Jump to content

Recommended Posts

https://forums.malwarebytes.org/index.php?/topic/164377-please-help-with-my-windows-7-slowdown-possible-virus-issue-logs-attached/

 

Hi-I am having pretty much the same issues as this person.

 

I downloaded malware bytes and it detected only 1 malicious file and removed it but it did not help. Now my computer will only work in safe mode.

 

Thank you for any assistance you can offer.

Link to post
Share on other sites

CHR Extension: (Skype Click to Call) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-09-02]

CHR Extension: (Gmail) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-02]

CHR Profile: C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2

CHR Extension: (Shopping App by Ask) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aaaaahaeginbdcckocjkhbciadcafnep [2014-12-26]

CHR Extension: (Google Docs) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-03]

CHR Extension: (Google Drive) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-03]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]

CHR Extension: (YouTube) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-03]

CHR Extension: (McAfee Security Scan+) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-12]

CHR Extension: (Google Search) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-03]

CHR Extension: (Pin It Button) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-07-21]

CHR Extension: (Freemake Video Converter) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-03-03]

CHR Extension: (Skype Click to Call) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-03]

CHR Extension: (Hangouts) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-07-23]

CHR Extension: (Google Wallet) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]

CHR Extension: (Gmail) - C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-03]

CHR HKLM\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2014-11-24]

CHR HKLM-x32\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2014-11-24]

CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path

CHR HKLM-x32\...\Chrome\Extension: [ghnpfkmgeiojiaheaiefkilmjinpoccb] - C:\Users\smhurt\AppData\Local\Temp\ghnpfkmgeiojiaheaiefkilmjinpoccb.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-12-23]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]

StartMenuInternet: Google Chrome - C:\Users\smhurt\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)

S2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated)

S2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-30] (APN LLC.)

S2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2010-12-14] (Intel Corporation) [File not signed]

S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-12-14] (Intel Corporation) [File not signed]

S2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [974912 2010-12-14] (Intel Corporation) [File not signed]

S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)

S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake) [File not signed]

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-06-16] ()

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-10] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)

S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)

S2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-08-08] (Trend Micro Inc.)

S2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-08-08] (Trend Micro Inc.)

S2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-08-08] (Trend Micro Inc.)

S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-08-08] (Trend Micro Inc.)

U2 TMAgent; No ImagePath

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-10 15:44 - 2015-02-10 15:46 - 00026488 _____ () C:\Users\smhurt\Downloads\FRST.txt

2015-02-10 15:42 - 2015-02-10 15:42 - 00064920 _____ () C:\Users\smhurt\Downloads\Addition.txt

2015-02-10 15:40 - 2015-02-10 15:46 - 00000000 ____D () C:\FRST

2015-02-10 15:40 - 2015-02-10 15:40 - 00001101 _____ () C:\Users\smhurt\Desktop\FRST64 - Shortcut.lnk

2015-02-10 15:39 - 2015-02-10 15:39 - 02132992 _____ (Farbar) C:\Users\smhurt\Downloads\FRST64.exe

2015-02-09 20:55 - 2015-02-10 15:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-02-09 20:53 - 2015-02-09 20:53 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-02-09 20:53 - 2015-02-09 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-02-09 20:53 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-02-09 20:53 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-02-09 20:53 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-02-09 14:10 - 2015-02-09 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-02-09 10:41 - 2015-02-09 21:28 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2015-02-07 20:04 - 2015-02-10 15:35 - 00814828 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-02-02 01:13 - 2015-02-02 01:13 - 00000000 _____ () C:\Windows\SysWOW64\shoB1AD.tmp

2015-01-24 09:49 - 2015-01-24 09:49 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieBrowserModeList

2015-01-11 20:22 - 2015-01-11 20:22 - 00000000 _____ () C:\Windows\SysWOW64\shoEE0C.tmp

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-10 15:29 - 2011-09-20 01:52 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2015-02-10 15:29 - 2011-09-20 01:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2015-02-10 15:29 - 2011-09-20 01:43 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2015-02-10 15:28 - 2012-04-07 11:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-02-10 15:27 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-10 15:26 - 2009-07-13 23:51 - 00103257 _____ () C:\Windows\setupact.log

2015-02-10 13:11 - 2011-09-20 01:15 - 01305049 _____ () C:\Windows\WindowsUpdate.log

2015-02-10 12:56 - 2012-04-07 11:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-10 12:56 - 2012-01-24 21:33 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001UA.job

2015-02-10 12:51 - 2012-05-12 12:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-02-09 22:04 - 2010-11-20 22:47 - 02500650 _____ () C:\Windows\PFRO.log

2015-02-09 21:30 - 2011-12-02 18:38 - 00000000 ____D () C:\Users\smhurt

2015-02-09 21:28 - 2012-09-04 20:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

2015-02-09 21:28 - 2012-01-15 17:43 - 00000000 ____D () C:\ProgramData\Trend Micro

2015-02-09 21:28 - 2011-12-24 11:54 - 00000000 ____D () C:\Users\Administrator

2015-02-09 21:27 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration

2015-02-09 20:36 - 2011-12-24 11:54 - 00088400 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2015-02-09 14:10 - 2012-10-27 21:23 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-02-07 20:23 - 2013-07-25 02:02 - 00000000 ____D () C:\Windows\system32\MRT

2015-02-07 20:15 - 2009-07-13 23:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-07 20:15 - 2009-07-13 23:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-07 20:12 - 2012-02-03 22:14 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-02-07 19:51 - 2012-01-24 21:33 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001Core.job

2015-02-07 16:49 - 2011-12-02 21:18 - 00000000 ____D () C:\Users\smhurt\AppData\Roaming\Skype

2015-02-07 12:07 - 2013-05-25 07:04 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2015-02-06 08:51 - 2012-05-12 12:56 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-02-06 08:51 - 2012-04-13 05:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-02-06 08:51 - 2011-09-20 01:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-02-06 02:00 - 2011-12-02 20:58 - 00000000 ____D () C:\Users\smhurt\AppData\Local\Adobe

2015-02-05 19:45 - 2012-01-24 21:33 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001UA

2015-02-05 19:45 - 2012-01-24 21:33 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001Core

2015-02-05 14:47 - 2012-01-24 21:34 - 00002378 _____ () C:\Users\smhurt\Desktop\Google Chrome.lnk

2015-02-05 14:46 - 2012-04-07 11:28 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-02-05 14:46 - 2012-04-07 11:28 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-01-28 16:33 - 2014-07-03 21:56 - 11817572 _____ () C:\Users\smhurt\Documents\NewDesigns [Autosaved].pptx

2015-01-11 21:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2015-01-11 19:27 - 2015-01-06 23:52 - 00000000 ____D () C:\Users\smhurt\Documents\Resume

 

==================== Files in the root of some directories =======

 

2012-02-20 22:31 - 2012-05-14 06:43 - 0000813 _____ () C:\Users\smhurt\AppData\Roaming\Rim.Desktop.Exception.log

2012-02-20 22:30 - 2012-02-20 22:30 - 0001153 _____ () C:\Users\smhurt\AppData\Roaming\Rim.Desktop.HttpServerSetup.log

2012-02-20 22:31 - 2012-05-14 06:43 - 0000385 _____ () C:\Users\smhurt\AppData\Roaming\Rim.DesktopHelper.Exception.log

2012-02-20 22:32 - 2012-04-30 06:17 - 0017920 _____ () C:\Users\smhurt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 

Some content of TEMP:

====================

C:\Users\Administrator\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe

C:\Users\smhurt\AppData\Local\Temp\APNSetup.exe

 

 

 

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015

Ran by smhurt at 2015-02-10 15:46:45

Running from C:\Users\smhurt\Downloads

Boot Mode: Safe Mode (with Networking)

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Trend Micro Titanium (Enabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}

AS: Trend Micro Titanium (Enabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Premiere Elements 12 (Version: 12.0 - Adobe Systems Incorporated) Hidden

Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)

BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.36 - Research In Motion Ltd.)

BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.36 - Research In Motion Ltd.) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Brother MFL-Pro Suite MFC-490CW (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

Cisco WebEx Meetings (HKU\S-1-5-21-2607776316-3220310147-1209561297-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.2) (Version: 5.0.0.2 - Coupons.com Incorporated)

Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)

Dell Marketplace Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)

Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)

Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)

Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)

Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)

DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden

eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)

Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

Freemake Video Converter version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)

Google Chrome (HKU\S-1-5-21-2607776316-3220310147-1209561297-1001\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)

Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)

Intel PROSet Wireless (x32 Version:  - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}) (Version: 1.0.1.0489 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{451A5ECC-C9A5-4944-B28D-23656C9E03D0}) (Version: 14.1.2000 - Intel Corporation)

Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Intel® WiDi (HKLM-x32\...\{03703CBB-563D-45CE-8B35-CB04CAB258BE}) (Version: 2.1.38.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )

Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden

iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2607776316-3220310147-1209561297-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-2607776316-3220310147-1209561297-1001\...\Octoshape add-in for Adobe Flash Player) (Version:  - )

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden

PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden

PRE12 STI 64Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)

PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.)

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)

Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)

Roxio File Backup (Version: 1.3.2 - Roxio) Hidden

Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1801}) (Version: 12.24.1.51 - APN, LLC) <==== ATTENTION

Shopping App by Ask (HKLM-x32\...\{4F524A2D-5354-2D53-5045-A758B70C1500}) (Version: 12.21.0.115 - APN, LLC)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)

Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden

Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden <==== ATTENTION

Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.1.1109 - Trend Micro Inc.)

Trend Micro™ Titanium™ (Version: 3.00 - Trend Micro Inc.) Hidden

TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.1 - WebM Project)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\smhurt\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2607776316-3220310147-1209561297-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\smhurt\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

 

==================== Restore Points  =========================

 

19-01-2015 11:46:56 Scheduled Checkpoint

02-02-2015 01:54:17 Scheduled Checkpoint

07-02-2015 20:11:56 Windows Update

07-02-2015 20:24:35 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {1CE15B67-4627-4FAD-85D6-16AC4298886D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {5D9E2A3E-B043-432E-9CD3-B6FFDBD41CC5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001Core => C:\Users\smhurt\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)

Task: {6C437B8B-8AE6-4BA4-9A03-F73F6178F3F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {7B7F4E57-56EA-46F4-9EC1-AA22BB69A866} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-07] (Google Inc.)

Task: {9474EDC7-D02A-4DE2-8F8B-5886D54DA98C} - System32\Tasks\AdobeAAMUpdater-1.0-smhurt-PC-smhurt => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)

Task: {9CAD9440-3F89-404B-8E7F-B188939DE9DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-07] (Google Inc.)

Task: {A2437581-D17F-44A5-979A-DE5DD135121B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)

Task: {A27A5E10-7A4A-4578-94FA-65E727FFFF75} - System32\Tasks\{498A986F-5A0B-43B2-B0BB-90CF392580C1} => Iexplore.exe http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsWLM

Task: {B66EE168-17F8-433F-AF77-88D0F96657F4} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {B73EA41A-12B9-4328-97BB-1B06E14805F8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)

Task: {BBC8F1F3-3D94-42D3-ACDD-A57B1DACB096} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {BC56E88A-B43A-46C1-9D64-B4DF9A5C374F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {CE018838-E89B-4D5B-90E3-B798EF4D8BD8} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {CF21A090-10A4-41D0-B581-1EF7098AA190} - System32\Tasks\{56521846-2C6F-478F-876E-1562155DBFD0} => Iexplore.exe http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsWLM

Task: {ECA0C54F-39D5-4AAF-AFA0-D35729939D7E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001UA => C:\Users\smhurt\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001Core.job => C:\Users\smhurt\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2607776316-3220310147-1209561297-1001UA.job => C:\Users\smhurt\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) ==============

 

2014-11-21 05:38 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2015-02-05 14:47 - 2015-02-04 04:02 - 09170760 _____ () C:\Users\smhurt\AppData\Local\Google\Chrome\Application\40.0.2214.111\pdf.dll

2014-10-15 07:24 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll

2014-10-15 07:24 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\smhurt\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

 

==================== EXE Association (whitelisted) ===============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== Other Registry Areas =====================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2607776316-3220310147-1209561297-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\smhurt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2607776316-3220310147-1209561297-500 - Administrator - Enabled) => C:\Users\Administrator

Guest (S-1-5-21-2607776316-3220310147-1209561297-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2607776316-3220310147-1209561297-1002 - Limited - Enabled)

smhurt (S-1-5-21-2607776316-3220310147-1209561297-1001 - Administrator - Enabled) => C:\Users\smhurt

 

==================== Faulty Device Manager Devices =============

 

Name: Security Processor Loader Driver

Description: Security Processor Loader Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: spldr

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/10/2015 03:32:26 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/10/2015 03:23:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ElementsAutoAnalyzer.exe, version: 12.0.0.0, time stamp: 0x5224d967

Faulting module name: dvamarshal.dll, version: 11.0.0.0, time stamp: 0x5224d681

Exception code: 0xc0000005

Fault offset: 0x0000000000034961

Faulting process id: 0xb0c

Faulting application start time: 0xElementsAutoAnalyzer.exe0

Faulting application path: ElementsAutoAnalyzer.exe1

Faulting module path: ElementsAutoAnalyzer.exe2

Report Id: ElementsAutoAnalyzer.exe3

 

Error: (02/10/2015 03:06:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (02/10/2015 01:11:57 PM) (Source: Application Error) (EventID: 1005) (User: )

Description: Windows cannot access the file C:\Windows\System32\drmv2clt.dll for one of the following reasons:

there is a problem with the network connection, the disk that the file is stored on, or the storage

drivers installed on this computer; or the disk is missing.

Windows closed the program Windows Media Player Network Sharing Service because of this error.

 

Program: Windows Media Player Network Sharing Service

File: C:\Windows\System32\drmv2clt.dll

 

The error value is listed in the Additional Data section.

User Action

1. Open the file again.

This situation might be a temporary problem that corrects itself when the program runs again.

2.

If the file still cannot be accessed and

- It is on the network,

your network administrator should verify that there is not a problem with the network and that the server can be contacted.

- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.

3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.

4. If the problem persists, restore the file from a backup copy.

5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for

further assistance.

 

Additional Data

Error value: C0000185

Disk type: 3

 

Error: (02/10/2015 01:11:57 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f

Faulting module name: drmv2clt.dll, version: 11.0.7601.18526, time stamp: 0x53b9ffdb

Exception code: 0xc0000006

Fault offset: 0x000000000002413b

Faulting process id: 0x1510

Faulting application start time: 0xwmpnetwk.exe0

Faulting application path: wmpnetwk.exe1

Faulting module path: wmpnetwk.exe2

Report Id: wmpnetwk.exe3

 

Error: (02/10/2015 01:00:14 PM) (Source: Application Error) (EventID: 1005) (User: )

Description: Windows cannot access the file C:\Windows\System32\drmv2clt.dll for one of the following reasons:

there is a problem with the network connection, the disk that the file is stored on, or the storage

drivers installed on this computer; or the disk is missing.

Windows closed the program Windows Media Player Network Sharing Service because of this error.

 

Program: Windows Media Player Network Sharing Service

File: C:\Windows\System32\drmv2clt.dll

 

The error value is listed in the Additional Data section.

User Action

1. Open the file again.

This situation might be a temporary problem that corrects itself when the program runs again.

2.

If the file still cannot be accessed and

- It is on the network,

your network administrator should verify that there is not a problem with the network and that the server can be contacted.

- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.

3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.

4. If the problem persists, restore the file from a backup copy.

5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for

further assistance.

 

Additional Data

Error value: C0000185

Disk type: 3

 

Error: (02/10/2015 01:00:14 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f

Faulting module name: drmv2clt.dll, version: 11.0.7601.18526, time stamp: 0x53b9ffdb

Exception code: 0xc0000006

Fault offset: 0x000000000002413b

Faulting process id: 0x1a5c

Faulting application start time: 0xwmpnetwk.exe0

Faulting application path: wmpnetwk.exe1

Faulting module path: wmpnetwk.exe2

Report Id: wmpnetwk.exe3

 

Error: (02/10/2015 00:56:52 PM) (Source: Application Error) (EventID: 1005) (User: )

Description: Windows cannot access the file C:\Windows\System32\drmv2clt.dll for one of the following reasons:

there is a problem with the network connection, the disk that the file is stored on, or the storage

drivers installed on this computer; or the disk is missing.

Windows closed the program Windows Media Player Network Sharing Service because of this error.

 

Program: Windows Media Player Network Sharing Service

File: C:\Windows\System32\drmv2clt.dll

 

The error value is listed in the Additional Data section.

User Action

1. Open the file again.

This situation might be a temporary problem that corrects itself when the program runs again.

2.

If the file still cannot be accessed and

- It is on the network,

your network administrator should verify that there is not a problem with the network and that the server can be contacted.

- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.

3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.

4. If the problem persists, restore the file from a backup copy.

5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for

further assistance.

 

Additional Data

Error value: C0000185

Disk type: 3

 

Error: (02/10/2015 00:56:52 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f

Faulting module name: drmv2clt.dll, version: 11.0.7601.18526, time stamp: 0x53b9ffdb

Exception code: 0xc0000006

Fault offset: 0x000000000002413b

Faulting process id: 0x2a74

Faulting application start time: 0xwmpnetwk.exe0

Faulting application path: wmpnetwk.exe1

Faulting module path: wmpnetwk.exe2

Report Id: wmpnetwk.exe3

 

Error: (02/10/2015 00:19:12 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (02/10/2015 03:45:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:45:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:45:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:45:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:45:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:45:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:41:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:41:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:41:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/10/2015 03:41:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

 

Microsoft Office Sessions:

=========================

Error: (02/10/2015 03:32:26 PM) (Source: WinMgmt) (EventID: 10) (User: )

Link to post
Share on other sites

remove%20outdated.jpg Uninstall some programs
 
We need to uninstall some unwanted/unneeded programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

  • Search App by Ask
  • Shopping App by Ask
  • Strongvault Online Backup

After completing uninstalls, please manually reboot your machine!
 
Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.
 
 
 
 
adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait until the database is updated.
  • Accept the Terms of use and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please upload report in your reply.
 
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

fixlist.txt

fixlist.txt

Link to post
Share on other sites

Let's run FRST again.
 
 
 
FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please upload them into your next reply.

Link to post
Share on other sites

FRST.gif Fix with Farbar Recovery Scan Tool
 


icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

fixlist.txt

Link to post
Share on other sites

Thank you very much :)
 
 
 
Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: 
btn_donateCC_LG.gif

 

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.