Jump to content

IAT Hooks; Chrome *.exe; Disable Registry Tools; Cookies


Recommended Posts

My laptop is running very slowly.


 


Rogue Killer is indicating the presence of IAT Hooks:


Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLSdetected: Setting.DisableRegistryTools (A)


 


HitmanPro is indicating an issue. [see Attached Log]


 


Task Manager is showing various Chrome *.exe processes which I am unfamiliar with and may or may not be an indication of malware. [see Attached Screen Shot]


 


Rogue Killer is indicating the presence of IAT Hooks:


 


[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found


[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found


[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2DB07389-E2D8-435C-8610-A2B4A482E18C} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found


[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{2DB07389-E2D8-435C-8610-A2B4A482E18C} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found


 


Malwarebytes Anti-Malware [Premium] shows no infections.


 


Attached fine FRST Txt and Additional Txt.


 


Thank you


1HitmanPro_20151204_1841.log

post-62460-0-49587100-1449329055_thumb.j

FRST.txt

Addition.txt

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....
 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.
 

Next,

 

Please open Malwarebytes Anti-Malware.
 

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

            'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:
 

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

 

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.
 

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
 

  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next,

 

 

dr_web_cureit_zpse80d87bf.jpg
Download Dr Web Cureit from here http://www.freedrweb.com/cureit save to your desktop. (Scroll to bottom of page)
 

  • The file will be randomly named
  • Reboot to safe mode <<<<<------------ http://support.eset.com/kb2268/
  • Run Dr Web
  • Tick the I agree box and select continue
  • Click select objects for scanning


    drwebselect.JPG
     
  • Tick all boxes as shown
  • Click the wrench and select automatically apply actions to threats


    drwebfolders.JPG
     
  • Press start scan
  • The scan will now commence


    drwebscan.JPG
     
  • Once the scan has finished click open report <<<--- Do not miss this step


    drwebscancomplete.JPG
     
  • A notepad will open
  • Select File > Save as..
  • Save it to your desktop

This log will be excessive,  Please attach it to your next reply…

Let me see those logs, also give an update on any remaining issues or concerns...

 

 

Thank you,

 

Kevin...
 

 

Fixlist.txt

Link to post
Share on other sites

Kevin:

 

Sorry for the delay in getting back to you.

 

When I ran the FRST "fix" and upon the rebooting of my laptop I had no internet connection.

 

This is an issue with FRST "fix" that I have previously experienced when utilizing it when attempting a repair in the past within this forum.

 

Previously I could connect to the internet by performing a system restore.  [rebooting my modem and router does not work with this issue.]

 

My only recourse was to uninstall Windows 7 and to then re-install Windows 7.

 

This reestablished my internet connection but has forced me to reconstruct some of the files that I had.

 

I will get back to you in two or three days and report on how my laptop is performing.

 

Thank you

Link to post
Share on other sites

Thanks for the update Purrington, let me know how you progress later when you`re ready...

 

I`m surprised there was a connection, the winsock catalogue was already broken. The fix which would have any bearing was to remove corrupt links and reset the winsock catalogue...

 

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
cmd: netsh winsock reset

 

You have not posted the log from the fix so I have no way of knowing what has happened or gone wrong...

Link to post
Share on other sites

I have to confess I do not know what a "Winsock" is.

 

I could not post the log from the fix because as soon as the fix was done it called for a reboot and upon rebooting my internet connection was lost so even if I had the fix log I had no way to get it to you.

 

In the past two day my laptop has not been acting well.

 

ADWCleaner gave me this earlier today and I can see the word "winsock" in the report.

 

# AdwCleaner v5.023 - Logfile created 07/12/2015 at 10:31:44
# Updated 30/11/2015 by Xplode
# Database : 2015-12-06.2 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Lewis - LEWIS-PC
# Running from : C:\Users\Lewis\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[!] Folder Not Deleted : C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobcbdgacfkninlcbphihhdlkobkehia
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : iobcbdgacfkninlcbphihhdlkobkehia
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [949 bytes] ##########
 
Is there anything I can do to find out what issues are afflicting my laptop without resorting to using a FRST fix?
 
Thank you
Link to post
Share on other sites

I cannot understand why you should have any issues whatsoever, you have just completed a fresh install of the operating system. Yes I recall the link you`ve posted, I was helping initially before another guy took over when I went on vacation.

 

Let me know exactly what is wrong now, or what has changed since the fresh install of Windows 7...

 

FRST is a tool we all use many times a day without issue, the initial scan is purely diagnostic and will make no changes to your system. It does give an excellent overview of what is running etc....

 

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt and Shortcut.txt are checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make logs named (Addition.txt) and Shortcut.txt Please attach those logs to your reply.

 

Next,

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8/8.1/10, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report",in the next window select "Export txt" the log will open as a text file post that log... Also save to your Desktop for reference. log will open.
  • Close the program > Don't Fix anything!

 

Thank you,

 

Kevin...

Link to post
Share on other sites

Kevin:

 

I do not know why I am having issues after reinstalling Windows either.

 

I also agree that FRST is a reputable tool and is widely used in the diagnosis of computer problems.

 

However, in my specific instance, there is a documented history of my laptop losing its internet connection after clicking on the “fix” button once.

 

Prior to this last episode I was always able to reestablish an internet connection by doing a “System Restore.”

 

The last time I clicked once on the “fix” button I was then asked to reboot my laptop and upon doing so lost my internet connection and was unable to reestablish a connection utilizing “System Restore” and only by uninstalling and then re-installing Windows was I able to reconnect to the internet.

 

I will download the Farber Recovery Scan Tool as you request and post  the FRST txt and Addition Txt but I hope you will take into account that there is a history [admittedly inexplicable] of my losing my internet connection upon using the FRST “fix” feature and I should like not to have this recur again if it means losing my internet connection and resorting the somewhat drastic measure of uninstalling and re-installing Windows a second time.

 

I will follow your instructions above and post the requested information shortly.

 

Thank you.

Link to post
Share on other sites

Kevin:

 

Below are the reports you requested.

 

I had to attach the FRST Txt as it was too large to paste.

 

I do not think there is a problem with the FRST diagnoses. 

 

The problem only appears when I apply the “fix.”

 

If you look that the previous thread in which this issue appeared you will notice that I provided screenshots of what appeared on my laptop screen after applying the FRST “fix.”

 

I will clearly show that I am repeatedly losing my internet connection after the application of the “fix.”

 

I do not know why this is but then again I do not know the cause of cancer but when a tumor appears I know it is a problem.

 

Thank you,

 

Lewis

 

 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by Lewis (2015-12-07 14:16:41)
Running from C:\Users\Lewis\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-05 20:56:42)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1422163307-3788927115-2030255185-500 - Administrator - Disabled)
Guest (S-1-5-21-1422163307-3788927115-2030255185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1422163307-3788927115-2030255185-1002 - Limited - Enabled)
Lewis (S-1-5-21-1422163307-3788927115-2030255185-1000 - Administrator - Enabled) => C:\Users\Lewis
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5803.11 - Dell Inc.)
Dell Support Center (Version: 3.1.5803.11 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.251 - SurfRight B.V.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook 2010 (HKLM-x32\...\Office14.OUTLOOKR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.7.0 - Tweaking.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
06-12-2015 14:39:01 Windows Update
06-12-2015 16:13:34 Windows Update
06-12-2015 16:23:50 Windows Update
06-12-2015 17:19:03 Checkpoint by HitmanPro
07-12-2015 05:24:39 Windows Update
07-12-2015 07:34:42 Windows Update
07-12-2015 11:07:23 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-12-06 22:21 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1B368EB5-C65D-4FB2-A153-F17292A3AF66} - System32\Tasks\PCDEventLauncher => c:\Program Files\Dell Support Center\sessionchecker.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {32836488-B1D1-46B3-9BC2-5CFA248D5EC6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1422163307-3788927115-2030255185-1000
Task: {5E5BA671-881F-4714-B27D-CD82F94D8215} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-05] (Google Inc.)
Task: {79ACAE29-F25A-4EC3-9FA9-CC086F7B2112} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-05] (AVAST Software)
Task: {83C17835-0BEA-4E39-89F4-828C2C265243} - System32\Tasks\SystemToolsDailyTest => c:\Program Files\Dell Support Center\pcdrcui.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {8EEBF22E-9D58-4E1E-BF36-CB2CD5E52D8A} - System32\Tasks\{9554D1CE-59B7-4085-A748-8E5A03870856} => pcalua.exe -a C:\Users\Lewis\Downloads\produkey_setup.exe -d C:\Users\Lewis\Downloads
Task: {C9461EED-8D3C-436E-9549-B118CF2382C0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-05] (AVAST Software)
Task: {CA4CBB7F-997D-4071-A4FB-0B528BC37C85} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {E9736CB9-EC2A-497B-A99E-E686AF6033E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-05] (Google Inc.)
Task: {F9604597-2822-4DFD-9EA5-FC70C48BE27D} - System32\Tasks\{640A426C-8074-4387-A23F-5D65C1E27BC7} => pcalua.exe -a "C:\Program Files (x86)\AnalogX\CookieWall\cookieu.exe" -d C:\Users\Lewis\Downloads -c -InstReg
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => c:\Program Files\Dell Support Center\pcdrcui.exe
Task: C:\windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-09-15 18:46 - 2011-09-15 18:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-01-05 01:40 - 2011-04-10 13:40 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2011-09-15 18:46 - 2011-09-15 18:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2015-12-05 15:29 - 2015-12-05 15:29 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-05 15:29 - 2015-12-05 15:29 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-07 07:09 - 2015-12-07 07:09 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120701\algo.dll
2015-12-05 15:29 - 2015-12-05 15:29 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2012-01-05 00:41 - 2010-08-11 19:19 - 00056544 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2012-01-05 00:41 - 2010-08-11 19:19 - 00113888 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2012-01-05 00:41 - 2010-08-11 19:19 - 00126176 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2015-12-07 11:13 - 2015-12-07 11:13 - 00098816 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32api.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00110080 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\pywintypes27.dll
2015-12-07 11:13 - 2015-12-07 11:13 - 00364544 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\pythoncom27.dll
2015-12-07 11:13 - 2015-12-07 11:13 - 00046080 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_socket.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 01208320 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_ssl.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00320512 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32com.shell.shell.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00776704 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_hashlib.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 01176576 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._core_.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00806400 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._gdi_.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00816128 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._windows_.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 01067008 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._controls_.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00733184 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._misc_.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00682496 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\pysqlite2._sqlite.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00088064 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_ctypes.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00119808 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32file.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00108544 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32security.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00007168 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\hashobjs_ext.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00017920 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\thumbnails_ext.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00079360 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\usb_ext.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00167936 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32gui.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00018432 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32event.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00128512 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_elementtree.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00127488 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\pyexpat.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00013824 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\common.time34.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00036864 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_psutil_windows.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00038912 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32inet.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00525640 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\windows._lib_cacheinvalidation.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00011264 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32crypt.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00077312 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._html2.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00027136 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_multiprocessing.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00020480 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\_yappi.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00035840 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32process.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00686080 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\unicodedata.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00123392 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._wizard.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00024064 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32pipe.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00010240 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\select.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00025600 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32pdh.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00017408 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32profile.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00022528 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\win32ts.pyd
2015-12-07 11:13 - 2015-12-07 11:13 - 00078848 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI48962\wx._animate.pyd
2015-12-05 15:29 - 2015-12-05 15:29 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-06 09:50 - 2015-12-06 09:50 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-01-05 00:09 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-12-05 15:14 - 2015-11-24 03:00 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll
2015-12-05 15:14 - 2015-11-24 03:00 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19170427.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19170427.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\...\1001movie.com -> 1001movie.com
 
There are 6091 more sites.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1422163307-3788927115-2030255185-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{FA8E80A7-8606-4EB8-A658-AC4137557F70}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{FA203B0F-F9ED-46EA-93EC-FB5D6C1893DC}] => (Allow) C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{D4BC1A75-993A-4D9E-91B9-99EA5424B7F6}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{78DECB04-A9E1-4817-98CC-E7A45B2D048E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E3837346-ACE2-412A-B71E-33E341D0AEE2}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{6D942904-B874-4483-9B62-99F895344CA2}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{CC6047CB-E8E0-48F9-80E4-B6AB6EE2FF7E}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{730CD514-2F9B-4ED5-A231-84606F2FBB19}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [{12017198-FCB5-4B86-9BC5-F221FD3E2892}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{871DA126-2CF2-490D-8F5C-CEB0FD707BE0}] => (Allow) LPort=2869
FirewallRules: [{EC689281-B832-40A8-A3EB-799AA5C5E73A}] => (Allow) LPort=1900
FirewallRules: [{7BB85CE6-4B32-4989-B3A4-A4B942A12EB6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7F9FA29E-753C-466A-8103-FB4AF1EBF043}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{629AC07C-291D-4012-BC1E-3A9408EDF205}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/07/2015 10:49:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/07/2015 08:57:24 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80040154, Class not registered
.
 
 
Operation:
   Set Snapshot Context
 
Context:
   Execution Context: Requestor
 
Error: (12/07/2015 08:57:24 AM) (Source: VSS) (EventID: 22) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and Name Software Provider is [0x80040154, Class not registered
].
 
 
Operation:
   Set Snapshot Context
 
Context:
   Execution Context: Requestor
 
Error: (12/07/2015 08:54:57 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80040154, Class not registered
.
 
 
Operation:
   Set Snapshot Context
 
Context:
   Execution Context: Requestor
 
Error: (12/07/2015 08:54:57 AM) (Source: VSS) (EventID: 22) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and Name Software Provider is [0x80040154, Class not registered
].
 
 
Operation:
   Set Snapshot Context
 
Context:
   Execution Context: Requestor
 
Error: (12/07/2015 08:23:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/07/2015 08:21:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/07/2015 07:10:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/07/2015 07:10:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/07/2015 07:10:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
 
System errors:
=============
Error: (12/07/2015 11:17:22 AM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (12/07/2015 10:48:52 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (12/07/2015 10:46:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:45:26 AM on ‎12/‎7/‎2015 was unexpected.
 
Error: (12/07/2015 10:44:19 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (12/07/2015 10:30:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/07/2015 10:30:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/07/2015 10:30:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/07/2015 10:29:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/07/2015 10:29:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/07/2015 10:29:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 43%
Total physical RAM: 6051.18 MB
Available physical RAM: 3420.36 MB
Total Virtual: 12100.57 MB
Available Virtual: 9086.64 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:389.61 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BDFF1CAD)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
RogueKiller V11.0.2.0 [Dec  7 2015] (Free) by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Lewis [Administrator]
Started from : C:\Users\Lewis\Downloads\RogueKiller.exe
Mode : Scan -- Date : 12/07/2015 14:39:42
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2DB07389-E2D8-435C-8610-A2B4A482E18C} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2DB07389-E2D8-435C-8610-A2B4A482E18C} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{2DB07389-E2D8-435C-8610-A2B4A482E18C} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)])  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 1 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1       localhost
 
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] afd3e18634a03cfc5f5cd4c7c7c1540f
[bSP] 2ec32c4dafc030881e2a9675b975a583 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 15000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 30926848 | Size: 461838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 

 

FRST.txt

Link to post
Share on other sites

What do you believe is wrong with your system, logs do not show any obvious malware or infection. Run the following scan, again this diagnostic..

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)
Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

If Security Check will not run or you get an alert saying it is not supported, Re-boot your PC then try again...
 

Thank you,

 

Kevin...

Link to post
Share on other sites

Kevin:

 

What the issue was prior to my attempting to do the FRST “Fix” the other day I do not know.

 

After re-installing Windows, for reasons utterly unknown to me Malwarebytes detect many dangers “Pups” which I quarantined.

 

After that my laptop was still terribly slow and problems were detected by both ADWCleaner and TDSS Kapersky.

 

In an effort to fix the persistent problem I ran the ESET Scanner and it captured the following infections which it happily deleted:

 

sh=F5FDBDDA6E61D6E392090CE37FDD5748EDEF75B5 ft=1 fh=4c2408bfe0b7df9a vn="a variant of Win32/HiddenStart.A potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe"

sh=6934335239B34885403720699DA5EE97B4CE8A48 ft=1 fh=1c9eac9f7d08a7aa vn="a variant of Win32/HiddenStart.A potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe"

sh=5B189555C663407C8DA7930EF070CE16C9B20CE1 ft=1 fh=033ec78b6d86e1cf vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Lewis\Downloads\ccsetup512.exe"

 

I my opinion as a complete computer novice these may have been at the root of my problem in the past few days.

 

Here is the Security Check Log you requested:

 

Results of screen317's Security Check version 1.009 

 Windows 7 Service Pack 1 x64 (UAC is enabled) 

 Internet Explorer 11 

``````````````Antivirus/Firewall Check:``````````````

 Windows Firewall Enabled! 

avast! Antivirus  

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:`````````

 SpywareBlaster 5.2   

 Java 6 Update 27 

 Java version 32-bit out of Date!

 Adobe Reader 10.1.16 Adobe Reader out of Date! 

 Google Chrome (47.0.2526.73)

````````Process Check: objlist.exe by Laurent```````` 

 Malwarebytes Anti-Malware mbamservice.exe 

 Malwarebytes Anti-Malware mbam.exe 

 Malwarebytes Anti-Malware mbamscheduler.exe  

 AVAST Software Avast AvastSvc.exe 

 AVAST Software Avast AvastUI.exe 

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C: 13% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

 

If all is now well that is great and I thank you for your assistance.

 

Is there a safe way for me to test to see if it is safe method for me to use FRST "Fix" in the future?

 

Lewis

Link to post
Share on other sites

Hello Lewis,

 

It is essential that ESET is never allowed to remove found entries without research, The entries shown as cleaned by deleting were actually very safe.

 

hstart.exe is a dell file if I recall correctly, something to do with Dell DataSafe Local Backup, I see you actually allowed ESET program to remove both instances of part of a Dell backup program...

The other one "ccsetup512.exe" is CCleaner installer, ESET will flag that entry because it normally comes bundled with Google Toolbar, a very safe to use toolbar, just so you know.

 

When you run a program such as ESET online AV scanner make sure the setting for Remove found threats is definitely unchecked. Then you have the option to read the produced log and do some research on what is found....

 

If you look over the Security Check log you will note entries in red will definitely require your attention, Java and Adobe are very prone to infection if they are not kept updated to current version. immediate attention needed on both, if never used an UNinstall is the better option, or......

 

Adobe Reader is outdated...

Visit http://get.adobe.com/uk/reader/otherversions/ and download the latest version of Acrobat Reader


 

Step 1 - Select your Operating System.

Step 2 - Select your Langauge.

Step 3 - Select latest version.


 

Untick the option for any security scanner or toolbar if offered.
 

Download and install.
 

Having the latest updates ensures there are no security vulnerabilities in your system.

 

Then..

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.


 

Upgrading Java:


 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.
 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very Important.

 

I also not the hard drive is shown as 13% fragmented, unless the hard drive is a "Solid State" drive it should be defragmented at your earliest convenience. Have a read at the following link:

 

http://windows.microsoft.com/en-gb/windows/improve-performance-defragmenting-hard-disk#1TC=windows-7

 

Regarding FRST fix,  it is not an auto fix tool. After the initial scan is done the "fix" is compiled by someone who is fully conversant with Windows operating systems and the tool FRST, even then problems can happen. If you have not even a basic knowledge then is best left alone..

 

One other point, I see you have SpywareBlaster installed; as you have Malwarebytes Premium installed having SpywareBlaster installed is very much counterproductive... I`d recommend you remove that program asap....

 

Thank you,

 

Kevin..

 


 


 

Link to post
Share on other sites

Kevin:

 

1.        I appreciate the enlightening information regarding ESET and CCleaner

2.        I have updated Adobe Acrobat Reader. 

3.        I have updated Java for Window.  Java uninstalled outdated versions.

4.       Regarding FRST “Fix” I can only say that at least twice on a previous Malwarebytes thread and once on this thread that as soon as I clicked on “fix” and my laptop rebooted that I was unable to then connect to the internet.  The exact causation of this is currently unknown but that it occurred is undeniable.

5.        I have updated Java for Window.  Java uninstalled outdated versions.

6.       I have deleted Spyware Blaster.

 

Thank you,

 

Lewis

Link to post
Share on other sites

Yes I understand your concerns regarding FRST, the only issue for me is no logs to see what exactly went wrong. If your system is now responding as expected run the following to clean up:

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 

  •    
  • Remove disinfection tools


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

 

 

Next,

 

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif
 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.