Results 1 to 9 of 9

Thread: Slow Computer

  1. #1
    Member
    Join Date
    Aug 2008
    Posts
    56

    Default Slow Computer

    Hi all,

    For the last couple of days, I've noticed that my computer is running slower & slower. Often taking ages to load a page, timing out in the process. I am not aware of opening anything untoward etc. It is an old computer in terms of technology - dino even, but it still does what I need it to for the mo...

    Here are my logs:

    FRST:

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-05-2016 01
    Ran by WIN7 (administrator) on ASPIRE-T180 (05-05-2016 18:20:59)
    Running from C:\Users\WIN7\Desktop
    Loaded Profiles: WIN7 & UpdatusUser (Available Profiles: WIN7 & UpdatusUser & Administrator)
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
    (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.219.771.0.exe
    (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.)
    HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *:\$Recycle.Binexe <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *:\$Recycle.Binpif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
    HKLM Group Policy restriction on software: ** <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *:\$Recycle.Binscr <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *:\$Recycle.Bincom <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
    HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-21-1839434062-3037775892-936306819-1002\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1804648 2011-09-16] (Hewlett-Packard Co.)
    HKU\S-1-5-21-1839434062-3037775892-936306819-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd)
    HKU\S-1-5-21-1839434062-3037775892-936306819-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
    HKU\S-1-5-21-1839434062-3037775892-936306819-1003\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
    HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{5704168A-B32C-447A-B678-72C32D94FB6F}: [NameServer] 88.82.13.12 88.82.13.12
    Tcpip\..\Interfaces\{6DF026BC-86C8-4F05-95B1-9B6E3AFBD285}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1839434062-3037775892-936306819-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1839434062-3037775892-936306819-1002 -> {4A1E25BB-395C-4902-93CB-51E7F188AD62} URL = hxxps://www.google.com/search?q={searchTerms}
    IE Session Restore: HKU\S-1-5-21-1839434062-3037775892-936306819-1002 -> is enabled.
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
    FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-02-15] (RocketLife, LLP)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

    Chrome:
    =======
    CHR Profile: C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-12]
    CHR Extension: (Google Docs) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-12]
    CHR Extension: (Google Drive) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
    CHR Extension: (Rapport) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-08]
    CHR Extension: (YouTube) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
    CHR Extension: (Google Search) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
    CHR Extension: (Google Sheets) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-12]
    CHR Extension: (Google Docs Offline) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
    CHR Extension: (Capture Webpage Screenshot Entirely. FireShot) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-03-11]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-12]
    CHR HKU\S-1-5-21-1839434062-3037775892-936306819-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
    R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
    R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2372080 2016-03-23] (IBM Corp.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [20744 2009-06-17] (IVT Corporation.)
    S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [29192 2009-06-17] ()
    S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [85760 2011-03-24] (Huawei Technologies Co., Ltd.)
    S3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [72832 2011-03-24] (Huawei Technologies Co., Ltd.) [File not signed]
    S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26496 2011-03-24] (Huawei Technologies Co., Ltd.)
    S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [168448 2011-03-24] (Huawei Technologies Co., Ltd.)
    S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [25480 2009-06-17] (IVT Corporation.)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-10] (Malwarebytes)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
    R1 RapportCerberus_1609035; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1609035.sys [752008 2016-04-05] (IBM Corp.)
    R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [307016 2016-03-23] (IBM Corp.)
    S3 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [237544 2016-03-23] (IBM Corp.)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [33512 2014-08-28] ()
    R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
    S3 BT; system32\DRIVERS\btnetdrv.sys [X]
    S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
    S3 cpuz134; \??\C:\Users\WIN7\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
    S3 eapihdrv; \??\C:\Users\WIN7\AppData\Local\Temp\ehdrv.sys [X]
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
    S3 VComm; system32\DRIVERS\VComm.sys [X]
    S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
    S3 WinRing0_1_2_0; \??\C:\Program Files\TurboYourPC\Service.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2094-06-24 02:00 - 2012-05-19 17:36 - 00179811 _____ C:\Program Files\MPEG Streamclip Guide.pdf
    2016-05-05 18:21 - 2016-05-05 18:21 - 00026783 _____ C:\Users\WIN7\Desktop\FRST.txt
    2016-05-05 18:17 - 2016-05-05 18:17 - 00023566 _____ C:\Users\WIN7\Downloads\FRST.txt
    2016-05-05 18:16 - 2016-05-05 18:20 - 00000000 ____D C:\FRST
    2016-05-05 18:15 - 2016-05-05 18:15 - 01730560 _____ (Farbar) C:\Users\WIN7\Desktop\FRST.exe
    2016-05-05 18:07 - 2016-05-05 18:07 - 00002161 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2016-05-05 18:07 - 2016-05-05 18:07 - 00000000 ____D C:\RegBackup
    2016-05-05 18:07 - 2016-05-05 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2016-05-05 18:06 - 2016-05-05 18:07 - 00016997 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
    2016-05-05 18:03 - 2016-05-05 18:04 - 05523840 _____ (Tweaking.com) C:\Users\WIN7\Downloads\tweaking.com_registry_backup_setup.exe
    2016-05-04 17:32 - 2016-05-04 17:32 - 00405992 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-05-03 19:48 - 2016-05-03 19:48 - 00048884 _____ C:\Users\WIN7\Desktop\request.pdf
    2016-05-03 17:45 - 2016-05-03 17:46 - 01201692 _____ C:\Users\WIN7\Desktop\bitmeasure.pdf
    2016-04-27 04:14 - 2016-04-27 04:14 - 00001840 _____ C:\Users\Public\Desktop\Garmin Express.lnk
    2016-04-27 04:14 - 2016-04-27 04:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
    2016-04-23 09:29 - 2016-04-23 09:29 - 00270986 _____ C:\Users\WIN7\Desktop\mesg.ebay.co.pdf
    2016-04-20 17:54 - 2016-04-20 17:54 - 00122589 _____ C:\Users\WIN7\Downloads\Big Local JD for CDO-V1 JO edit.pdf
    2016-04-12 23:02 - 2016-03-16 19:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
    2016-04-12 23:02 - 2016-03-16 19:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
    2016-04-12 23:02 - 2016-02-02 19:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2016-04-12 23:01 - 2016-03-17 23:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2016-04-12 23:01 - 2016-03-17 23:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-04-12 23:01 - 2016-03-17 23:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-04-12 23:01 - 2016-03-17 23:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-04-12 23:01 - 2016-03-17 23:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-04-12 23:01 - 2016-03-17 23:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2016-04-12 23:01 - 2016-03-17 23:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-04-12 23:01 - 2016-03-17 23:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2016-04-12 23:01 - 2016-03-17 23:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-04-12 23:01 - 2016-03-17 23:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-04-12 23:01 - 2016-03-17 23:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2016-04-12 23:01 - 2016-03-17 23:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-04-12 23:01 - 2016-03-17 23:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-04-12 23:01 - 2016-03-17 23:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-04-12 23:01 - 2016-03-17 23:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2016-04-12 23:01 - 2016-03-17 23:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2016-04-12 23:01 - 2016-03-17 23:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-04-12 23:01 - 2016-03-17 23:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-04-12 23:01 - 2016-03-17 23:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-04-12 23:01 - 2016-03-17 23:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-04-12 23:01 - 2016-03-17 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2016-04-12 23:01 - 2016-03-17 23:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-04-12 23:01 - 2016-03-17 23:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-04-12 23:01 - 2016-03-17 23:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-04-12 23:01 - 2016-03-17 23:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-04-12 23:01 - 2016-03-17 23:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-04-12 23:01 - 2016-03-17 23:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 23:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 22:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-04-12 23:01 - 2016-03-17 22:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2016-04-12 23:01 - 2016-03-17 22:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-04-12 23:01 - 2016-03-17 22:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-04-12 23:01 - 2016-03-17 22:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2016-04-12 23:01 - 2016-03-17 22:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2016-04-12 23:01 - 2016-03-17 22:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2016-04-12 23:01 - 2016-03-17 22:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-04-12 23:01 - 2016-03-17 22:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-04-12 23:01 - 2016-03-17 22:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-04-12 23:01 - 2016-03-17 22:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-04-12 23:01 - 2016-03-17 22:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2016-04-12 23:01 - 2016-03-17 22:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2016-04-12 23:01 - 2016-03-17 22:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2016-04-12 23:01 - 2016-03-17 22:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 22:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 22:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2016-04-12 23:01 - 2016-03-17 22:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2016-04-12 23:00 - 2016-03-31 19:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-04-12 23:00 - 2016-03-31 01:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-04-12 23:00 - 2016-03-31 01:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-04-12 23:00 - 2016-03-31 01:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2016-04-12 23:00 - 2016-03-31 00:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-04-12 23:00 - 2016-03-31 00:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-04-12 23:00 - 2016-03-31 00:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2016-04-12 23:00 - 2016-03-31 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-04-12 23:00 - 2016-03-31 00:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2016-04-12 23:00 - 2016-03-31 00:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-04-12 23:00 - 2016-03-31 00:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-04-12 23:00 - 2016-03-31 00:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-04-12 23:00 - 2016-03-31 00:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-04-12 23:00 - 2016-03-31 00:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-04-12 23:00 - 2016-03-31 00:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2016-04-12 23:00 - 2016-03-31 00:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-04-12 23:00 - 2016-03-31 00:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2016-04-12 23:00 - 2016-03-31 00:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2016-04-12 23:00 - 2016-03-31 00:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-04-12 23:00 - 2016-03-31 00:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2016-04-12 23:00 - 2016-03-31 00:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2016-04-12 23:00 - 2016-03-31 00:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-04-12 23:00 - 2016-03-31 00:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-04-12 23:00 - 2016-03-31 00:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-04-12 23:00 - 2016-03-31 00:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-04-12 23:00 - 2016-03-31 00:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2016-04-12 23:00 - 2016-03-31 00:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2016-04-12 23:00 - 2016-03-31 00:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-04-12 23:00 - 2016-03-31 00:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-04-12 23:00 - 2016-03-31 00:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-04-12 23:00 - 2016-03-31 00:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2016-04-12 23:00 - 2016-03-31 00:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-04-12 23:00 - 2016-03-31 00:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-04-12 23:00 - 2016-03-31 00:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-04-12 23:00 - 2016-03-31 00:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2016-04-12 22:59 - 2016-03-16 00:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2016-04-12 22:59 - 2016-03-16 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
    2016-04-12 22:59 - 2016-03-11 19:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2016-04-12 22:58 - 2016-04-04 18:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-04-12 22:58 - 2016-04-04 18:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-04-12 22:58 - 2016-04-02 14:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-04-12 22:58 - 2016-03-29 18:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-04-12 22:58 - 2016-03-23 15:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-04-12 22:58 - 2016-03-17 19:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-04-12 22:58 - 2016-03-17 19:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-04-12 22:58 - 2016-03-17 19:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-04-12 22:58 - 2016-03-17 19:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-04-12 22:58 - 2016-03-06 19:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-04-12 22:58 - 2016-03-06 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2016-04-12 22:58 - 2016-02-05 19:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
    2016-04-12 22:58 - 2016-02-05 18:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
    2016-04-12 22:58 - 2016-01-21 01:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
    2016-04-12 22:58 - 2015-06-03 21:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
    2016-04-09 21:59 - 2016-04-09 22:04 - 125168408 _____ (Apple Inc.) C:\Users\WIN7\Downloads\icloudsetup.exe
    2016-04-09 19:00 - 2016-04-09 19:00 - 00000000 ____D C:\Users\WIN7\AppData\Local\CEF
    2016-04-09 18:57 - 2016-04-13 09:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-04-09 18:57 - 2016-04-09 18:57 - 00001997 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2016-04-09 18:26 - 2016-04-09 18:26 - 00001733 _____ C:\Users\Public\Desktop\iTunes.lnk
    2016-04-09 18:26 - 2016-04-09 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2016-04-09 18:25 - 2016-04-09 18:26 - 00000000 ____D C:\Program Files\iTunes
    2016-04-09 18:25 - 2016-04-09 18:25 - 00000000 ____D C:\ProgramData\Apple Computer
    2016-04-09 18:25 - 2016-04-09 18:25 - 00000000 ____D C:\Program Files\iPod
    2016-04-09 18:23 - 2016-04-09 18:23 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2016-04-09 18:23 - 2016-04-09 18:23 - 00000000 ____D C:\Program Files\Apple Software Update
    2016-04-09 18:22 - 2016-04-09 18:22 - 00000000 ____D C:\Program Files\Bonjour
    2016-04-09 18:21 - 2016-04-09 18:25 - 00000000 ____D C:\Program Files\Common Files\Apple
    2016-04-09 18:21 - 2016-04-09 18:23 - 00000000 ____D C:\ProgramData\Apple
    2016-04-09 09:42 - 2016-05-04 14:41 - 00000000 ____D C:\Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
    2016-04-09 09:42 - 2016-04-09 10:38 - 00000000 ____D C:\Users\WIN7\AppData\Local\140603CB-4D8A-488A-A9E3-C9246FB99289.aplzod
    2016-04-09 09:42 - 2016-04-09 09:42 - 00000000 ____D C:\Users\WIN7\AppData\Local\Apple Inc
    2016-04-08 17:41 - 2016-04-08 17:41 - 05338816 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-05-05 17:36 - 2012-04-19 08:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-05-05 17:32 - 2011-11-22 22:24 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-05-05 16:22 - 2009-07-14 05:34 - 00032208 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-05-05 16:22 - 2009-07-14 05:34 - 00032208 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-05-04 21:10 - 2012-01-03 10:15 - 00083517 _____ C:\Users\WIN7\Desktop\My Bits.xlsx
    2016-05-04 18:33 - 2011-11-22 22:24 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-05-04 17:32 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-05-04 14:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
    2016-05-02 23:38 - 2015-05-12 20:41 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-05-02 23:37 - 2015-05-12 20:41 - 00002109 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-04-28 16:13 - 2013-04-13 03:06 - 00000000 ____D C:\Users\UpdatusUser
    2016-04-27 04:16 - 2016-02-19 22:00 - 00000000 ____D C:\ProgramData\Package Cache
    2016-04-27 04:15 - 2016-02-19 22:02 - 00000000 ____D C:\Program Files\Garmin
    2016-04-22 08:57 - 2011-11-16 19:15 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2016-04-13 04:02 - 2010-11-20 22:01 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-04-13 03:52 - 2014-12-10 04:31 - 00000000 ____D C:\Windows\system32\appraiser
    2016-04-13 03:23 - 2013-08-09 21:31 - 00000000 ____D C:\Windows\system32\MRT
    2016-04-13 03:10 - 2011-11-16 19:18 - 132539272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-04-10 14:43 - 2011-11-19 18:50 - 00000000 ____D C:\Users\WIN7
    2016-04-09 18:57 - 2013-04-13 08:46 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2016-04-09 18:56 - 2011-11-23 15:59 - 00000000 ____D C:\ProgramData\Adobe
    2016-04-09 18:56 - 2011-11-23 15:59 - 00000000 ____D C:\Program Files\Adobe
    2016-04-09 10:48 - 2011-12-07 19:46 - 00000000 ____D C:\Users\WIN7\AppData\Roaming\Apple Computer
    2016-04-08 19:28 - 2011-11-22 22:24 - 00000000 ____D C:\Program Files\Google
    2016-04-08 18:56 - 2011-11-22 22:24 - 00000000 ____D C:\Users\WIN7\AppData\Local\Google
    2016-04-08 17:41 - 2012-04-19 08:23 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2016-04-08 17:41 - 2011-11-20 22:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2016-04-05 08:31 - 2013-08-28 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
    2016-04-05 08:20 - 2011-12-07 19:46 - 00000000 ____D C:\Users\WIN7\AppData\Local\Apple Computer

    ==================== Files in the root of some directories =======

    2094-06-24 02:00 - 2012-05-19 17:36 - 0179811 _____ () C:\Program Files\MPEG Streamclip Guide.pdf
    2008-08-10 12:57 - 2012-05-19 17:36 - 0094916 _____ () C:\Program Files\MPEG Streamclip Guide.rtf
    2008-08-10 13:09 - 2012-05-19 17:36 - 1083904 _____ (Squared 5) C:\Program Files\MPEG_Streamclip.exe
    2012-05-19 17:32 - 2012-05-19 17:32 - 0554844 _____ () C:\Program Files\MPEG_Streamclip_1.2.zip
    2008-08-10 13:32 - 2012-05-19 17:36 - 0003457 _____ () C:\Program Files\Readme First.rtf
    2015-10-30 15:51 - 2015-10-30 15:51 - 0032076 _____ () C:\Users\WIN7\AppData\Roaming\Comma Separated Values (DOS).ADR
    2013-04-18 13:15 - 2013-04-18 13:15 - 0038408 _____ () C:\Users\WIN7\AppData\Roaming\Comma Separated Values (Windows).ADR
    2014-12-16 20:03 - 2014-12-16 20:03 - 0000042 _____ () C:\Users\WIN7\AppData\Roaming\WB.CFG
    2012-05-17 17:21 - 2012-05-17 17:21 - 0004096 _____ () C:\Users\WIN7\AppData\Local\keyfile3.drm
    2014-09-18 11:00 - 2014-11-21 19:15 - 0007609 _____ () C:\Users\WIN7\AppData\Local\Resmon.ResmonCfg
    2014-08-31 20:21 - 2014-08-31 20:21 - 0000000 _____ () C:\Users\WIN7\AppData\Local\{65EECCE8-FF8E-450F-B957-2A204F3E265F}
    2012-09-26 16:32 - 2012-09-26 16:32 - 0000057 _____ () C:\ProgramData\Ament.ini
    2014-06-12 14:26 - 2014-06-12 14:26 - 0001534 _____ () C:\ProgramData\ss.ini

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-04-28 00:26

    ==================== End of FRST.txt ============================


    Add.txt
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-05-2016 01
    Ran by WIN7 (2016-05-05 18:23:37)
    Running from C:\Users\WIN7\Desktop
    Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-11-16 17:59:28)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1839434062-3037775892-936306819-500 - Administrator - Disabled) => C:\Users\Administrator
    Guest (S-1-5-21-1839434062-3037775892-936306819-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1839434062-3037775892-936306819-1005 - Limited - Enabled)
    UpdatusUser (S-1-5-21-1839434062-3037775892-936306819-1003 - Limited - Enabled) => C:\Users\UpdatusUser
    WIN7 (S-1-5-21-1839434062-3037775892-936306819-1002 - Administrator - Enabled) => C:\Users\WIN7

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
    ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Any Audio Converter 5.8.8 (HKLM\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
    Apple Application Support (32-bit) (HKLM\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
    Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
    CPUID CPU-Z 1.58 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
    CryptoPrevent (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
    Elevated Installer (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express (HKLM\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
    Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
    HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Photosmart 5510 series Basic Device Software (HKLM\...\{CDB1080E-BF0A-4A61-9E77-D1BBA68582C7}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
    HP Photosmart 5510 series Help (HKLM\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Photosmart 5510 series Product Improvement Study (HKLM\...\{C2F3460B-0C14-4A85-A330-5D1D5028C496}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
    HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    iTunes (HKLM\...\{3079C5C8-325A-4354-A733-456BACA1E5FB}) (Version: 12.3.3.17 - Apple Inc.)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
    MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
    NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
    NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    Rapport (Version: 3.5.1609.47 - Trusteer) Hidden
    Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1609.47 - Trusteer)
    Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 3.4.1 - Tweaking.com)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1839434062-3037775892-936306819-1002_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
    CustomCLSID: HKU\S-1-5-21-1839434062-3037775892-936306819-1003_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {021A381F-33EB-41F1-A007-23ABB35B4414} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
    Task: {027FA0F9-CB3C-454B-8F69-0550F794775B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {1348049F-651F-4E53-A491-ECC1E3337C25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
    Task: {3B1E717E-CA20-4A72-AB2A-017D73973D74} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
    Task: {42DD3EAE-7014-477F-A384-C298EDD3621C} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
    Task: {435BFB06-F188-4E74-85A5-54FE0496C374} - System32\Tasks\{28E62DE8-60EF-4FEB-877A-1B39DD8DB93A} => pcalua.exe -a C:\Users\WIN7\Desktop\bluescreenview_setup.exe -d C:\Users\WIN7\Desktop
    Task: {58748B99-9833-47D9-95BC-9777C2187B42} - System32\Tasks\{D5A3B8C6-0690-4ACA-8EB3-6440940590FC} => pcalua.exe -a K:\StarStableSetup.exe -d C:\Users\WIN7\Desktop
    Task: {636A8754-9CC9-4A09-9495-161A3C9318E5} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
    Task: {8500E2CD-2768-4F21-818D-586F22548EEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
    Task: {A552A88D-CB8F-459D-9109-EF9B6AB1A2E1} - System32\Tasks\{7E472C24-E2D9-47D2-941C-140CB71AF99F} => pcalua.exe -a C:\Users\WIN7\Desktop\bluescreenview_setup.exe -d C:\Users\WIN7\Desktop
    Task: {AF1A6040-8921-4BC7-A14E-3FC75F981753} - System32\Tasks\{C3F3D2BE-8F98-4B6C-AC80-3C8FB2EF8307} => pcalua.exe -a "C:\Users\WIN7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OBGFQ9GH\StarStableSetup.exe" -d C:\Users\WIN7\Desktop
    Task: {B02D0D9C-F8E9-46BC-A271-B012406BFD6B} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
    Task: {C30F16D2-0C97-42E6-82DF-70BD35E0ED27} - System32\Tasks\{A342119D-2B39-400A-908A-013046D0B4C3} => pcalua.exe -a "C:\Users\WIN7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZVI14N2\epson325305eu.exe" -d C:\Users\WIN7\Desktop
    Task: {D4D142C7-4336-4CDE-9A9D-812E25103649} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2013-04-13 03:05 - 2013-01-31 10:00 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
    2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2016-03-18 22:56 - 2016-03-18 22:56 - 01040656 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
    2015-12-18 16:42 - 2015-12-18 16:42 - 50708664 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
    2016-05-02 23:37 - 2016-04-28 00:25 - 01738904 _____ () C:\Program Files\Google\Chrome\Application\50.0.2661.94\libglesv2.dll
    2016-05-02 23:37 - 2016-04-28 00:25 - 00086168 _____ () C:\Program Files\Google\Chrome\Application\50.0.2661.94\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %* <===== ATTENTION

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-1839434062-3037775892-936306819-1002\...\starstable.com -> starstable.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 03:04 - 2015-01-28 22:16 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1839434062-3037775892-936306819-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\WIN7\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{7D68E0DD-D13D-4115-BD90-83A17B4013C2}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
    FirewallRules: [{CFCF56ED-D5DA-4F23-A841-23007642DCCE}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{23FE2483-023A-40DC-92F3-2111824B4138}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{F487D8EF-FBCC-43C8-AADB-00D6101D7871}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{505A5212-CB5B-4C78-8F23-349AB0744494}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [{A17042CF-0217-46EA-BC5A-299363A60F3B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{4ED9E2AE-B87F-4FD3-AD81-39779EB942CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{16D94301-FEF4-45DC-BC5F-E2456AE4C168}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{CAE17435-0FEC-4302-9CA2-5AC3A45972FD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============

    Name: Microsoft Teredo Tunneling Adapter
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/05/2016 06:19:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST.exe version 6.5.2016.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1308

    Start Time: 01d1a6f1d0a7b520

    Termination Time: 15

    Application Path: C:\Users\WIN7\Downloads\FRST.exe

    Report Id: 48a44251-12e5-11e6-8cd8-001921549e00

    Error: (05/05/2016 12:08:53 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80004005

    Error: (05/04/2016 11:41:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80004005

    Error: (05/04/2016 05:33:23 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (05/04/2016 05:33:23 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.

    Context: Windows Application

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (05/04/2016 05:33:23 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: The gatherer object cannot be initialized.

    Context: Windows Application, SystemIndex Catalog

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (05/04/2016 05:33:23 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog

    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)

    Error: (05/04/2016 05:33:22 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.JetPropStore> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (05/04/2016 05:33:22 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: The Windows Search Service cannot load the property store information.

    Context: Windows Application, SystemIndex Catalog

    Details:
    The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

    Error: (05/04/2016 05:33:22 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


    System errors:
    =============
    Error: (05/05/2016 01:28:40 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/04/2016 05:38:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The NVIDIA Update Service Daemon service hung on starting.

    Error: (05/04/2016 05:33:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (05/04/2016 05:33:23 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Windows Search service terminated with service-specific error %%-1073473535.

    Error: (05/04/2016 05:33:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Garmin Device Interaction Service service failed to start due to the following error:
    %%1053

    Error: (05/04/2016 05:33:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Device Interaction Service service to connect.

    Error: (05/04/2016 02:41:50 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
    Percentage of memory in use: 89%
    Total physical RAM: 767.54 MB
    Available physical RAM: 76.76 MB
    Total Virtual: 2279.71 MB
    Available Virtual: 464.62 MB

    ==================== Drives ================================

    Drive c: (Windows & Prog Files) (Fixed) (Total:40.04 GB) (Free:1.5 GB) NTFS
    Drive d: (Data) (Fixed) (Total:50.75 GB) (Free:49.94 GB) NTFS
    Drive e: (Backup) (Fixed) (Total:62.5 GB) (Free:48.39 GB) NTFS
    Drive k: (Classic SL) (Fixed) (Total:74.53 GB) (Free:26.69 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 153.4 GB) (Disk ID: CF815C69)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=50.7 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=62.5 GB) - (Type=OF Extended)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 45290D0F)
    Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

    aswMBR


    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2016-05-05 18:27:30
    -----------------------------
    18:27:30.664 OS Version: Windows 6.1.7601 Service Pack 1
    18:27:30.664 Number of processors: 2 586 0x4B02
    18:27:30.664 ComputerName: ASPIRE-T180 UserName: WIN7
    18:28:16.394 Initialize success
    18:28:16.924 VM: initialized successfully
    18:28:16.924 VM: Amd CPU virtualization not supported
    18:35:28.447 AVAST engine defs: 16050500
    18:36:27.508 The log file has been saved successfully to "C:\Users\WIN7\Desktop\aswMBR.txt"


    Many thanks.

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    We'll run some scans but one thing I noticed right off

    Percentage of memory in use: 89%
    Available physical RAM: 76.76 MB
    You getting to the bottom of whats left in space you can use. When using the computer have it down to bare bones of what you need to run to be safe on the internet.




    Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
    To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)





    start
    CreateRestorePoint:
    CloseProcesses:
    Task: {636A8754-9CC9-4A09-9495-161A3C9318E5} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    S3 WinRing0_1_2_0; \??\C:\Program Files\TurboYourPC\Service.sys [X]
    C:\Program Files\TurboYourPC\Service.sys
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset all
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    EmptyTemp:
    Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
    Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

    Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
    Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
    End
    Open FRST/FRST64 and press the > Fix < button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    ********************

    AdwCleaner
    • Please download AdwCleaner and save the file to your Desktop.
    • Right-click AdwCleaner.exe and select Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, click Logfile. A log (AdwCleaner[S1].txt) will open. Briefly check the log for anything you know to be legitimate.
    • Return to AdwCleaner. Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab.
    • Click Clean.
    • Follow the prompts and allow your computer to reboot.
    • After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.

    -- File and folder backups are made for items removed using this programme. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[C1].txt.




    ======================================================



    Please download Junkware Removal Tool
    or from here http://downloads.malwarebytes.org/file/jrt
    to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    *****************
    please post
    Fixlog.txt
    AdwCleaner[C1].txt
    JRT.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Member
    Join Date
    Aug 2008
    Posts
    56

    Default

    Hi,

    Here are my logs:-

    Fixlog

    Fix result of Farbar Recovery Scan Tool (x86) Version:06-05-2016 01
    Ran by WIN7 (2016-05-06 14:18:18) Run:1
    Running from C:\Users\WIN7\Desktop
    Loaded Profiles: WIN7 & UpdatusUser (Available Profiles: WIN7 & UpdatusUser & Administrator)
    Boot Mode: Normal

    ==============================================

    fixlist content:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    Task: {636A8754-9CC9-4A09-9495-161A3C9318E5} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    S3 WinRing0_1_2_0; \??\C:\Program Files\TurboYourPC\Service.sys [X]
    C:\Program Files\TurboYourPC\Service.sys
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset all
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    EmptyTemp:
    Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
    Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

    Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
    Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
    End
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{636A8754-9CC9-4A09-9495-161A3C9318E5}" => key removed successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{636A8754-9CC9-4A09-9495-161A3C9318E5}" => key removed successfully.
    C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Antivirus Scheduled Scan" => key removed successfully.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
    WinRing0_1_2_0 => service removed successfully.
    "C:\Program Files\TurboYourPC\Service.sys" => not found.

    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========


    ========= netsh winsock reset all =========


    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.


    ========= End of CMD: =========


    ========= netsh int ipv4 reset =========

    Reseting Interface, OK!
    Restart the computer to complete this action.


    ========= End of CMD: =========


    ========= netsh int ipv6 reset =========

    Reseting Interface, OK!
    Restart the computer to complete this action.


    ========= End of CMD: =========


    ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

    The operation completed successfully.



    ========= End of Reg: =========


    ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

    The operation completed successfully.



    ========= End of Reg: =========


    ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

    The operation completed successfully.



    ========= End of Reg: =========


    ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

    The operation completed successfully.



    ========= End of Reg: =========

    EmptyTemp: => 455.3 MB temporary data Removed.


    The system needed a reboot.

    ==== End of Fixlog 14:20:54 ====


    Adware:-

    # AdwCleaner v5.115 - Logfile created 06/05/2016 at 14:47:49
    # Updated 01/05/2016 by Xplode
    # Database : 2016-05-04.2 [Server]
    # Operating system : Windows 7 Professional Service Pack 1 (X86)
    # Username : WIN7 - ASPIRE-T180
    # Running from : C:\Users\WIN7\Downloads\AdwCleaner.exe
    # Option : Clean
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    [x] Folder Not Deleted : C:\Users\WIN7\AppData\Roaming\OpenCandy

    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ WMI ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
    [x] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [SmartSaver+ 3-bg.exe]
    [x] Key Not Deleted : HKCU\Software\Classes\dream.capture
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Search.BrowserWndAPI
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Search.BrowserWndAPI.1
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Search.PugiObj
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Search.PugiObj.1
    [x] Key Not Deleted : HKU\S-1-5-21-1839434062-3037775892-936306819-1002\Software\Classes\dream.capture
    [x] Key Not Deleted : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
    [x] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
    [x] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    [x] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    [x] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [x] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
    [x] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
    [x] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
    [x] Key Not Deleted : HKCU\Software\WEBAPP
    [x] Key Not Deleted : HKCU\Software\AppDataLow\Software\SpeedChecker
    [x] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [x] Key Not Deleted : HKU\S-1-5-21-1839434062-3037775892-936306819-1002\Software\WEBAPP
    [x] Key Not Deleted : HKU\S-1-5-21-1839434062-3037775892-936306819-1002\Software\AppDataLow\Software\SpeedChecker
    [x] Key Not Deleted : HKU\S-1-5-21-1839434062-3037775892-936306819-1003\Software\InstalledBrowserExtensions
    [x] Key Not Deleted : HKU\S-1-5-21-1839434062-3037775892-936306819-1003\Software\PepperZip
    [x] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

    ***** [ Web browsers ] *****


    *************************

    :: "Tracing" keys deleted
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C1].txt - [5329 bytes] - [06/05/2016 14:47:49]
    C:\AdwCleaner\AdwCleaner[S1].txt - [4896 bytes] - [06/05/2016 14:37:53]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5475 bytes] ##########


    JRT:-

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.6 (04.25.2016)
    Operating System: Windows 7 Professional x86
    Ran by WIN7 (Administrator) on 06/05/2016 at 17:13:21.42
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 10

    Successfully deleted: C:\Users\WIN7\AppData\Roaming\opencandy (Folder)
    Successfully deleted: C:\Windows\System32\${logfile} (File)
    Successfully deleted: C:\Users\WIN7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LAW76QV (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\WIN7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\801TKG9S (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\WIN7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BEAJAV4X (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\WIN7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVBO2Y2Q (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LAW76QV (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\801TKG9S (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BEAJAV4X (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVBO2Y2Q (Temporary Internet Files Folder)



    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 06/05/2016 at 17:18:48.29
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  4. #4
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Please open Malwarebytes Anti-Malware

    • On the Dashboard click on Update Now
    • Go to the Setting Tab
    • Under Setting go to Detection and Protection
    • Under PUP and PUM make sure both are set to show Treat Detections as Malware
    • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
    • Then on the Dashboard click on Scan
    • Make sure to select THREAT SCAN
    • Then click on Scan
    • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
    • If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
    • Upon completion of the scan (or after the reboot), click the History tab.
    • Click Application Logs, followed by the first Scan Log.
    • Click Export,followed by Copy to Clipboard. Paste the log in your next reply.


    ~~~~~~~~~~~~~~~~~~

    What we can do now is run an online scan with Eset, a good trusted scanner, reliable and thorough.
    The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
    This scanner can take quite a bit of time to run, depending of course how full your computer is.



    ESET Online Scan
    Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.
    • Please download ESET Online Scan and save the file to your Desktop.
    • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
    • Double-click esetsmartinstaller_enu.exe to run the programme.
    • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
    • Agree to the Terms of Use once more and click Start. Allow components to download.
    • Place a checkmark next to Enable detection of potentially unwanted applications.
    • Click Advanced settings. Place a checkmark next to:
      • Scan archives
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology

    • Ensure Remove found threats is unchecked.
    • Click Start.
    • Wait for the scan to finish. Please be patient as this can take some time.
    • Upon completion, click . If no threats were found, skip the next two bullet points.
    • Click and save the file to your Desktop, naming it something such as "MyEsetScan".
    • Push the Back button.
    • Place a checkmark next to and click .
    • Re-enable your anti-virus software.
    • Copy the contents of the log and paste in your next reply.



    Please post these 2 logs when finished. Also tell me what the computer is doing now.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #5
    Member
    Join Date
    Aug 2008
    Posts
    56

    Default

    Hi Juliet,

    Here's the results:-

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 06/05/2016
    Scan Time: 21:25
    Logfile:
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.05.06.07
    Rootkit Database: v2016.05.06.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x86
    File System: NTFS
    User: WIN7

    Scan Type: Threat Scan
    Result: Cancelled
    Objects Scanned: 0
    (No malicious items detected)
    Time Elapsed: 3 min, 4 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    ESET:-

    C:\Users\WIN7\AppData\LocalLow\Sun\Java\jre1.7.0_51\java_sp.dll a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

  6. #6
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    what eset found is ok, the tool bar that came in with Java has been removed.

    Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java

    Please read this article about Java.

    I would recommend that you completely uninstall Java unless you need it to run an important software.
    In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser and How to unplug Java from the browser)

    If you do need to keep Java then download JavaRa
    Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
    Once done then "run it again" and select Update Java Download and install Latest version.


    How's the computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #7
    Member
    Join Date
    Aug 2008
    Posts
    56

    Default

    Hi Juliet,

    After reading the tutorials on Java, I can't find any plug in's or Java related programs. So I haven't been able to uninstall it.

    The computer seems to be working better.

    I think it's time to start looking for a more up to date one...

  8. #8
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    If you downloaded JavaRa and it didn't find anything your in good shape.

    DelFix
    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools

    • Click the Run button.
    • -- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).


    ************************

    • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
    • CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
    • Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
    • Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
    • NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
    • Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
    • Secunia PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
    • SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
    • Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
    • Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #9
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Glad we could help.

    Since this issue appears resolved ... this Topic is closed.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •