Very slow Vista laptop with multiple PUP not being quarantined

CarolBell · June 21, 2016

My mother's Vista computer became extremely slow early Monday morning. She said it had been slowing down for awhile but nothing like this. She saw a brief flashed warning of some kind before the computer slowed to a crawl. We eventually discovered her McAfee scans hadn't been running because they were set to only run when it was plugged in. Also the program was extremely slow to respond and the scans were crawling. I suspect it's been corrupted or damaged somehow.

I downloaded Malwarebytes but couldn't install it until I booted the computer in safe mode. I ran it and saw the computer had 370 PUP files but only 298 were quarantined. I ran it twice more, the second time in normal mode, and again Malwarebytes wasn't able to quarantine all the PUPs it found. The computer has improved a bit but not much. I also installed and ran System Mechanic (before reading on this forum I shouldn't) which may have helped a bit but not enough.

Here is the FRST.text:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-06-2016 01
Ran by Dolores Admin (administrator) on DOLORES-PC (20-06-2016 22:27:10)
Running from C:\Users\Dolores Admin\Downloads
Loaded Profiles: Dolores Admin (Available Profiles: Dolores & Dolores Admin)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(SoftThinks SAS) C:\Program Files\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Dell Inc.) C:\WINDOWS\System32\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(iolo technologies, LLC) C:\Program Files\iolo\System Mechanic\LiveBoost.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\Core\mchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [2915408 2009-04-23] (Dell Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-04] (CyberLink Corp.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-15] (Intel Corporation)
HKLM\...\Run: [dellsupportcenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3810304 2008-12-21] (Dell Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [217088 2009-03-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [582288 2015-03-03] (McAfee, Inc.)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-25] (RealNetworks, Inc.)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [562688 2015-02-11] (McAfee, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-31] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM\...\Run: [iolo Startup] => C:\Program Files\iolo\Common\Lib\ioloLManager.exe [4612544 2016-02-19] (iolo technologies, LLC)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2010-01-31] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [879616 2008-01-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-02-06]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-01-31]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-01-31]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Dolores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2010-02-05]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute: autocheck autochk * sasnative32

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{D6B6B051-521D-4CF2-B390-E5F073A90E7B}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
HKU\S-1-5-21-2890082264-578279128-3457152834-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
HKU\S-1-5-21-2890082264-578279128-3457152834-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-2890082264-578279128-3457152834-1002 - (No Name) - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - No File
URLSearchHook: HKU\S-1-5-21-2890082264-578279128-3457152834-1002 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {8047F054-4740-4D62-8AE4-242F6BBE0E5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {8047F054-4740-4D62-8AE4-242F6BBE0E5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {080AE1C3-7E50-43EB-9974-032E18F7EDA4} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US755D20140724&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {080AE1C3-7E50-43EB-9974-032E18F7EDA4} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US755D20140724&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {8047F054-4740-4D62-8AE4-242F6BBE0E5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2890082264-578279128-3457152834-1002 -> DefaultScope {E1193A4A-B3FB-4823-A8E8-C6D5A7E74822} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US755D20140724&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2890082264-578279128-3457152834-1002 -> {E1193A4A-B3FB-4823-A8E8-C6D5A7E74822} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US755D20140724&p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> No Name - {3CE45C4F-BFFF-4988-9A3C-A75C1F491319} - No File
Toolbar: HKU\S-1-5-21-2890082264-578279128-3457152834-1002 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKU\S-1-5-21-2890082264-578279128-3457152834-1002 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files\Cozi Express\CoziProtocolHandler.dll [2008-08-20] (Cozi Group, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-27] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Dolores Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dofa5yak.default
FF DefaultSearchEngine: Secure Search
FF DefaultSearchEngine.US: Secure Search
FF DefaultSearchUrl: hxxp://www.bing.com/search?FORM=DLCDF7&PC=MDDC&q=
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Homepage: hxxps://www.yahoo.com/
FF Keyword.URL: hxxps://search.yahoo.com/search?fr=mcafee&type=B111US755D20140724&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll [No File]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @mcafee.com/MVT -> C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll [2009-09-30] (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\Common Files\Motive\npMotive.dll [2010-05-04] (Alcatel-Lucent)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-09-25] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-09-25] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-16] (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dolores Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dofa5yak.default\user.js [2013-01-23]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-09-25] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-09-25] (RealPlayer)
FF SearchPlugin: C:\Users\Dolores Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dofa5yak.default\searchplugins\McSiteAdvisor.xml [2016-02-16]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-22]
FF Extension: McAfee WebAdvisor - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi [2016-04-24]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Dolores Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dofa5yak.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-04-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-31] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-25] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-06-16] [not signed]
FF HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2016-02-12]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [81920 2009-03-31] (Andrea Electronics Corporation)
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [16680 2010-01-31] (Citrix Online, a division of Citrix Systems, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [4759600 2016-02-19] (iolo technologies, LLC)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2016-02-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [690408 2015-03-03] (McAfee, Inc.)
S4 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [319488 2010-05-04] (Alcatel-Lucent) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [476680 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [334576 2015-03-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SftService; C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE [689472 2010-08-20] (SoftThinks SAS)
S4 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2009-06-03] (SupportSoft, Inc.)
S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe [254042 2009-03-31] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
S4 wltrysvc; C:\Windows\System32\bcmwltry.exe [2809856 2008-12-21] (Dell Inc.) [File not signed]
R2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-21] (Broadcom Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-02-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-06-20] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [304928 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260248 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380496 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-01-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217584 2015-02-17] (McAfee, Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [36656 2016-02-19] (EldoS Corporation)
S3 ADASPROT; \??\C:\Program Files\Advanced System Optimizer 3\adasprot32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 vsdatant7; System32\drivers\vsdatant.win7.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-20 22:27 - 2016-06-20 22:42 - 00024473 _____ C:\Users\Dolores Admin\Downloads\FRST.txt
2016-06-20 22:24 - 2016-06-20 22:27 - 00000000 ____D C:\FRST
2016-06-20 22:23 - 2016-06-20 22:24 - 01738240 _____ (Farbar) C:\Users\Dolores Admin\Downloads\FRST.exe
2016-06-20 21:47 - 2016-06-20 21:44 - 00002634 _____ C:\Users\Dolores Admin\Documents\Malwarebytes scan three copy.xml
2016-06-20 21:46 - 2016-06-20 21:46 - 00001087 _____ C:\Users\Dolores Admin\Documents\Malwarebytes scan three.txt
2016-06-20 20:12 - 2016-06-20 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-06-20 19:30 - 2016-06-20 20:01 - 00000000 ____D C:\Windows\system32\config\Before Compact
2016-06-20 19:30 - 2016-06-20 19:30 - 00000000 ____D C:\Windows\system32\config\SM Registry Backup
2016-06-20 18:22 - 2016-06-20 18:22 - 00000406 _____ C:\Windows\system32\ioloBootDefrag.cfg
2016-06-20 18:22 - 2016-06-20 18:22 - 00000000 ____D C:\Windows\system32\config\Original
2016-06-20 18:20 - 2016-06-20 18:20 - 00001913 _____ C:\Users\Public\Desktop\System Mechanic.lnk
2016-06-20 18:20 - 2016-06-20 18:20 - 00000266 _____ C:\Windows\Tasks\iolo Process Governor.job
2016-06-20 18:20 - 2016-06-20 18:20 - 00000000 ____D C:\Users\Dolores Admin\AppData\Roaming\ioloGovernor
2016-06-20 18:20 - 2016-06-20 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2016-06-20 18:20 - 2016-02-19 07:30 - 00050280 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2016-06-20 18:20 - 2016-02-19 07:30 - 00032048 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2016-06-20 18:20 - 2016-02-19 07:20 - 02123552 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator32.dll
2016-06-20 18:20 - 2016-02-19 07:15 - 00056200 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-06-20 18:13 - 2016-06-20 18:20 - 00000000 ____D C:\Program Files\iolo
2016-06-20 18:08 - 2016-06-20 18:08 - 00074703 _____ C:\Windows\system32\mfc45.dat
2016-06-20 18:08 - 2016-02-19 07:17 - 00036656 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2016-06-20 18:03 - 2016-02-19 07:42 - 52533472 _____ C:\Users\Dolores Admin\Downloads\SystemMechanic.exe
2016-06-20 17:41 - 2016-06-20 19:30 - 00000000 ____D C:\Users\Dolores Admin\AppData\Roaming\iolo
2016-06-20 17:41 - 2016-06-20 18:50 - 00000000 ____D C:\ProgramData\iolo
2016-06-20 17:41 - 2016-06-20 17:41 - 00074703 _____ C:\Windows\system32\mfc45.dll
2016-06-20 12:39 - 2016-06-20 12:36 - 00002634 _____ C:\Users\Dolores Admin\Documents\Malwarebytes scan two copy
2016-06-20 12:37 - 2016-06-20 12:37 - 00001088 _____ C:\Users\Dolores Admin\Documents\Malwarebytes scan two
2016-06-20 10:19 - 2016-06-20 10:15 - 00182766 _____ C:\Users\Dolores Admin\Documents\Malwarebytes scan results copy
2016-06-20 10:16 - 2016-06-20 10:16 - 00067151 _____ C:\Users\Dolores Admin\Documents\Malwarebytes scan results
2016-06-20 09:49 - 2016-06-20 20:39 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-20 09:44 - 2016-06-20 19:16 - 00207284 _____ C:\Windows\ntbtlog.txt
2016-06-20 01:49 - 2016-06-20 09:48 - 00000901 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-20 01:49 - 2016-06-20 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-20 01:44 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-20 01:44 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-20 01:44 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-20 01:41 - 2016-06-20 09:48 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-06-20 01:23 - 2016-06-20 01:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-20 01:23 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\is-F7PTV.tmp
2016-06-20 01:09 - 2016-06-20 01:15 - 22851472 _____ (Malwarebytes ) C:\Users\Dolores Admin\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-09 22:18 - 2016-06-11 18:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-08 21:18 - 2016-06-08 21:18 - 00046146 _____ C:\Users\Dolores Admin\Downloads\Bank Details Form - Foreign (US)(3).pdf
2016-06-08 21:17 - 2016-06-08 21:17 - 00046146 _____ C:\Users\Dolores Admin\Downloads\Bank Details Form - Foreign (US)(2).pdf
2016-06-08 21:14 - 2016-06-08 21:14 - 00046146 _____ C:\Users\Dolores Admin\Downloads\Bank Details Form - Foreign (US)(1).pdf
2016-06-08 21:13 - 2016-06-08 21:13 - 00046146 _____ C:\Users\Dolores Admin\Downloads\Bank Details Form - Foreign (US).pdf
2016-06-07 17:55 - 2016-06-08 21:03 - 00046146 _____ C:\Users\Dolores Admin\Desktop\Bank Details Form - Foreign (US).pdf
2016-05-27 03:24 - 2016-04-09 14:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-27 03:24 - 2016-04-09 12:00 - 02071040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-27 03:11 - 2010-02-20 16:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2016-05-27 03:11 - 2010-02-20 13:53 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-05-27 02:21 - 2016-04-23 10:03 - 12858880 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-27 02:21 - 2016-04-23 10:03 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-27 02:21 - 2016-04-23 10:01 - 09729536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-27 02:21 - 2016-04-23 10:00 - 01831424 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-27 02:21 - 2016-04-23 10:00 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-27 02:21 - 2016-04-23 10:00 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-27 02:21 - 2016-04-23 10:00 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-27 02:21 - 2016-04-23 10:00 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-05-27 02:21 - 2016-04-23 10:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-27 02:21 - 2016-04-23 09:59 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-27 02:21 - 2016-04-23 09:59 - 01789952 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00711168 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-05-27 02:21 - 2016-04-23 09:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-05-27 02:21 - 2016-04-23 09:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-05-24 02:58 - 2016-04-09 14:22 - 00638184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-24 02:58 - 2016-04-09 14:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-20 22:38 - 2012-04-10 15:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-20 22:02 - 2006-11-02 05:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-20 22:02 - 2006-11-02 05:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-20 21:57 - 2014-01-21 01:12 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-20 20:04 - 2014-05-06 16:38 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf69845a299d28.job
2016-06-20 20:04 - 2010-12-25 15:34 - 00000000 ____D C:\Users\Dolores Admin
2016-06-20 20:02 - 2006-11-02 05:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-20 19:54 - 2014-01-21 01:12 - 00000000 ____D C:\Users\Dolores Admin\AppData\Local\Google
2016-06-20 19:54 - 2010-11-13 17:48 - 00000000 ____D C:\ProgramData\Google
2016-06-20 19:54 - 2010-11-11 17:37 - 00000000 ____D C:\Program Files\Google
2016-06-20 19:29 - 2006-11-02 04:18 - 00000000 ___SD C:\Windows\Downloaded Program Files
2016-06-20 19:29 - 2006-11-02 04:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2016-06-20 19:12 - 2006-11-02 05:58 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-20 18:20 - 2006-11-02 04:18 - 00000000 __RSD C:\Windows\Media
2016-06-20 10:20 - 2013-11-06 19:12 - 00000000 ____D C:\ProgramData\Conduit
2016-06-20 10:20 - 2013-05-08 18:58 - 00000000 ____D C:\ProgramData\APN
2016-06-20 02:34 - 2012-12-21 23:02 - 00000402 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Dolores Admin.job
2016-06-18 00:41 - 2012-04-10 15:12 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-18 00:41 - 2011-05-22 21:20 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-13 19:31 - 2010-02-06 12:59 - 00400040 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-11 18:48 - 2014-04-29 15:02 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-27 20:53 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2016-05-27 20:20 - 2006-11-02 05:44 - 00381744 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-27 03:24 - 2013-08-15 19:33 - 00000000 ____D C:\Windows\system32\MRT
2016-05-27 03:13 - 2006-11-02 03:24 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-05-26 00:21 - 2016-01-31 21:13 - 00000369 _____ C:\Users\Dolores Admin\Desktop\Master Costco List.txt

==================== Files in the root of some directories =======

2013-07-11 22:43 - 2015-12-01 02:59 - 0005632 _____ () C:\Users\Dolores Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-20 10:10 - 2015-12-28 09:48 - 0022832 _____ () C:\Users\Dolores Admin\AppData\Local\Z@!-7ab8ed6a-29b5-4c5b-ac6a-0f4d570d0609.tmp

Some files in TEMP:
====================
C:\Users\Dolores\AppData\Local\Temp\ffun.exe
C:\Users\Dolores\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Dolores\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Dolores\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Dolores\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Dolores\AppData\Local\Temp\htomsqsj.dll
C:\Users\Dolores\AppData\Local\Temp\MvtApp.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-20 20:13

==================== End of FRST.txt ============================

And here's addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-06-2016 01
Ran by Dolores Admin (2016-06-20 23:01:00)
Running from C:\Users\Dolores Admin\Downloads
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) (2010-01-31 07:12:13)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2890082264-578279128-3457152834-500 - Administrator - Disabled)
Dolores (S-1-5-21-2890082264-578279128-3457152834-1000 - Limited - Enabled) => C:\Users\Dolores
Dolores Admin (S-1-5-21-2890082264-578279128-3457152834-1002 - Administrator - Enabled) => C:\Users\Dolores Admin
Guest (S-1-5-21-2890082264-578279128-3457152834-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bing Bar (HKLM\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cozi (HKLM\...\{7456BBA3-642F-4E59-9F89-7639977D7C39}) (Version: 1.0.3220.15315 - Cozi Group, Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.31 - Dell)
Dell DataSafe Local Backup (HKLM\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.48 - Dell)
Dell Dock (HKLM\...\{E00B477F-8558-45DA-B25A-69935FB89A94}) (Version: 2.0.0 - Dell)
Dell Driver Download Manager (HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\f031ef6ac137efc5) (Version: 2.0.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.4.115.101 - Alps Electric)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iolo technologies' System Mechanic (HKLM\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 15.5.0 - iolo technologies, LLC)
iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
Java(TM) 6 Update 16 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Internet Security (HKLM\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.290 - McAfee, Inc.)
McAfee Virtual Technician (HKLM\...\{49FA793C-785E-47E9-93DF-BD442B0B45D1}) (Version: 5.5.0.0 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Default Manager (HKLM\...\{61BEA823-ECAF-49F1-8378-A59B3B8AD247}) (Version: 2.1.54.0 - Microsoft Corporation)
Microsoft Office 2000 Disc 2 (HKLM\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2000 Small Business (HKLM\...\{00030409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 9.4.7 - Dell Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Burn (HKLM\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Watchtower Library 2013 - English (HKLM\...\{004E8ED2-315C-4473-A934-032D5D7B3A02}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
WildTangent Games (HKLM\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
WildTangent Games App (Dell Games) (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell) (Version: 4.0.5.14 - WildTangent)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version: - Check Point Software Technologies)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9FDFDD-6172-4AF6-85E9-7A4A33E36F7D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2890082264-578279128-3457152834-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {0DA233FE-0D7F-4DC4-80BA-A61CC35A31B0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {175FC59F-D394-4724-AD30-E9A5C78FC510} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-18] (Adobe Systems Incorporated)
Task: {3363EF44-F96C-4692-B1D8-04877257FFF0} - System32\Tasks\ReclaimerUpdateFiles_Dolores Admin => C:\Users\Dolores Admin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
Task: {3C51B708-596A-4247-834F-56A548CC49E8} - System32\Tasks\{DDF9AB14-41A6-4682-B575-60DE5B784571} => pcalua.exe -a "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" -d "C:\Program Files\Dell\Dell Wireless WLAN Card"
Task: {3C9A93B5-4BA3-4592-8037-0DC1013B21CE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2890082264-578279128-3457152834-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4A38F9A8-C488-4605-BA64-2A6A86E77B4D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2890082264-578279128-3457152834-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4BF758AE-2EDB-41B0-8892-C5257F6F7A9E} - System32\Tasks\{3C9EB995-5D0C-4FC7-8355-E2F1ABABC6B0} => pcalua.exe -a "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall HOMESTUDENTR /dll OSETUP.DLL
Task: {50427A01-235B-4B60-B399-F1CB9FF12D93} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2890082264-578279128-3457152834-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {60AEC0E6-35A3-4F6B-9C09-0DB9E8BE5D91} - \Advanced System Optimizer -> No File <==== ATTENTION
Task: {69451F32-9B29-4FC1-BEDE-B188E1BE2D96} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2890082264-578279128-3457152834-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {78D8F0AB-DC7D-4810-BDE2-4149ACF8F86B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2890082264-578279128-3457152834-1002 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8381E58E-9ABA-423A-B342-8B859AC87125} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2890082264-578279128-3457152834-1002 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {88EC865C-65CE-47BC-80CD-7AF39E3E6BF7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2890082264-578279128-3457152834-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {96123B88-051F-4C4B-A646-2D0F0C0CF750} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {9E51B157-C3FC-4F59-BFA8-FE9D652AE410} - System32\Tasks\GoogleUpdateTaskMachineCore1cf69845a299d28 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {9F7E6C1F-C5F1-4D94-80FB-3DB9B98D7CD3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2890082264-578279128-3457152834-1002 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B7D9841F-3142-4490-A250-DD0A077C5BF1} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {C928517A-E4AF-46D5-8887-D05DC5C80793} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2890082264-578279128-3457152834-1002 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E0B04F49-D83F-4A5F-B6F5-ABA05C6D8F9A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2890082264-578279128-3457152834-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F4317CA4-7D7C-46FA-A602-8CA180AEF172} - System32\Tasks\{764924CF-46AD-421B-9006-54875DDEF50E} => pcalua.exe -a E:\ie6setup.exe -d E:\

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf69845a299d28.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\iolo Process Governor.job => C:\Program Files\iolo\System Mechanic\ioloGovernor.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Dolores Admin.job => C:\Users\Dolores Admin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{CC57461F-DDC2-4E3E-BEA9-792FF9F30B4A}.job => C:\Windows\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-01-31 06:45 - 2010-07-20 19:33 - 00058688 _____ () C:\Program Files\Dell DataSafe Local Backup\STCoreXml.dll
2010-01-31 06:45 - 2010-07-20 19:33 - 00116032 _____ () C:\Program Files\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-01-31 06:45 - 2010-07-20 19:33 - 00128320 _____ () C:\Program Files\Dell DataSafe Local Backup\STLog.dll
2010-01-31 06:31 - 2008-12-21 11:32 - 00054784 _____ () C:\WINDOWS\System32\bcmwlrmt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\internet -> internet
IE trusted site: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\mcafee.com -> hxxps://mcafee.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 03:23 - 2015-12-11 21:47 - 00000767 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2890082264-578279128-3457152834-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Sample Pictures\Forest Flowers.jpg
HKU\S-1-5-21-2890082264-578279128-3457152834-1002\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: IswSvc => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{6B261571-9709-4108-BA60-F67D4B5DD63E}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{67BCB0CE-4B7C-405E-83D0-CCA6FC65B484}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{BDC48ACF-79F9-4BE4-B860-FBED6ABE1009}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{75DDC6A8-3561-4B07-A094-45851873EB69}] => (Allow) svchost.exe
FirewallRules: [{61BABEC2-D1ED-48A2-888B-AC2F9EB9710A}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{EF45250F-0DB3-4A51-A733-E725EE1FD53A}] => (Allow) C:\WINDOWS\System32\ZoneLabs\vsmon.exe
FirewallRules: [{6F14476E-AC35-47C3-A30D-DABE0DEFC776}] => (Allow) C:\WINDOWS\System32\ZoneLabs\vsmon.exe
FirewallRules: [{75FBC714-91C2-4B26-80D7-F0B9A8E98111}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{04DAA773-9F3E-499D-9923-2BBBE8AF19B9}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{56E0EFFA-A95E-4AB8-BC07-852D072FEA86}] => (Allow) LPort=80
FirewallRules: [{6AE59F79-EAA3-49C6-BC3F-833BE5DB3597}] => (Allow) LPort=80
FirewallRules: [{F9737CC1-2839-453B-AA61-D5BA0D34098E}] => (Allow) LPort=80
FirewallRules: [{B8683DC4-6757-4D28-9114-3C33835B3537}] => (Allow) C:\Program Files\ATT-HSI\McciBrowser.exe
FirewallRules: [{58B39E09-608F-4936-924E-9A476DFD64A3}] => (Allow) C:\Program Files\ATT-HSI\McciBrowser.exe
FirewallRules: [{4E504C45-89D3-4A0B-8A8C-91932870F4A1}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1ED4BA17-ECA4-4064-9247-E8D11C4754C5}] => (Allow) LPort=2869
FirewallRules: [{51A21C76-6B47-432E-95C3-B0E08FF0CCE8}] => (Allow) LPort=1900
FirewallRules: [{420B4C8D-12A7-45C8-9DF1-6CD46EF8A88F}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{BAB80D7D-1BA4-4CAC-BAA4-107ADAA0BD4F}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{61913039-264D-4ABC-81A6-4FE2BC19CCA7}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{E06FED1B-35E4-4888-8CA3-B3343EA34528}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0AF58AEE-AF44-4B93-BE66-37A1C8D387E9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{07431883-4B2C-443E-B37D-C83EE0E7709A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{304560E2-2B35-47A5-A719-B98247DBF667}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2D6C19DA-8024-489D-AE0F-33D96D2F7BFF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A23D5F6A-4E7A-4CD7-8321-5D5EFFA76CCE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{20254F9E-A374-41AC-BA59-10A5D6FFD8D1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D84401F-6057-4976-9F70-DD71277B7B0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{55121B0F-F698-4081-AB10-F92DC807AAC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

19-05-2016 14:32:20 Device Driver Package Install: Apple Network adapters
19-05-2016 14:51:03 Installed iTunes
20-05-2016 00:10:55 Windows Update
24-05-2016 02:54:07 Windows Update
27-05-2016 03:00:21 Windows Update
31-05-2016 17:34:54 Windows Update
03-06-2016 22:44:28 Windows Update
07-06-2016 00:17:46 Windows Update
10-06-2016 20:37:25 Windows Update
14-06-2016 01:49:33 Windows Update
20-06-2016 01:34:08 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/20/2016 11:02:57 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (06/20/2016 10:57:32 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (06/20/2016 10:53:56 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (06/20/2016 10:47:06 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (06/20/2016 10:41:23 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (06/20/2016 10:36:16 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (06/20/2016 08:11:25 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

Error: (06/20/2016 08:10:00 PM) (Source: LoadPerf) (EventID: 3002) (User: )
Description: 캗캛캡캥캩캭캱캵캹컃컇컋컏컓컗컛컟컣컧컳컷컻컿켃켇켋켎켒켖켚켞켢켦켪켮켲켶켺켾콂콆콊콎콒콖콚콞콢콦콪콮콲콶콺콾쾂쾆쾊쾎쾒쾖쾚쾞쾢쾨쾬쾰쾴쾸쾼쿀쿄쿈쿎쿔쿘쿜쿠쿤쿨쿬쿴쿽퀁퀅퀉퀍퀑퀕퀙퀝첾쳄쳄쳄쳄첾쳄쳄쳄쳄쳄쳄쳄쳄쳊쳐쳠쳦쳬쳲쳸촋촑촨촋촑촨쵚쵠쵦쵠쳦쵬쳄쳊쳐쳠쳦쳬쳲쳸쳄쳊쳐쳠쳦쳬쳲쳸쳄쳊쳐쳠쳦쳬쳲쳸촋촑촨촋촑촨촋촑촨촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑쵬촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨촋촑촨캽촨컭컭컭컭캽캽컭촋촑촨쵬Ñ蔒ø璔Ñ蔒ø疔Ñ餒°⮿Ñ锒Ð斸16

Error: (06/20/2016 08:03:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2016 08:03:47 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: Class not registered
.

System errors:
=============
Error: (06/20/2016 08:08:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (06/20/2016 08:03:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (06/20/2016 08:03:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel(R) PRO/1000 PCI Express Network Connection Driver%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (06/20/2016 08:02:04 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 2) (User: NT AUTHORITY)
Description: 0

Error: (06/20/2016 07:57:12 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 2) (User: NT AUTHORITY)
Description: 0

Error: (06/20/2016 07:54:48 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/20/2016 07:54:12 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (06/20/2016 07:17:28 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084McNaiAnn{C90134D2-4AE9-407A-919A-4A2EF09C6C51}

Error: (06/20/2016 07:17:28 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (06/20/2016 07:16:00 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

CodeIntegrity:
===================================
Date: 2016-06-20 22:55:51.025
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:49.309
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:47.609
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:45.940
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:37.469
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:34.942
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:32.352
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:30.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:24.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\is-F7PTV.tmp because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 22:55:22.930
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\is-F7PTV.tmp because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz
Percentage of memory in use: 92%
Total physical RAM: 2007.63 MB
Available physical RAM: 159.31 MB
Total Virtual: 4252.56 MB
Available Virtual: 1953.59 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:134.36 GB) (Free:72.93 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:5.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: E882180F)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=134.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

exile360 · June 21, 2016

Greetings,

I'm sorry that you're having issues with these PUPs. A member of our Support Team will be in touch with you shortly to assist you.

Maurice Naggar · June 21, 2016

Hello CarolBell.

I will be guiding you as we go forward. I do need to see other diagnostic information from this system, so that I can see about pinning down the source of this issue.

I would like to ask that you always attach any report or file I ask for, from time to time. Just a regular attachment.

I would like to see a copy of the very last Scan report done with Malwarebytes Anti-Malware.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the last SCAN performed. Please make sure the word SCAN is shown and also that you grab the very latest Date. the most recent Scan run.
You can double click the line to get it on screen. Then use the menu at bottom of the window.

Click the EXPORT button at the bottom left.
Click TEXT file

Be very aware as to what folder and what NAME you give this report. You have to make a note so you can send it.

Then attach that file with your next reply.

p.s. Be careful when using any sort of "automatic fix-all " type of app, even that by "System Mechanic" from iOlo. Too often, general fix-all tools can overdo some things and have been known to cause unforseen harm.

Slow computer issues can well be due to factors that have nothing to do with a infection.

P U P items are not malicious malware.

Potentially Unwanted Programs <--- PUPs are more like pests. But are not malware.

From a technical standpoint, a PUP is not malware. PUPs are not created with the intent to destroy your computer or steal your personal information. Rather, PUPs are usually just marketing tools that find their way onto people’s computers through a bit of social engineering. They are most often related to adwares.

*TIP*

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

CarolBell · June 22, 2016

The file is attached. Thanks for getting back to me so quickly.

I noticed after sending my first post Malwarebytes had continued to quarantine some of the 42 PUPs it found on the last scan. It had only quarantined 18 of 42 but by the time I finished posting here it had quarantined 30 of 42. Maybe I should have just left it longer? My mother shut down the machine later so I don't know if it would have kept going if I'd left it.

Overall the computer seems much better today but McAfee is still very slow to respond.

Thanks for the note on System Mechanic too. It made me realize my SM cleanup was probably the reason my mother's Dell dock bar disappeared (which freaked her out) not the PUPs. I'd never used SM on her computer before so I didn't know that could happen. No problem, though, I put it back.

Final Malwarebytes scan, 6-20-16.txt

Maurice Naggar · June 22, 2016

The scan report from Malwarebytes Anti-Malware is all just fine. It is perfect. No malware & no P U P.

Notes: It is so important to have lots of patience when one runs into any sort of tough spot. Never ever just shutdown a Windows computer.
Always have infinite patience.

I'd suggest the following: To run a online scan to help look for a virus or possible P U P or rogue that may be somehow "lurking".
This scan can easily take upwards of an hour, so be run the scan when you don't need to use the computer for a while.
{ If you need help on this, then see this page http://www.eset.com/us/online-scanner/help/

You may use the stand-alone-eset installer.
Use this link to get and SAVE esetsmartinstaller_enu.exe _the ESET Smart Installer. Save it to your desktop.
from

"(this link)"

You need to first SAVE the file to your system. Save to the Downloads folder or the DESKTOP ( for ease of use).

2.Double click on the esetsmartinstaller icon on your desktop.

4.Check "YES, I accept the Terms of Use."
5.Click the *Start* button.

and proceed just as outlined before. Reply ( click ) YES when prompted to allow the run by Windows U A C ( user account control).
Have patience while it downloads antivirus database definitions.

Click on *Enable detection of potentially unwanted applications*
Click on the blue line *Adanced Settings*
Choose the following settings in scan settings:

Select (check) Enable detection of potentially unwanted applications.

in advanced settings:
clear ( leave un-checked) Remove found threats

Select ( check-mark) Scan for potentially unsafe applications

Click on Start. The virus signature database will begin to download. This may take some time.
When completed the Online Scan will begin automatically.
Note: This scan might take a long time! Please be patient.
When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
Now click on Finish

A logfile is created and located at C:\Program Files\Eset\EsetOnlineScanner\log.txt.

Note: Do not forget to re-enable your antivirus application after running the above scan!

I will advise you more after I have had a chance to review that log file.

You will find a log-file for the results of the ESET scan that is named LOG.txt
It will be located under the Program Files structure of Windows in one of the folders listed below. The report file is named *LOG.txt*
The folder constaining that report is this C:\Program Files\ESET\ESET Online Scanner

CarolBell · June 23, 2016

Here's the file you requested.

log.txt

Maurice Naggar · June 23, 2016

Of the 5 items tagged by ESET, 2 are false positives ( the Dell ), 2 are related to history of ZoneAlarm. The last item is in the temporary cache files of Internet Explorer.
Make it a regular practice to empty out cache ( internet temporary files) out of your browser on a regular basis.
With Internet Explorer open, press and hold SHIFT + CTRL + DEL ete keys on keyboard. Follow the prompts to empty out the trash.

Also, use this free tool to empty out temporary files.

Take out the trash (temporary files & temporary internet files)
Please download ATF Cleaner by Atribune, saving it to your desktop.
From-this-link-page
http://www.majorgeeks.com/mg/getmirror/atf_cleaner,1.html

It is used to cleanout temporary files & temp areas used by internet browsers.
Start "ATF-Cleaner.exe" to run the program.

Under *Main* choose: **Select All**

Click the **Empty Selected** button.

If you use Firefox browser, do this also:
Click Firefox at the top and choose: Select All

Click the Empty Selected button.

NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser, do this also:
Click Opera at the top and choose: Select All

Click the Empty Selected button.

NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

<
Now then, the scan with Malwarebytes Anti-Malware was perfect. No malware. And this last ESET scan did not truly find any viruses.
Be aware that pc's can & do get slowe over time. That there is always a need for normal and regular house-keeping and pc maintance.
Herewith, several reference pages to help you on over coming the "slow" pc symptoms.
I have not spotted signs of a infection.

Here are some recommended articles:
MS Speed up your pc - Win7 / Vista
http://windows.microsoft.com/en-US/windows/explore/speed-up-your-pc

What to do if your Computer is running slowly
http://www.malwareremoval.com/tutorials/runningslowly.php

See Quietman7's Slow Computer/browser? Check Here First
http://www.bleepingcomputer.com/forums/topic87058.html

See Miekiemoes' Help! My computer is slow!
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html

CarolBell · June 23, 2016

I successfully deleted the IE temp files and ran ATF for IE, but ATF did not work for Firefox. I tried running it with Firefox open and closed, but it kept saying no files were deleted. By the way it took me a while to figure out I needed to hit shift, ctrl and delete one at a time. I was hitting them all at once, which didn't work.

I haven't read the articles yet but I will. On our McAfee issues, is it possible it just needs to be reinstalled?

Thanks for your help.

Maurice Naggar · June 24, 2016

AS far as your McAfee product & whether to re-install it, its best for you to check with their support.

If you think you need to, most modern antivirus apps have an option to do a repair-install. Check the menus under McAfee & also the Windows menu under the McAfee section.

You should know that I do not have McAfee antivirus ( I use another brand) and thus have to refer you to McAfee on any issue dealing with their product.

While we are on the topic of McAfee, let me suggest that the McAfee be tweaked such that it minimizes any possible conflict with our program.

Ours and theirs do co-exist well; it is just that typically some adjustments need to be made.

To exclude known safe files and applications within the settings of MCAFEE:

Open your McAfee program.
Click Real-Time Scanning: On.
Click Excluded Files.
Click Add file.
Browse to, and select, the file or .exe you want to exclude from scans.

Malwarebytes Anti-Malware works well and should run alongside antivirus software without conflicts. In some rare instances, exclusions may need to be set for your specific antivirus product to achieve the best possible system performance.
I suggest putting in trust settings in your antivirus, as follows:
Please "put as Trusted" (i.e., put Trust settings ) for the following MBAM exe files within your Antivirus Software **whitelist** :

Note: If using a software firewall besides the built in "Windows Firewall" you'll need to exclude them from it as well

For 32-bit Windows Vista or Windows 7, 8.1, 10, or Windows XP:

C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamdor.exe
C:\Program Files\Malwarebytes Anti-Malware\mbampt.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

For 64 bit versions of Windows Vista or Windows 7 or Windows 8.1, 10:

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamdor.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude MBAM.EXE and MBAMSERVICE.EXE from it as well

CarolBell · June 26, 2016

Thanks for the links on fixing slow computers. Turned out running chkdsk seems to have fixed the problem, which was suggested in the Bleeping Computer article. But FYI, the Microsoft link didn't work.

Maurice Naggar · June 26, 2016

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Very slow Vista laptop with multiple PUP not being quarantined

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information