C:\Users\Cheryl\AppData\Roaming\appdataFr3.bin
2015-03-05 20:06 - 2014-08-15 18:29 - 00000000 ____D () C:\Users\Cheryl\Documents\Billing
2015-03-05 10:11 - 2014-12-20 03:50 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3069631454-2324491217-872186414-1001
2015-03-05 09:17 - 2013-11-30 16:13 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-03-05 09:14 - 2013-11-30 15:55 - 00869476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-05 09:09 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-05 09:09 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-05 07:55 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-04 08:08 - 2015-01-12 05:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-03 19:59 - 2014-12-20 23:43 - 00000000 ____D () C:\Program Files (x86)\Snappy Fax Version 5
2015-03-03 19:58 - 2014-12-20 23:43 - 00001966 _____ () C:\Users\Cheryl\Desktop\Snappy Fax Version 5.lnk
2015-03-03 19:58 - 2014-12-20 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snappy Fax Version 5
2015-03-03 19:57 - 2014-08-15 18:51 - 00000000 ____D () C:\Users\Cheryl\Documents\Snappy Fax
2015-03-03 09:43 - 2015-01-06 07:39 - 00000000 ____D () C:\Users\Cheryl\AppData\Local\Windows Live
2015-03-03 08:17 - 2014-12-20 20:20 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-03-02 20:36 - 2013-11-30 16:06 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-01 13:07 - 2014-08-15 18:42 - 00000000 ____D () C:\Users\Cheryl\Documents\HVH
2015-02-27 15:40 - 2014-08-15 18:42 - 00000000 ____D () C:\Users\Cheryl\Documents\FCA
2015-02-26 19:12 - 2014-08-02 23:12 - 00000000 ____D () C:\Users\Cheryl\Desktop\Maintenance
2015-02-26 15:43 - 2013-11-30 15:11 - 00000000 ____D () C:\dell
2015-02-26 10:48 - 2014-08-02 19:27 - 00000000 ____D () C:\AdwCleaner
2015-02-25 19:18 - 2013-08-22 10:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-25 09:54 - 2015-01-07 04:06 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-20 04:25 - 2014-12-21 11:28 - 00000000 ____D () C:\Users\Cheryl\AppData\Local\CrashDumps
2015-02-19 06:12 - 2015-02-04 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-02-18 06:38 - 2014-08-15 18:32 - 00000000 ____D () C:\Users\Cheryl\Documents\Bytescribe
2015-02-16 06:59 - 2013-11-30 16:00 - 00882158 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-02-12 15:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-12 13:06 - 2014-12-20 04:23 - 00000000 ____D () C:\Program Files\Dell
2015-02-12 13:06 - 2013-11-30 16:01 - 00000000 ____D () C:\Program Files (x86)\DELL
2015-02-12 10:47 - 2013-11-30 16:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-12 06:39 - 2013-08-22 09:44 - 00494112 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-12 06:17 - 2014-12-20 21:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 06:17 - 2013-11-30 16:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-12 06:17 - 2013-08-22 08:25 - 00000199 _____ () C:\WINDOWS\win.ini
2015-02-12 06:08 - 2014-12-22 17:52 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-12 06:08 - 2014-12-22 17:52 - 00000000 ____D () C:\WINDOWS\system32\appraiser
 
==================== Files in the root of some directories =======
 
2015-02-01 11:01 - 2015-03-05 20:06 - 0000020 _____ () C:\Users\Cheryl\AppData\Roaming\appdataFr3.bin
2014-12-21 13:06 - 2014-12-21 13:06 - 0000064 _____ () C:\Users\Cheryl\AppData\Local\2acaec00c78d5a37a5e29672aee24ff0
2015-01-04 18:42 - 2015-01-04 18:42 - 0000003 _____ () C:\Users\Cheryl\AppData\Local\updater.log
2015-01-04 18:42 - 2015-01-04 18:42 - 0000425 _____ () C:\Users\Cheryl\AppData\Local\UserProducts.xml
2014-12-20 04:23 - 2014-12-20 04:23 - 6729688 _____ (Dell                                                        ) C:\ProgramData\Dell Click 2 Fix-64-bit-V2546.exe
2013-11-30 16:09 - 2013-11-30 16:10 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-11-30 16:07 - 2013-11-30 16:07 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-11-30 16:07 - 2013-11-30 16:08 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-11-30 16:08 - 2013-11-30 16:09 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2013-11-30 16:06 - 2013-11-30 16:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Files to move or delete:
====================
C:\ProgramData\Dell Click 2 Fix-64-bit-V2546.exe
C:\Users\Cheryl\g2ax_customer_downloadhelper_win32_x86.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-26 08:06
 
==================== End Of Log ============================
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2015
Ran by Cheryl at 2015-03-07 08:06:50
Running from C:\Users\Cheryl\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Bytescribe WavPlayer (HKLM-x32\...\{F184956F-6B80-4CAB-B231-4C517CB0515A}) (Version: 6.0.0 - Bytescribe, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell System Detect (HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell Update (HKLM-x32\...\{713A4123-9417-4FF7-AC14-F000D6C0C7AD}) (Version: 0.9.1115.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{B0F29C6D-C7A9-40AC-9658-921961818E2B}) (Version: 1.0.0.18 - DELL)
DocShuttle Transcriptionist (HKLM-x32\...\{EE5765B0-280B-4872-94C0-3FBA30C5B1A0}) (Version: 6.0 - Bytescribe, Inc.)
EasyDuplicateFinder v4.7 (HKLM\...\Easy Duplicate Finder 4_is1) (Version:  - WebMinds, Inc.)
Genie Backup Manager (HKLM\...\Genie Backup Manager) (Version: 9.0 - Genie9)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HD Total (HKLM-x32\...\HD Total) (Version: 1.34.1.29 - Tube)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java™ SE Development Kit 6 Update 10 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160100}) (Version: 1.6.0.100 - Sun Microsystems, Inc.)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.881 - Kaspersky Lab) Hidden
Laplink PCmover Professional (HKLM-x32\...\{51109D80-F344-49DE-9BEE-4292A6CE6279}) (Version: 8.20.636 - Laplink Software, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros Communications)
Quick Look Electronic Drug Reference 2012 (HKLM-x32\...\{46693D70-6532-468B-A86E-D960E5DBD39B}) (Version: 1.00.0000 - Lippincott Williams & Wilkins)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.2.12 - Intuit)
Ready Reference Bookshelf (HKLM-x32\...\{1C8646E4-DC54-4E6D-95EA-C3524B09223E}) (Version: 2.02.0000 - Lippincott Williams & Wilkins)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.28144 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ROBLOX Player for Cheryl (HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Snappy Fax Version 5 (HKLM-x32\...\{9A0CEF36-483A-4EAE-99B8-0E5767FFD161}_is1) (Version: 5..0 - John Taylor & Associates)
SpellCheckAnywhere (HKLM-x32\...\{13D3DF56-1C22-45C7-8CFE-E9B65B1526B9}) (Version: 1.00.0000 - Stedman SpellCheckAnywhere)
Stedman's Cardiology & Pulmonary Words, 5th Edition, on CD-ROM (HKLM-x32\...\{78A51C29-1813-4868-AFAC-7FFDD9B734C1}) (Version: 1.00.0000 - Lippincott Williams & Wilkins)
Stedman's Pathology and Lab Medicine Words, Includes Histology, (Shared Components) (HKLM-x32\...\Uninstaller_B5960000_Stedman's Pathology and Lab Medicine Words, Includes Histology,) (Version: 2.80.12 - WoltersKluwerLWW)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Windows Driver Package - KEYLOK (usbkey) USB  (06/10/2010 64.0.0.0) (HKLM\...\B048A6D4B0188E5A802ADFF30A7C78FA4AD99BE0) (Version: 06/10/2010 64.0.0.0 - KEYLOK)
Windows Driver Package - U.S. Robotics Corporation Model 5637 Voice Driver (01/28/2011 3.1.0.46) (HKLM\...\E7AE3AA66CA6D8D4AA8DED5BEED78DB3BEDFED27) (Version: 01/28/2011 3.1.0.46 - U.S. Robotics Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3069631454-2324491217-872186414-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3069631454-2324491217-872186414-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Cheryl\AppData\Local\Roblox\Versions\version-708f91f0ad924d5c\RobloxProxy64.dll (ROBLOX Corporation)
 
==================== Restore Points  =========================
 
12-02-2015 07:23:01 AdwCleaner 21215
16-02-2015 07:10:50 Revo Uninstaller's restore point - MailWasherPro
24-02-2015 15:58:02 Scheduled Checkpoint
27-02-2015 07:40:48 Installed STOPzilla
03-03-2015 10:33:48 Revo Uninstaller's restore point - STOPzilla
03-03-2015 10:33:59 Removed STOPzilla
07-03-2015 07:32:15 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2015-02-27 07:41 - 00000749 ____A C:\WINDOWS\system32\Drivers\etc\hosts
::1 localhost
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {088EE927-690C-425A-B7E2-AC112570C141} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0A579A3D-C4C8-4B7A-9222-D50BDEF45862} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2B64C689-3A72-4088-AF6E-56A433F09256} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {425B0908-37D1-4332-9813-64CAEA442ABA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {4836D91F-7FD3-4C36-96AE-712F0D1C593D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {4B268782-5704-4CFD-A03F-F4199A90F65A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4DAA3ADE-4A67-4A2A-B6C6-AD7F73E83252} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {5D9793C5-EBEA-4C8D-B5EB-F1CAFDDA59B0} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {81276A28-EACC-42B2-B5E6-F202531D1383} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {87CA2072-62E4-411E-BF21-E8AE97A14009} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {8D584675-CAB6-4252-8516-BE56D2D7B4D8} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8DA6B2E4-31E3-490E-813F-570540D97515} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8DB483A5-B3F2-4404-9485-3779DB6976CD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-07] (Microsoft Corporation)
Task: {92BE117A-A183-4FCE-A405-5D027C9DFA6D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {95212736-BB4F-4A47-B156-0EE1E688FC7F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {9BEF4615-DE8E-432F-B777-E47BF895D2B1} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {9EF49A90-B115-4122-B116-75A7EDC62740} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {A6EDD810-83FE-46F0-A320-4174C0175253} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {C26AB4E1-96CC-42F5-A5BE-93935ABC5318} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E87E0C92-75E8-43C0-A205-5DB3E05A9D6A} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {F8CEFAB7-973B-434B-95DE-522AA79A1CD1} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-24 07:12 - 2012-10-01 11:02 - 00054784 _____ () C:\WINDOWS\System32\sfppm.dll
2013-11-30 16:01 - 2013-05-10 20:06 - 00073728 _____ () C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
2014-12-20 20:15 - 2010-03-15 18:04 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll
2013-08-22 14:40 - 2013-08-22 14:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 14:40 - 2013-08-22 14:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 14:40 - 2013-08-22 14:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2013-11-30 16:14 - 2013-08-19 13:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-11-30 16:14 - 2013-08-19 13:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-11-30 16:14 - 2013-08-19 13:21 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2013-08-12 04:45 - 2013-08-12 04:45 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-08-12 04:41 - 2013-08-12 04:41 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2013-08-12 04:49 - 2013-08-12 04:49 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2012-05-21 02:17 - 2012-05-21 02:17 - 00261632 _____ () C:\Program Files\Genie9\Genie Backup Manager\GSLogging.dll
2012-05-21 02:19 - 2012-05-21 02:19 - 00250368 _____ () C:\Program Files\Genie9\Genie Backup Manager\gs_encryption.dll
2015-01-15 08:02 - 2015-01-15 08:02 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\5c9c0b89a558d0e589c254af6b1ca238\Windows.UI.ni.dll
2014-12-21 17:27 - 2012-10-01 11:02 - 00018944 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\sfpui.dll
2014-12-20 20:15 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-11-24 11:39 - 2014-11-24 11:39 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-11-30 16:00 - 2013-08-09 07:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-12-23 07:20 - 2014-12-23 07:20 - 00034816 _____ () C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
2013-11-30 16:07 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 14:41 - 2013-03-05 14:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-12-20 20:36 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-20 20:36 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-20 20:36 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-20 20:36 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Cheryl\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Cheryl\Downloads\noname.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ImagePath"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\Software\Classes\.exe:  =>  <===== ATTENTION!
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\Software\Classes\exefile:  <===== ATTENTION!
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cheryl\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
DNS Servers: 192.168.1.254
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\StartupApproved\Run: => "KSS"
HKU\S-1-5-21-3069631454-2324491217-872186414-1001\...\StartupApproved\Run: => "LaplinkOffers"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3069631454-2324491217-872186414-500 - Administrator - Disabled)
Cheryl (S-1-5-21-3069631454-2324491217-872186414-1001 - Administrator - Enabled) => C:\Users\Cheryl
Guest (S-1-5-21-3069631454-2324491217-872186414-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/04/2015 05:24:07 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MFNET BrtMFNET: [2015/03/04 17:24:07.772]: [00004488]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.66]
 
Error: (03/04/2015 04:33:47 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=075F34E2803C4DD3BBB5ED83BBE4A455;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\dc8a62ff-804d-479e-a73b-627c0c837379.dmp
 
Error: (03/04/2015 08:06:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (03/03/2015 00:32:15 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MFNET BrtMFNET: [2015/03/03 12:32:15.800]: [00005928]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[]
 
Error: (03/03/2015 00:31:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MFNET BrtMFNET: [2015/03/03 12:31:06.783]: [00005928]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.66]
 
Error: (03/03/2015 10:28:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Description = STOPzilla Restore Point.; Error = 0x80042319).
 
Error: (03/03/2015 10:28:04 AM) (Source: SPP) (EventID: 16387) (User: )
Description: Writer MSSearch Service Writer experienced some error during snapshot creation.
 
More info: .
 
Error: (03/03/2015 09:43:42 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (03/01/2015 09:59:37 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Description = STOPzilla Restore Point.; Error = 0x80042319).
 
Error: (03/01/2015 09:59:37 PM) (Source: SPP) (EventID: 16387) (User: )
Description: Writer MSSearch Service Writer experienced some error during snapshot creation.
 
More info: .
 
 
System errors:
=============
Error: (03/05/2015 05:49:17 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106.
 
Error: (03/05/2015 09:30:02 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106.
 
Error: (03/05/2015 09:30:02 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106.
 
Error: (03/05/2015 09:09:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The sbapifs service failed to start due to the following error: 
%%2
 
Error: (03/05/2015 09:08:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (03/03/2015 10:35:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the szserver service.
 
Error: (03/01/2015 09:56:13 PM) (Source: DCOM) (EventID: 10016) (User: CHERYL-WORK)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Cheryl-workCherylS-1-5-21-3069631454-2324491217-872186414-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/01/2015 09:56:13 PM) (Source: DCOM) (EventID: 10016) (User: CHERYL-WORK)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Cheryl-workCherylS-1-5-21-3069631454-2324491217-872186414-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/01/2015 09:56:13 PM) (Source: DCOM) (EventID: 10016) (User: CHERYL-WORK)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Cheryl-workCherylS-1-5-21-3069631454-2324491217-872186414-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/01/2015 09:56:12 PM) (Source: DCOM) (EventID: 10016) (User: CHERYL-WORK)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Cheryl-workCherylS-1-5-21-3069631454-2324491217-872186414-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (03/04/2015 05:24:07 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MFNETBrtMFNET: [2015/03/04 17:24:07.772]: [00004488]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.66]
 
Error: (03/04/2015 04:33:47 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=075F34E2803C4DD3BBB5ED83BBE4A455;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\dc8a62ff-804d-479e-a73b-627c0c837379.dmp
 
Error: (03/04/2015 08:06:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Cheryl\Desktop\Maintenance\esetsmartinstaller_enu.exe
 
Error: (03/03/2015 00:32:15 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MFNETBrtMFNET: [2015/03/03 12:32:15.800]: [00005928]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[]
 
Error: (03/03/2015 00:31:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MFNETBrtMFNET: [2015/03/03 12:31:06.783]: [00005928]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.66]
 
Error: (03/03/2015 10:28:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" STOPzilla Restore Point.0x80042319
 
Error: (03/03/2015 10:28:04 AM) (Source: SPP) (EventID: 16387) (User: )
Description: MSSearch Service WriterA writer did not respond to a GatherWriterStatus call.  The writer may either have terminated or it may be stuck.  Check the System and Application event logs for more information. (0x80042319)
 
Error: (03/03/2015 09:43:42 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
 
Error: (03/01/2015 09:59:37 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" STOPzilla Restore Point.0x80042319
 
Error: (03/01/2015 09:59:37 PM) (Source: SPP) (EventID: 16387) (User: )
Description: MSSearch Service WriterA writer did not respond to a GatherWriterStatus call.  The writer may either have terminated or it may be stuck.  Check the System and Application event logs for more information. (0x80042319)
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-03 10:58:19.360
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-03-02 09:10:34.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-27 09:01:43.173
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-26 19:14:34.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-26 19:14:34.434
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-26 19:14:34.294
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-26 19:14:27.776
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-26 19:14:27.620
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-26 08:53:35.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-26 08:53:35.625
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3340S CPU @ 2.80GHz
Percentage of memory in use: 26%
Total physical RAM: 12193.1 MB
Available physical RAM: 8980.08 MB
Total Pagefile: 14049.1 MB
Available Pagefile: 10772.26 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:922.8 GB) (Free:688.17 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 12943143)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

Edited by Queen-Evie, 07 March 2015 - 12:17 PM.
moved from Am I Infectec. FRST logs are allowed only in Malware Removal Logs forum


BC AdBot (Login to Remove)

 


#2 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:11:20 PM

Posted 07 March 2015 - 12:20 PM

This appears to be about the same computer you posted about here in a different Malware Removal Logs topic.
http://www.bleepingcomputer.com/forums/t/568917/adwaredealply-i-believe/

nasdaq replied to that topic but there was no follow up by you.

Since your other topic is ongoing, please keep all help in it.

Follow the directions given by nasdaq, answer his question, include what you posted above if necessary.

For now, this topic is closed to avoid confusion.

Edited by Queen-Evie, 07 March 2015 - 12:25 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users