1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Resolved Java issue ... maybe something in Windows 10 also?

Discussion in 'Windows 10' started by basketcase, 2017/01/07.

  1. 2017/01/07
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    For a while now my desktop has been getting caught in a heavy resource usage freeze. The hard drive sounds like a program is running in the background. The cursor freezes, and I generally lose control of the computer. Whatever application I am using at the moment just locks up.

    Usually I've waited a while and then finally had to hold down the power button and reboot, at which point is seems to settle down.

    But yesterday I got a black screen and a message that said "Error ... javaws.exe" or some such as that.

    Unfortunately I didn't write it down or take a picture, and then I had to do the usual hold down the power button and reboot ritual.

    I went to Control Panel and it shows the Java installation as Java 8 Update 101.

    Suggestions appreciated on how to get this resolved.

    Thanks in advance,
    Rick
     
  2. 2017/01/07
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,593
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Hi Rick. Please follow steps 15-25 in my guide and post the requested logs here in your next reply.
     

  3. to hide this advert.

  4. 2017/01/08
    Christer

    Christer Geek Member Staff

    Joined:
    2002/12/17
    Messages:
    5,905
    Likes Received:
    32
    Trophy Points:
    743
    Location:
    Sweden
    Computer Experience:
    I'm trying!
    Java is at 8u111 / 8u112 and as a first step, I recommend uninstalling the previous version and installing the most recent one. Take note of "uninstalling" as opposed to "installing the new version over the old". Also, set Java to notify when new versions are released. It is vital to keep up.
     
  5. 2017/01/08
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,664
    Likes Received:
    363
    Trophy Points:
    1,093
    Location:
    Staffordshire, UK
    Computer Experience:
    Usually not enough
    IMHO Java is totally unnecessary and is a security nightmare - I would uninstall it. Prior to and subsequent to installing Win 10 Java has not been installed on any of my computers and has not caused any issues by it's absence.

    For more information .....

    Is Java necessary?
     
  6. 2017/01/08
    retiredlearner

    retiredlearner SuperGeek WindowsBBS Team Member

    Joined:
    2004/06/25
    Messages:
    5,467
    Likes Received:
    295
    Trophy Points:
    1,093
    Location:
    New Zealand
    Computer Experience:
    intermediate
    My comps work OK without Java. ;)
     
  7. 2017/01/13
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Thanks. My work goes through periods of frantic activity and we're in one of them so it may be Monday before I get started on the steps.
     
  8. 2017/01/14
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,593
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Sure no problem. Take your time.
     
  9. 2017/01/19
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Okay. Here we go. First, the MiniToolbox Log

    MiniToolBox by Farbar Version: 17-06-2016
    Ran by Rick (administrator) on 19-01-2017 at 18:54:39
    Running from "C:\Users\Rick\Desktop"
    Microsoft Windows 10 Pro (X64)
    Model: 4524CK8 Manufacturer: LENOVO
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 www.123moviedownload.com

    There are 15554 entries.

    ========================= IP Configuration: ================================

    D-Link DWA-160 Xtreme N Dual Band USB Adapter(rev.A2) = Wi-Fi (Connected)
    Intel(R) 82579LM Gigabit Network Connection = Ethernet (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global defaultcurhoplimit=64 icmpredirects=enabled
    add route prefix=0.0.0.0/0 interface="Ethernet" nexthop=10.0.1.1 publish=Yes
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    add address name="Ethernet" address=10.0.1.8 mask=255.255.255.0


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Ricks-M91P-ThinkCentre
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter Ethernet:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connection
    Physical Address. . . . . . . . . : 44-37-E6-AA-0C-92
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Local Area Connection* 2:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
    Physical Address. . . . . . . . . : CA-B2-55-54-5E-CD
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wi-Fi:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : D-Link DWA-160 Xtreme N Dual Band USB Adapter(rev.A2)
    Physical Address. . . . . . . . . : CC-B2-55-54-5E-CD
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::a457:1558:4a6a:6833%11(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Thursday, January 19, 2017 6:17:53 PM
    Lease Expires . . . . . . . . . . : Friday, January 20, 2017 6:17:52 PM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 130855509
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3C-D7-BD-44-37-E6-AA-0C-92
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2001:0:2854:18dd:8f5:3a82:bb45:4d4a(Preferred)
    Link-local IPv6 Address . . . . . : fe80::8f5:3a82:bb45:4d4a%3(Preferred)
    Default Gateway . . . . . . . . . : ::
    DHCPv6 IAID . . . . . . . . . . . : 234881024
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3C-D7-BD-44-37-E6-AA-0C-92
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter isatap.{B2F7D9CA-0F9B-4EFF-B756-347B1BB797E1}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: UnKnown
    Address: 192.168.1.1

    Name: google.com
    Addresses: 2607:f8b0:4002:c0c::8a
    74.125.138.113
    74.125.138.139
    74.125.138.100
    74.125.138.138
    74.125.138.102
    74.125.138.101


    Pinging google.com [64.233.185.100] with 32 bytes of data:
    Reply from 64.233.185.100: bytes=32 time=25ms TTL=42
    Reply from 64.233.185.100: bytes=32 time=24ms TTL=42

    Ping statistics for 64.233.185.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 25ms, Average = 24ms
    Server: UnKnown
    Address: 192.168.1.1

    Name: yahoo.com
    Addresses: 2001:4998:58:c02::a9
    2001:4998:44:204::a7
    2001:4998:c:a06::2:4008
    98.139.183.24
    206.190.36.45
    98.138.253.109


    Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
    Reply from 206.190.36.45: bytes=32 time=115ms TTL=43
    Reply from 206.190.36.45: bytes=32 time=107ms TTL=43

    Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 107ms, Maximum = 115ms, Average = 111ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    13...44 37 e6 aa 0c 92 ......Intel(R) 82579LM Gigabit Network Connection
    6...ca b2 55 54 5e cd ......Microsoft Hosted Network Virtual Adapter
    11...cc b2 55 54 5e cd ......D-Link DWA-160 Xtreme N Dual Band USB Adapter(rev.A2)
    1...........................Software Loopback Interface 1
    3...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 55
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
    192.168.1.0 255.255.255.0 On-link 192.168.1.10 311
    192.168.1.10 255.255.255.255 On-link 192.168.1.10 311
    192.168.1.255 255.255.255.255 On-link 192.168.1.10 311
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
    224.0.0.0 240.0.0.0 On-link 192.168.1.10 311
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
    255.255.255.255 255.255.255.255 On-link 192.168.1.10 311
    ===========================================================================
    Persistent Routes:
    Network Address Netmask Gateway Address Metric
    0.0.0.0 0.0.0.0 10.0.1.1 Default
    ===========================================================================

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    3 331 ::/0 On-link
    1 331 ::1/128 On-link
    3 331 2001::/32 On-link
    3 331 2001:0:2854:18dd:8f5:3a82:bb45:4d4a/128
    On-link
    11 311 fe80::/64 On-link
    3 331 fe80::/64 On-link
    3 331 fe80::8f5:3a82:bb45:4d4a/128
    On-link
    11 311 fe80::a457:1558:4a6a:6833/128
    On-link
    1 331 ff00::/8 On-link
    11 311 ff00::/8 On-link
    3 331 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
    Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
    Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
    x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (01/19/2017 06:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: RICKS-M91P-THIN)
    Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (01/19/2017 06:20:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

    System Error:
    Access is denied.
    .

    Error: (01/19/2017 06:17:48 PM) (Source: DbxSvc) (User: )
    Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

    Error: (01/19/2017 06:12:13 PM) (Source: DbxSvc) (User: )
    Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

    Error: (01/19/2017 05:21:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: RICKS-M91P-THIN)
    Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (01/19/2017 04:55:05 PM) (Source: DbxSvc) (User: )
    Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service) (User: )
    Description: Enumerating user sessions to generate filter pools failed.


    Details:
    (HRESULT : 0x80040210) (0x80040210)

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service) (User: )
    Description: Enumerating user sessions to generate filter pools failed.


    Details:
    (HRESULT : 0x80040210) (0x80040210)

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service) (User: )
    Description: Enumerating user sessions to generate filter pools failed.


    Details:
    (HRESULT : 0x80040210) (0x80040210)

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service) (User: )
    Description: Enumerating user sessions to generate filter pools failed.


    Details:
    (HRESULT : 0x80040210) (0x80040210)


    System errors:
    =============
    Error: (01/19/2017 06:19:53 PM) (Source: Service Control Manager) (User: )
    Description: The Connected Devices Platform Service service terminated with the following error:
    %%2147500037 = Unspecified error


    Error: (01/19/2017 06:18:03 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (01/19/2017 06:17:11 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (01/19/2017 06:17:02 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    Error: (01/19/2017 06:17:02 PM) (Source: Service Control Manager) (User: )
    Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/19/2017 06:17:02 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (01/19/2017 06:17:01 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (01/19/2017 06:17:01 PM) (Source: Service Control Manager) (User: )
    Description: The Protexis Licensing V2 service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/19/2017 06:17:01 PM) (Source: Service Control Manager) (User: )
    Description: The NitroPDFReaderDriverCreatorReadSpool3 service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/19/2017 06:17:01 PM) (Source: Service Control Manager) (User: )
    Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).


    Microsoft Office Sessions:
    =========================
    Error: (01/19/2017 06:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: RICKS-M91P-THIN)
    Description: Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App-2147023170

    Error: (01/19/2017 06:20:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description:
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

    System Error:
    Access is denied.

    Error: (01/19/2017 06:17:48 PM) (Source: DbxSvc)(User: )
    Description: (-2147024894) The system cannot find the file specified.

    Error: (01/19/2017 06:12:13 PM) (Source: DbxSvc)(User: )
    Description: (-2147024894) The system cannot find the file specified.

    Error: (01/19/2017 05:21:41 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: RICKS-M91P-THIN)
    Description: Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App-2144927142

    Error: (01/19/2017 04:55:05 PM) (Source: DbxSvc)(User: )
    Description: (-2147024894) The system cannot find the file specified.

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service)(User: )
    Description:
    Details:
    (HRESULT : 0x80040210) (0x80040210)

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service)(User: )
    Description:
    Details:
    (HRESULT : 0x80040210) (0x80040210)

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service)(User: )
    Description:
    Details:
    (HRESULT : 0x80040210) (0x80040210)

    Error: (01/19/2017 04:28:48 PM) (Source: Windows Search Service)(User: )
    Description:
    Details:
    (HRESULT : 0x80040210) (0x80040210)


    CodeIntegrity Errors:
    ===================================
    Date: 2017-01-16 16:04:25.747
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-01-12 17:21:21.635
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-01-11 21:10:50.654
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-01-10 17:42:27.255
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-01-07 18:20:27.531
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-01-03 16:29:19.858
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-12-31 16:10:25.421
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-12-25 18:35:39.739
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-12-24 19:54:31.031
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-12-19 23:14:42.326
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


    =========================== Installed Programs ============================

    64 Bit HP CIO Components Installer (HKLM\...\{284F4C1C-380D-4F10-88C8-1F9E386EFE98}) (Version: 17.2.1 - Hewlett-Packard) Hidden
    Adobe Acrobat XI Standard (HKLM-x32\...\{AC76BA86-1033-FFFF-BA7E-000000000006}) (Version: 11.0.19 - Adobe Systems)
    Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
    ANT Drivers Installer x64 (HKLM\...\{40609980-A00D-4DA9-B8C9-1B56C5628C7B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
    D-Link DWA-160 (HKLM-x32\...\{294A97F8-CC15-41F7-8718-CEE6B0C7D7E0}) (Version: - D-Link Corporation)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
    Elevated Installer (HKLM-x32\...\{6637E1C6-0A9D-48D4-B594-35610962F14F}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express (HKLM-x32\...\{249CFC92-210D-401D-89AF-5B40B60BC3F4}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
    Garmin Express Tray (HKLM-x32\...\{7DE2141B-D3B0-4FDA-A9D0-6F58C7C2B89D}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
    iTalk Sync 1.0 (HKLM-x32\...\iTalk Sync) (Version: 1.0 116 - Griffin Technology)
    iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
    Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
    Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
    Microsoft Streets & Trips 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}) (Version: 19.0.17.2200 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
    Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
    WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
    WordPerfect Office X6 - Common Files (HKLM-x32\...\{315FE707-7A15-4B1B-8C5A-955428AAA01D}) (Version: 16.2.1 - Corel Corporation) Hidden
    WordPerfect Office X6 - Common Files English (HKLM-x32\...\{E1AF3785-AA77-471E-ABC5-4C2B459B877A}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - IPM (HKLM-x32\...\{230100D9-27B4-49A3-A30F-D44B51EF56AA}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - Lightning Files (HKLM-x32\...\{440F51A9-8CA3-41D7-AFD5-F47820895949}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - Lightning Files English (HKLM-x32\...\{C4D92146-95DE-415A-99CC-51FBFF7C10CF}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - Oxford (HKLM-x32\...\{8959569B-D9BA-43A9-972A-D509EE7D4BA9}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - Presentations Files (HKLM-x32\...\{EAA5C699-6DB5-4508-BD64-B79EB9409C9D}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - Presentations Files English (HKLM-x32\...\{86ACFB25-0FA5-4A01-96B5-EE8F229D456E}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - Quattro Pro Files (HKLM-x32\...\{069793F3-E123-47B9-88DB-5DE76FF32ADB}) (Version: 16.2.1 - Corel Corporation) Hidden
    WordPerfect Office X6 - Quattro Pro Files English (HKLM-x32\...\{10FFE1D7-6A72-4483-9856-1A2FBBC5A425}) (Version: 16.2 - Corel Corporation) Hidden
    WordPerfect Office X6 - Setup Files (HKLM-x32\...\{26D6D2A4-F08A-4212-86E7-7F1F75033610}) (Version: 16.2.1 - Corel Corporation) Hidden
    WordPerfect Office X6 - System Files (HKLM-x32\...\{8270ABE3-53A5-4046-BF84-EB5FBB0F5B10}) (Version: 15.0 - Corel Corporation) Hidden
    WordPerfect Office X6 - WordPerfect Files (HKLM-x32\...\{CCADD122-70A5-47A6-8722-1BD5267B85F5}) (Version: 16.2.1 - Corel Corporation) Hidden
    WordPerfect Office X6 - WordPerfect Files English (HKLM-x32\...\{CD29C36F-2C6D-4ED3-BC21-B20C8038E9A5}) (Version: 16.2.1 - Corel Corporation) Hidden
    WordPerfect Office X6 - WT (HKLM-x32\...\{0F7A0D0F-6576-489E-B20B-B7C8F95BBCC3}) (Version: 16.1 - Corel Corporation) Hidden
    WordPerfect Office X6 (HKLM-x32\...\_{26D6D2A4-F08A-4212-86E7-7F1F75033610}) (Version: 16.0.0.428 - Corel Corporation)
    WordPerfect Office X6 (HKLM-x32\...\{F6582F6F-6CD1-4B62-8BC6-EACF98AF410F}) (Version: 16.1 - Corel Corporation) Hidden
    WORDsearch 10 (HKLM-x32\...\{4420F521-D5EC-487D-9AAB-AD30AF903A52}) (Version: 10 - WORDsearch Corp) Hidden
    WORDsearch 10 (HKLM-x32\...\WORDsearch 10) (Version: - LifeWay)
    WORDsearch 8 Discipleship Edition (HKLM-x32\...\{3E9E0874-5DF4-470E-9567-A88BD4AFEF64}) (Version: 8.0 - WORDsearch Corp) Hidden
    WORDsearch 8 Discipleship Edition (HKLM-x32\...\WORDsearch 8 Discipleship Edition) (Version: - WORDsearch Corp)

    ========================= Devices: ================================


    ========================= Memory info: ===================================

    Percentage of memory in use: 33%
    Total physical RAM: 8016.31 MB
    Available physical RAM: 5338.5 MB
    Total Virtual: 9296.31 MB
    Available Virtual: 6525.52 MB

    ========================= Partitions: =====================================

    1 Drive c: (Windows) (Fixed) (Total:1862.18 GB) (Free:1600.83 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\RICKS-M91P-THIN

    Administrator DefaultAccount Guest
    Rick


    **** End of log ****
     
  10. 2017/01/19
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    AdwCleaner Log

    # AdwCleaner v6.042 - Logfile created 19/01/2017 at 18:16:45
    # Updated on 06/01/2017 by Malwarebytes
    # Database : 2017-01-18.1 [Server]
    # Operating System : Windows 10 Pro (X64)
    # Username : Rick - RICKS-M91P-THIN
    # Running from : C:\Users\Rick\Downloads\Utilities\adwcleaner_6.042.exe
    # Mode: Scan
    # Support : Customer Support & Help Center



    ***** [ Services ] *****

    No malicious services found.


    ***** [ Folders ] *****

    No malicious folders found.


    ***** [ Files ] *****

    No malicious files found.


    ***** [ DLL ] *****

    No malicious DLLs found.


    ***** [ WMI ] *****

    No malicious keys found.


    ***** [ Shortcuts ] *****

    No infected shortcut found.


    ***** [ Scheduled Tasks ] *****

    No malicious task found.


    ***** [ Registry ] *****

    No malicious registry entries found.


    ***** [ Web browsers ] *****

    No malicious Firefox based browser items found.
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.zonealarm.com
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.conduit.com
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - mysearch.avg.com
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - mysearchdial.com
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - conduit.search
    Chrome pref Found: [C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web data] - isearch.avg.com

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [2393 Bytes] - [18/11/2016 05:34:14]
    C:\AdwCleaner\AdwCleaner[C2].txt - [2082 Bytes] - [16/12/2016 20:04:21]
    C:\AdwCleaner\AdwCleaner[C3].txt - [2228 Bytes] - [03/01/2017 08:41:51]
    C:\AdwCleaner\AdwCleaner[C4].txt - [2374 Bytes] - [06/01/2017 17:54:53]
    C:\AdwCleaner\AdwCleaner[S0].txt - [2350 Bytes] - [18/11/2016 05:33:58]
    C:\AdwCleaner\AdwCleaner[S1].txt - [2127 Bytes] - [16/12/2016 20:04:05]
    C:\AdwCleaner\AdwCleaner[S2].txt - [2273 Bytes] - [03/01/2017 08:41:29]
    C:\AdwCleaner\AdwCleaner[S3].txt - [2419 Bytes] - [06/01/2017 17:54:36]
    C:\AdwCleaner\AdwCleaner[S4].txt - [2413 Bytes] - [19/01/2017 18:16:45]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [2486 Bytes] ##########
     
  11. 2017/01/19
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    JRT Log

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.0 (12.05.2016)
    Operating System: Windows 10 Pro x64
    Ran by Rick (Administrator) on Thu 01/19/2017 at 19:05:13.56
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 0




    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 01/19/2017 at 19:07:17.99
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  12. 2017/01/19
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Adware Removal Tool 5.1 Scan Log

    * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

    Adware Removal Tool 5.1
    Time: 2017_01_19_19_08_53
    OS: Windows 10 Pro - x64 Bit
    Account Name: Rick
    Adware Definition: 01192017
    Elapsed time: 12:30
    Scan Status:- Automatic Done

    \\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\

    Browser: Chrome Found : Adware.mysearchdial : C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web Data
     
  13. 2017/01/19
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Adware Removal Tool 5.1 Repair Log

    * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

    Adware Removal Tool 5.1
    Time: 2017_01_19_19_08_53
    OS: Windows 10 Pro - x64 Bit
    Account Name: Rick
    Adware Definition: 01192017
    Elapsed time: 12:30
    Repair Status:- Automatic Done
    \\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

    [-] Repaired ->> File ->> C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Web Data
     
  14. 2017/01/24
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    ZHP Cleaner

    ~ ZHPCleaner v2017.1.21.18 by Nicolas Coolman (2017/01/21)
    ~ Run by Rick (Administrator) (21/01/2017 14:02:17)
    ~ Web: Home
    ~ Blog: Accueil - TOP Anti-Malware
    ~ Facebook : ZHP | Facebook
    ~ State version : Version OK
    ~ Type : Repair
    ~ Report : C:\Users\Rick\Desktop\ZHPCleaner.txt
    ~ Quarantine : C:\Users\Rick\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Boot Mode : Normal (Normal boot)
    Windows 10 Pro, 64-bit (Build 14393)


    ---\\ Services (0)
    ~ No malicious or unnecessary items found.


    ---\\ Browser internet (0)
    ~ No malicious or unnecessary items found.


    ---\\ Hosts file (0)
    ~ No malicious or unnecessary items found.


    ---\\ Scheduled automatic tasks. (0)
    ~ No malicious or unnecessary items found.


    ---\\ Explorer ( File, Folder) (72)
    MOVED file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Connection Wizard.lnk [Bad : C:\Program Files (x86)\D-Link\DWA-160\D-Link Wizard.exe](.D-Link Corp..) =>PUP.Optional.LinkWiz
    MOVED file: C:\Windows\Installer\wix{249CFC92-210D-401D-89AF-5B40B60BC3F4}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Windows\Installer\wix{344236D1-CD8E-4C6B-92C6-A13C2384AB21}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Windows\Installer\wix{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Windows\Installer\wix{CA49099B-D84C-433C-9D94-B60A991BE323}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Windows\Installer\wix{D1B261D6-EBAE-4129-8EFB-C04E14DCEF6A}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Windows\Installer\wix{D4D86CB2-2370-4691-8272-3869EDED6C64}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Windows\Installer\wix{DA9DAB72-69A7-4C9A-97A5-EC5865DF72CA}.SchedServiceConfig.rmi =>.Superfluous.Empty
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct198F.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct1A7F.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct1AC8.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct20DB.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct41D0.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct4447.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct502E.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct5981.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct5EDC.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct896E.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct8AD6.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct8C31.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wct9D53.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctA50C.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctA64E.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctA89F.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctB3C0.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctB841.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctCF69.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctD743.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctD940.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctDCFB.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctDDED.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctDEB4.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctF2F0.tmp =>.Superfluous.Temporary.OneDrive
    MOVED file: C:\Users\Rick\AppData\Local\Temp\wctFD76.tmp =>.Superfluous.Temporary.OneDrive
    MOVED folder: C:\Users\Rick\AppData\Local\Temp\scoped_dir_7872_11381 =>.Superfluous.Temporary.Steam
    MOVED folder: C:\WINDOWS\Installer\MSI2502.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI28BC.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI2AA1.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI2BF0.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI324A.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI3493.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI3810.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI3876.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI39F5.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI3FD6.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI411F.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI42B8.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI4B58.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI4D8C.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI5D36.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI5EEC.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI6099.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI632A.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI6443.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI6723.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI7790.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI7838.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI79B0.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI79E2.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI809E.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI8207.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI829C.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI85AA.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI9AB2.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSI9BFB.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSICD8E.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSID291.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSIDD03.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSIDFD2.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSIE9E9.tmp- =>.Superfluous.Empty
    MOVED folder: C:\WINDOWS\Installer\MSIEC1D.tmp- =>.Superfluous.Empty


    ---\\ Registry ( Key, Value, Data) (0)
    ~ No malicious or unnecessary items found.


    ---\\ Summary of the elements found (4)
    L'empaquetage logiciel, un vecteur d'Infection | Nicolas coolman =>PUP.Optional.LinkWiz
    Définition d'un logiciel superflu - Anti-Malware Zone =>.Superfluous.Empty
    https://nicolascoolman.eu/2017/01/20/logiciels-superflus/logiciels-superflus =>.Superfluous.Temporary.OneDrive
    https://nicolascoolman.eu/2017/01/20/logiciels-superflus/logiciels-superflus =>.Superfluous.Temporary.Steam


    ---\\ Other deletions. (16)
    ~ Registry Keys Tracing deleted (16)
    ~ Remove the old reports ZHPCleaner. (0)


    ---\\ Result of repair
    ~ Repair carried out successfully
    ~ Browser not found (Opera Software)


    ---\\ Statistics
    ~ Items scanned : 572
    ~ Items found : 0
    ~ Items cancelled : 0
    ~ Items repaired : 72


    ~ End of clean in 00h00mn15s
    ~====================
    ZHPCleaner-[R]-21012017-14_02_32.txt
    ZHPCleaner--21012017-13_22_15.txt
     
  15. 2017/01/24
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Code:
    HitmanPro 3.7.15.281
    www.hitmanpro.com
    
      Computer name . . . . : RICKS-M91P-THIN
      Windows . . . . . . . : 10.0.0.14393.X64/4
      User name . . . . . . : RICKS-M91P-THIN\Rick
      UAC . . . . . . . . . : Enabled
      License . . . . . . . : Trial (30 days left)
    
      Scan date . . . . . . : 2017-01-22 06:23:15
      Scan mode . . . . . . : Normal
      Scan duration . . . . : 5m 18s
      Disk access mode  . . : Direct disk access (SRB)
      Cloud . . . . . . . . : Internet
      Reboot  . . . . . . . : No
    
      Threats . . . . . . . : 1
      Traces  . . . . . . . : 77
    
      Objects scanned . . . : 3,839,327
      Files scanned . . . . : 539,090
      Remnants scanned  . . : 1,841,349 files / 1,458,888 keys
    
    Malware _____________________________________________________________________
    
      C:\Users\Rick\Documents\OldData\RicksOldAcerDT\2nd_D_drive\Other files\f157846168.exe -> Deleted
      Size . . . . . . . : 69,632 bytes
      Age  . . . . . . . : 156.6 days (2016-08-18 16:58:14)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : E5B9B55CA60C9F0C913BF7E09424B84B14A1A1066B3DA86EA9FE67611852BE65
      > Bitdefender  . . . : Trojan.Peed.Gen
      Fuzzy  . . . . . . : 114.0
    
    
    Potential Unwanted Programs _________________________________________________
    
      HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}\ (ReimageRepair) -> Deleted
      HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}\ (ReimageRepair) -> Deleted
      HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) -> Deleted
      HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) -> Deleted
    
    Cookies _____________________________________________________________________
    
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:254a.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:adaptv.advertising.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.deliverimp.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.fdma-media.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:basebanner.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidr.io
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:contextweb.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:krxd.net
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.net
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:optimatic.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel-a.sitescout.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.rubiconproject.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:sitescout.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:tidaltv.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:virool.com
      C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\16PDVDVV.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\1QSU2WXN.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\2CQMMRW4.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\4T2RM54H.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\7USBLLSY.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\CGHNVXK8.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\CYKKDYXD.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\DKN8NT9W.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\HO54UO52.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\JI1BG2LB.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\P4BACY4K.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\PTDSY210.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\QC6V83S2.cookie
      C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCookies\VY5EQ0NY.cookie
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:1736730124.log.optimizely.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:abmr.net
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:acxiom-online.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:adnxs.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:adsymptotic.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:agkn.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:atdmt.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:bluekai.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:demdex.net
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:dotomi.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:doubleclick.net
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:dpm.demdex.net
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:krxd.net
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:mathtag.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:outbrain.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:rlcdn.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:ru4.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:scorecardresearch.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:taboola.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:trc.taboola.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:univide.com
      C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cookies.sqlite:w55c.net
    
    
    
     
  16. 2017/01/24
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Zoek part 1

    Zoek.exe v5.0.0.1 Updated 19-September-2016
    Tool run by Rick on Sun 01/22/2017 at 19:19:32.16.
    Microsoft Windows 10 Pro 10.0.14393 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Rick\Desktop\zoek.exe [Scan all users] [Script inserted]

    ==== System Restore Info ======================

    1/22/2017 7:22:48 PM Zoek.exe System Restore Point Created Successfully.

    ==== Empty Folders Check ======================

    C:\PROGRA~2\Wise deleted successfully
    C:\PROGRA~3\Avg deleted successfully
    C:\PROGRA~3\Comms deleted successfully
    C:\PROGRA~3\SoftwareDistribution deleted successfully
    C:\PROGRA~3\WordPerfect Office X6 deleted successfully
    C:\PROGRA~3\wsc deleted successfully
    C:\Users\Rick\AppData\Local\NetworkTiles deleted successfully
    C:\Users\Rick\AppData\Local\PeerDistRepub deleted successfully
    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
    C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Installed Programs ======================

    64 Bit HP CIO Components Installer
    Adobe Acrobat XI Standard
    Adobe Flash Player 24 NPAPI
    Adobe Refresh Manager
    ANT Drivers Installer x64
    Apple Application Support (32-bit)
    Apple Application Support (64-bit)
    Apple Mobile Device Support
    Apple Software Update
    Bonjour
    CCleaner
    D-Link DWA-160
    Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition
    Dropbox
    Dropbox Update Helper
    Elevated Installer
    Garmin Express
    Garmin Express Tray
    Google Chrome
    Google Update Helper
    iTalk Sync 1.0
    iTunes
    Logitech SetPoint 6.67
    Malwarebytes Anti-Malware version 2.2.1.1043
    Microsoft Access database engine 2010 (English)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft OneDrive
    Microsoft Streets & Trips 2013
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
    Mozilla Firefox 50.1.0 (x86 en-US)
    Mozilla Maintenance Service
    Nitro Reader 3
    Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition
    Security Update for Microsoft Excel 2010 (KB3128037) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553432) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2889841) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3114400) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3115120) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3118380) 32-Bit Edition
    Security Update for Microsoft OneNote 2010 (KB3114885) 32-Bit Edition
    Security Update for Microsoft Outlook 2010 (KB3115474) 32-Bit Edition
    Security Update for Microsoft Outlook 2010 (KB3118313) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB3118378) 32-Bit Edition
    Security Update for Microsoft Publisher 2010 (KB3114395) 32-Bit Edition
    Security Update for Microsoft Visio 2010 (KB3114872) 32-Bit Edition
    Security Update for Microsoft Visio Viewer 2010 (KB2999465) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB3128034) 32-Bit Edition
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2881030) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3085605) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
    Visual Studio 2012 x64 Redistributables
    Visual Studio 2012 x86 Redistributables
    VLC media player
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
    WordPerfect Office IFilter 32-bit
    WordPerfect Office IFilter 64-bit
    WordPerfect Office X6 - Common Files
    WordPerfect Office X6 - Common Files English
    WordPerfect Office X6 - IPM
    WordPerfect Office X6 - Lightning Files
    WordPerfect Office X6 - Lightning Files English
    WordPerfect Office X6 - Oxford
    WordPerfect Office X6 - Presentations Files
    WordPerfect Office X6 - Presentations Files English
    WordPerfect Office X6 - Quattro Pro Files
    WordPerfect Office X6 - Quattro Pro Files English
    WordPerfect Office X6 - Setup Files
    WordPerfect Office X6 - System Files
    WordPerfect Office X6 - WordPerfect Files
    WordPerfect Office X6 - WordPerfect Files English
    WordPerfect Office X6 - WT
    WordPerfect Office X6
    WORDsearch 10
    WORDsearch 8 Discipleship Edition

    ==== Running Processes ======================

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    C:\Program Files (x86)\D-Link\DWA-160\ANIWConnService.exe
    C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Users\Rick\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
    C:\Program Files (x86)\WORDsearch 10\ZipScript.exe
    C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe
    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
    C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
    C:\Users\Rick\Desktop\zoek.exe
    C:\WINDOWS\SysWOW64\cmd.exe
    C:\WINDOWS\SysWOW64\cmd.exe
    C:\WINDOWS\SysWOW64\cmd.exe

    ==== Deleting Services ======================


    ==== Batch Command(s) Run By Tool======================

    Resetting Global, OK!
    Resetting Interface, OK!
    Resetting Unicast Address, OK!
    Resetting Neighbor, OK!
    Resetting Path, OK!
    Resetting Route, OK!
    Resetting , failed.
    Access is denied.

    Resetting , OK!
    Restart the computer to complete this action.


    ==== Deleting Files \ Folders ======================

    C:\PROGRA~2\Wise not found
    C:\MigLog.xml deleted
    C:\PROGRA~3\WORDsearch deleted
    C:\PROGRA~3\{370F723D-1F4D-41BE-BBCE-F07009688521} deleted
    C:\PROGRA~3\{BDA5045B-5548-48B9-86BC-AB3BD5EE42E0} deleted
    C:\PROGRA~3\Package Cache deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WORDsearch 10 deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WORDsearch 8 deleted
    C:\windows\SysNative\GroupPolicy\Machine deleted
    C:\windows\SysNative\GroupPolicy\User deleted
    C:\windows\SysNative\GroupPolicy\gpt.ini deleted

    ==== System Specs ======================

    Windows: Windows Version 6.2 (Build 9200)
    Memory (RAM): 8017 MB
    CPU Info: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
    CPU Speed: 3148.1 MHz
    Sound Card: Speakers (2- High Definition Au |
    Speakers (2- High Definition Au |
    Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics
    Monitors: 1x; Generic PnP Monitor |
    Screen Resolution: 1536 X 864 - 32 bit
    Network: Network Present
    Network Adapters: Intel(R) 82579LM Gigabit Network Connection | D-Link DWA-160 Xtreme N Dual Band USB Adapter(rev.A2) | Microsoft Hosted Network Virtual Adapter
    CD / DVD Drives: 1x (D: | ) D: TSSTcorpDVD-ROM SH-116AB
    Ports: COM3 | COM1 LPT Port NOT Present.
    Mouse: 16 Button Wheel Mouse Present
    Hard Disks: C: 1862.2GB | E: 931.5GB
    Hard Disks - Free: C: 1596.3GB | E: 226.3GB
    Manufacturer *: LENOVO
    BIOS Info: AT/AT COMPATIBLE | 11/09/10 | LENOVO - 132
    Time Zone: Central Standard Time
    Motherboard *: LENOVO
    Country: United States
    Language: ENU

    ==== System Specs (Software) ======================

    SP: Spybot - Search and Destroy *Disabled/Outdated* {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    Default Browser: Firefox 50.1.0
    Internet Explorer Version: 11.576.14393.0
    Mozilla Firefox version: 50.1.0 (x86 en-US)
    Google Chrome version: 55.0.2883.87
    Flash Player version: 24.0.0.194

    ==== Files Recently Created / Modified ======================

    ====== C:\WINDOWS ====
    ====== C:\Users\Rick\AppData\Local\Temp ====
    ====== Java Cache =====
    ====== C:\WINDOWS\SysWOW64 =====
    2017-01-20 01:09:07 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\WINDOWS\SysWOW64\subinacl.exe
    2017-01-11 02:11:24 D32B01BB5724B3600528CFFFB2BAE948 1255936 ----a-w- C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2017-01-11 02:11:24 827F77A3D43A0B349919C2F66BBCFC4A 7469056 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
    2017-01-11 02:11:24 01E2B9E7C8443F43B0222890A1173E78 237056 ----a-w- C:\WINDOWS\SysWOW64\SyncSettings.dll
    2017-01-11 02:11:22 16BD10FB0F72B9C844234C07C3130E04 167424 ----a-w- C:\WINDOWS\SysWOW64\WinSCard.dll
    2017-01-11 02:11:11 1DD77E7ED258C57103D1FF1B0571D3FD 553984 ----a-w- C:\WINDOWS\SysWOW64\cryptui.dll
    2017-01-11 02:11:07 FB8657C99B33C9E3AD5197D4AD6B229F 5398016 ----a-w- C:\WINDOWS\SysWOW64\aclui.dll
    2017-01-11 02:11:04 6C79DD2C43E95A38FBB567D83DACDC52 263472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2017-01-11 02:11:01 D1A551B0B7AB57490179E5ED5C4B24DA 2998272 ----a-w- C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-01-11 02:11:01 5521425D404C71B95CFDCBB06455FB97 1557808 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll
    2017-01-11 02:11:00 19F7122EC19F1EDA724D13BF54ABB180 147968 ----a-w- C:\WINDOWS\SysWOW64\win32k.sys
    2017-01-11 02:10:58 E9A61066D8433692073FB7A71B76BF4F 223232 ----a-w- C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2017-01-11 02:10:58 79079788BFF24158D1F1E945D1AC092D 557568 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll
    2017-01-11 02:10:58 6F8A2A1B1411B91B836034457CD797B3 712192 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll
    2017-01-11 02:10:58 2A046635F3515975AEFBB855CB4E9559 180224 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe
    2017-01-11 02:10:57 C03354B15AB4B40A3D626EEA4BD6AFBB 74752 ----a-w- C:\WINDOWS\SysWOW64\updatepolicy.dll
    2017-01-11 02:10:57 BC95B9B72F50130CE7D87093E9F04110 253952 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
    2017-01-11 02:10:57 593B33D87F2EB6BA09D583D782EC5922 285184 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
    2017-01-11 02:10:57 1220BEFEC4639175792FC0462DD52F3A 866816 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2017-01-11 02:10:56 E0D6916E8A0B269D22231BA00E8630FC 318976 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll
    2017-01-11 02:10:56 899A18BA61C0D1242A0E6A92752B7329 34304 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2017-01-11 02:10:56 4C10A7F62FD74CC8D7CA096F77997E0A 2748416 ----a-w- C:\WINDOWS\SysWOW64\rdpcore.dll
    2017-01-11 02:10:56 4ABEA64DBFF541F8EFF80CE488D1E2A6 7626752 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll
    2017-01-11 02:10:55 DEF44B761300AF3C2CF2955273325093 20969928 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
    2017-01-11 02:10:54 E8866BF59BEBEE221459E82453642290 755712 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll
    2017-01-11 02:10:54 D9CCC54D17C28BC96DEA313DACA9CE96 509792 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2017-01-11 02:10:54 D9A7E46105EF2A77055B6A8E62094DA9 886272 ----a-w- C:\WINDOWS\SysWOW64\aadtb.dll
    2017-01-11 02:10:54 BBFB3487BC2BA17DD45311D3B764C771 341344 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll
    2017-01-11 02:10:54 975BAA926F998BD296FACF0102D1B4F5 860672 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2017-01-11 02:10:53 66E893992BE9048429451B026F85E6C6 6044160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll
    2017-01-11 02:10:53 3032268EA235CE27FD2E9E946E3BCFAB 4612608 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-01-11 02:10:53 1375FA26B9483F8C2D607E1741F3A440 822784 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-01-11 02:10:46 1B6A591492D31591458C7A732830D739 1300480 ----a-w- C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2017-01-11 02:10:45 D6BC9443751A6307D6DED2C94438BF9E 1155072 ----a-w- C:\WINDOWS\SysWOW64\MSVP9DEC.dll
    2017-01-11 02:10:45 B78C83C57A50A6F32B3A73023F0BCC14 6474752 ----a-w- C:\WINDOWS\SysWOW64\mspaint.exe
    2017-01-11 02:10:45 7FBDC2558247BBDC8935FEF194D0C1E8 1360464 ----a-w- C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2017-01-11 02:10:45 677A1A604EA11CEEE78CD62AC0A79972 2206496 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2017-01-11 02:10:44 FA5384E6FBF90FC1BB7009279F6BDB5F 980832 ----a-w- C:\WINDOWS\SysWOW64\mfnetcore.dll
    2017-01-11 02:10:44 E9CA8EAECA4785A9798056A321C4AD21 1201872 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2017-01-11 02:10:44 DCBAA27489EE9D25E3ED7D727260F876 1277344 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2017-01-11 02:10:44 78B393E8F4C1990F7A3E2ECD40A48DF3 3892864 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll
    2017-01-11 02:10:44 50E24324A257CBD80B8E57A96FCAA9B6 1852720 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2017-01-11 02:10:44 26401C08D6407D11FEE6514FD6786B90 640000 ----a-w- C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2017-01-11 02:10:43 509C9E1A9DA6CAA6E405DEA9345AC7B3 497152 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll
    2017-01-11 02:10:40 DC195E020B6173087BC61E5694199E7C 198656 ----a-w- C:\WINDOWS\SysWOW64\indexeddbserver.dll
    2017-01-11 02:10:40 2C61DF542F945F12A4FE28FD9C83AC9A 19413504 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-01-11 02:10:39 037C1DD70B4A895EA4B80B3E25D095C8 19417600 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
    2017-01-11 02:10:35 E88811CA8FD0847E359D14C96C5DAE8C 218976 ----a-w- C:\WINDOWS\SysWOW64\offlinesam.dll
    2017-01-11 02:10:35 B827440852CDBF8724A38E698FA0AA2D 806400 ----a-w- C:\WINDOWS\SysWOW64\D3D12.dll
    2017-01-11 02:10:35 7CCEAACEF7840EA15EEF6EC2A098DB72 3733504 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
    2017-01-11 02:10:35 65F4FD7E19758FF07BB5203D65A1C8AA 13869056 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2017-01-11 02:10:35 4F3F93808E5D84E014A417DD7F5ADD90 1631232 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
    2017-01-11 02:10:34 86F3DD8105EA18131BAD4A145F31B668 5061120 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll
    2017-01-11 02:10:33 E507716406282DED993ED67B192E4B93 382784 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2017-01-11 02:10:33 AF1CD431B9B08CBFB62F3B97C614951F 213504 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
    2017-01-11 02:10:33 A522BCEB7132DD667AB8EC9E076BF53E 231424 ----a-w- C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
    2017-01-11 02:10:33 94A7B28F9433289C2447B7F701D8AB4A 76984 ----a-w- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
    2017-01-11 02:10:33 0C3C22395BBA6B4F6AF5075A0FFADA86 484584 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll
    2017-01-11 02:10:32 8705CA9066BEEE2A05C90FABB6929A28 1469792 ----a-w- C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
    2017-01-11 02:10:32 0484DE6C56F366D01C9C57616E74AF9C 231936 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    ====== C:\WINDOWS\SysWOW64\drivers =====
    ====== C:\WINDOWS\Sysnative =====
    2017-01-22 12:29:42 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\Sysnative\bootdelete.exe
    2017-01-11 02:05:08 23C699902D38FB40220B9DCC6A5961E7 328008 ----a-w- C:\WINDOWS\Sysnative\Windows.Storage.ApplicationData.dll
    2017-01-11 02:04:37 C4D85EB020B7A610354F94CFAAFAE448 319288 ----a-w- C:\WINDOWS\Sysnative\wow64.dll
    2017-01-11 02:04:36 CB69C94BC348A8435541453D1C1D7F0D 206848 ----a-w- C:\WINDOWS\Sysnative\win32k.sys
    2017-01-11 02:04:36 BB22F3FE6B6FA52E6A1A0270530C0607 1513472 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys
    2017-01-11 02:04:36 917F081E2AB667C44F7D96DE1D16DFAE 673792 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe
    2017-01-11 02:04:36 4C08BF958476A137C78B62B22B5F90A4 147456 ----a-w- C:\WINDOWS\Sysnative\winsrv.dll
    2017-01-11 02:04:36 3C31E12CEA4F72AAC79ECB89512D7089 3616768 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys
    2017-01-11 02:04:36 0F08A4AA40A0F3663149B182954BA7CA 1694712 ----a-w- C:\WINDOWS\Sysnative\winmde.dll
    2017-01-11 02:04:35 8C521D161445C3E1F38A494E7649E70D 837632 ----a-w- C:\WINDOWS\Sysnative\wbiosrvc.dll
    2017-01-11 02:04:34 DDB7E452A99E0E5244105C6D2CF4BC9E 2317824 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
    2017-01-11 02:04:33 E61548BAF8C7B573C40175C28132D51A 869888 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll
    2017-01-11 02:04:33 82A72D1FE11ADE12D7213228F27C2351 391168 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll
    2017-01-11 02:04:32 FB04124C2D2F68BBF3B9D31950B78222 211968 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe
    2017-01-11 02:04:32 ED63AA851858968B968BD5C144361075 748544 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll
    2017-01-11 02:04:32 9F69F9CF2D6D337D41824E2F2B3921DB 260608 ----a-w- C:\WINDOWS\Sysnative\InstallAgentUserBroker.exe
    2017-01-11 02:04:32 70888F2C61E34DA8C7BC476119375955 90112 ----a-w- C:\WINDOWS\Sysnative\updatepolicy.dll
    2017-01-11 02:04:31 74159E9FFFE9325BC7729A4E3719875D 49152 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
    2017-01-11 02:04:30 EBF9E40845362DBE2AD0DB3077269488 539648 ----a-w- C:\WINDOWS\Sysnative\usocore.dll
    2017-01-11 02:04:30 CAD92D19FF3674F36C778D0E79C40772 290816 ----a-w- C:\WINDOWS\Sysnative\updatehandlers.dll
    2017-01-11 02:04:30 70703DDFF5F20685B09ED4392139B03D 418304 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.BlockedShutdown.dll
    2017-01-11 02:04:30 4CA3CFEA3483EDEFFD27A3A3EC92391C 363520 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.BioFeedback.dll
    2017-01-11 02:04:28 E35794C871B70206F8DA6C48ABA003DC 360448 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll
    2017-01-11 02:04:28 C9B67DBC82FBBB5688CF8E8293495937 9131008 ----a-w- C:\WINDOWS\Sysnative\twinui.dll
    2017-01-11 02:04:28 13F38871E8AF34DCCB041D1B5BCEE465 43008 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe
    2017-01-11 02:04:27 848A3CF59AAE081532C22F7C9A8DAAEC 3134976 ----a-w- C:\WINDOWS\Sysnative\rdpcore.dll
    2017-01-11 02:04:27 4DE2027EC9EB53F11BE46DE27D1B1A72 8075776 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
    2017-01-11 02:04:27 4BF211AAECBBE524D1F141135241C5CE 310784 ----a-w- C:\WINDOWS\Sysnative\SyncSettings.dll
    2017-01-11 02:04:26 C1B5EE58E759C53F9939581709DC70BB 193536 ----a-w- C:\WINDOWS\Sysnative\certprop.dll
    2017-01-11 02:04:26 5E8ECCE130A72107B6DFDBE26185A7FB 201728 ----a-w- C:\WINDOWS\Sysnative\ScDeviceEnum.dll
    2017-01-11 02:04:26 26569D6A2BCBC0058340145C4C79488A 1002496 ----a-w- C:\WINDOWS\Sysnative\SRH.dll
    2017-01-11 02:04:26 0C968E9C3B514AAA634339ADFDBE5C04 2009600 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll
    2017-01-11 02:04:25 CF03DB835BD053C5DF1020B08149334F 22224480 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
    2017-01-11 02:04:25 AD09DD001BFF1562665F5670F1E76259 1062912 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll
    2017-01-11 02:04:25 A8D1EF5E96E2F4FB513D83040B22FF31 1908224 ----a-w- C:\WINDOWS\Sysnative\AzureSettingSyncProvider.dll
    2017-01-11 02:04:25 38B1A32D777CAEBE248FB608023701D2 584544 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe
    2017-01-11 02:04:24 E481F29B8CCA13ED638BCC626D8BC613 1121280 ----a-w- C:\WINDOWS\Sysnative\aadtb.dll
    2017-01-11 02:04:24 C608AF956CE1F99F5B00B9D2AB6C8F4C 352768 ----a-w- C:\WINDOWS\Sysnative\cloudAP.dll
    2017-01-11 02:04:24 B7B0337702015FE3D8F1B1ABD07C1301 932864 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll
    2017-01-11 02:04:24 2F7824EC4540A5FED80D605BC0AD6B39 404832 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll
    2017-01-11 02:04:23 916B789655832BDF681FCE3070AFABB8 1600632 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll
    2017-01-11 02:04:23 164B90D40F4D459A32008762504CD6DC 425984 ----a-w- C:\WINDOWS\Sysnative\aadcloudap.dll
    2017-01-11 02:04:23 123D03C4DCE989FAEAB11B69EBE021AF 8129536 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll
    2017-01-11 02:04:22 8795108A09CCDE6E6D25B1427FD7B593 289792 ----a-w- C:\WINDOWS\Sysnative\DeveloperOptionsSettingsHandlers.dll
    2017-01-11 02:04:22 87067444E515E123F712F564E5668DAB 368640 ----a-w- C:\WINDOWS\Sysnative\OneBackupHandler.dll
    2017-01-11 02:04:22 08D9755DADCA7A0FA9C093EC09C84AE0 4749312 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
    2017-01-11 02:04:18 2F0111384FB522FE6B62EF1ECC60373A 236544 ----a-w- C:\WINDOWS\Sysnative\WinSCard.dll
    2017-01-11 02:04:17 6586E0291CD53DA7794CD988366AED58 6285312 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll
    2017-01-11 02:04:16 62B1292F90D98574FDA94C15455DBE54 92512 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll
    2017-01-11 02:04:16 21A12249A5D06DBD8C40CF186E9DF6C7 4149248 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll
    2017-01-11 02:04:14 EFA5FFD923DB1FF8C0A8E0BE95DF34DA 234496 ----a-w- C:\WINDOWS\Sysnative\KnobsCore.dll
    2017-01-11 02:04:14 639EB29D9311C212A3C35D44A56B1766 349184 ----a-w- C:\WINDOWS\Sysnative\provengine.dll
    2017-01-11 02:04:14 1188528BD42005037F57A1F7EB9FFEA2 83968 ----a-w- C:\WINDOWS\Sysnative\ProvPluginEng.dll
    2017-01-11 02:04:14 0BF189620AE82619BA12C2D0659E719A 119808 ----a-w- C:\WINDOWS\Sysnative\KnobsCsp.dll
    2017-01-11 02:04:08 6B4BFAC812452A7DFB04B79266068333 7816032 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe
    2017-01-11 02:04:03 CE793530EC8C3669D9521B01E5EBBD46 136032 ----a-w- C:\WINDOWS\Sysnative\ImplatSetup.dll
    2017-01-11 02:04:01 FA26C660CD221A53EFF56D7E0533A129 947712 ----a-w- C:\WINDOWS\Sysnative\MSVP9DEC.dll
    2017-01-11 02:04:01 BBCA1BF191B6F20FF549E51FB80A2868 6664192 ----a-w- C:\WINDOWS\Sysnative\mspaint.exe
    2017-01-11 02:04:01 7730E5E104B739368AECE9C00E7C1531 1292288 ----a-w- C:\WINDOWS\Sysnative\MSVPXENC.dll
    2017-01-11 02:04:01 3EFA8AE16B279E0C7C84CD8739ADEAC4 2482280 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll
    2017-01-11 02:03:58 F139D4F13DBBB417B33A193258660611 1454504 ----a-w- C:\WINDOWS\Sysnative\mfnetsrc.dll
    2017-01-11 02:03:58 E56AF91E9346979B4AA060D42D8F0A94 1702392 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
    2017-01-11 02:03:58 A71B83E91B8850F7DC1A691E227BF1F6 1071736 ----a-w- C:\WINDOWS\Sysnative\mfnetcore.dll
    2017-01-11 02:03:58 3E3F64B5A629BDF6DC8C4CFAE77C8E4E 1300600 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
    2017-01-11 02:03:58 181C169AE98C74A1CC4B9AA0B4A22EA4 4130440 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll
    2017-01-11 02:03:58 0EC298CD8F21F9AC04FEC57505B9150D 1988560 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
    2017-01-11 02:03:57 7DDF10FC2C70EA83BAC2BB934DF03CAD 936960 ----a-w- C:\WINDOWS\Sysnative\MCRecvSrc.dll
    2017-01-11 02:03:54 92156481488CDD143B4FC5AAEF94F85C 1490432 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll
    2017-01-11 02:03:53 6A767EA4AB61E6CD23E21299FF2EB045 707584 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll
    2017-01-11 02:03:49 FBF28125556F3A32518DA015497353F4 223744 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe
    2017-01-11 02:03:49 939B177EDD2B38D3E8BD994FF05EE27C 261632 ----a-w- C:\WINDOWS\Sysnative\indexeddbserver.dll
    2017-01-11 02:03:48 F4886590FE0DF86EB9426A298B81C6B6 23678464 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
    2017-01-11 02:03:48 1B135C7D7C2930F967C40FEF9D0A6BE2 22563840 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll
    2017-01-11 02:03:39 6DFED1399CF52D877E6C91D470A29916 440320 ----a-w- C:\WINDOWS\Sysnative\fhcfg.dll
    2017-01-11 02:03:39 0D9A63B965E6871809EE83B56697E0B3 462336 ----a-w- C:\WINDOWS\Sysnative\fhsettingsprovider.dll
    2017-01-11 02:03:33 8B3D8DF2574E9EAA7FC5A93066AA9260 1005568 ----a-w- C:\WINDOWS\Sysnative\D3D12.dll
    2017-01-11 02:03:32 B7EF5FF80CC9C0723ADA31B4355B9C13 883712 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll
    2017-01-11 02:03:32 9EF92B1669413DF478D4A8DCDE201F4C 17188864 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
    2017-01-11 02:03:32 980FB14885AE2404726EE45F8AABB586 4474368 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_47.dll
    2017-01-11 02:03:32 74FCE9C9854C94C264AF7639A5F46FF6 1631232 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll
    2017-01-11 02:03:32 13D5AFBE138BADC93960102A4F187DE1 245600 ----a-w- C:\WINDOWS\Sysnative\offlinesam.dll
    2017-01-11 02:03:31 466F6475D5161FD26F144967C84FA30F 324096 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll
    2017-01-11 02:03:31 1EB7C2F34EFD0B1AAE841F0272531106 1231872 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll
    2017-01-11 02:03:31 0969BCCDE7E838227140F64382EF64AE 5611008 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll
    2017-01-11 02:03:29 0A9D8B84C895E51D61F85F7AE4E639ED 600576 ----a-w- C:\WINDOWS\Sysnative\cryptui.dll
    2017-01-11 02:03:28 F77CC6A4AD680477252538615B4F6863 257024 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.CredDialogController.dll
    2017-01-11 02:03:28 BFBCD0C204BFFFB1CC17FE8A8B734A8B 266752 ----a-w- C:\WINDOWS\Sysnative\ConsoleLogon.dll
    2017-01-11 02:03:27 391C0A1E168E6E66D9136DDA4FA2743E 241504 ----a-w- C:\WINDOWS\Sysnative\CloudExperienceHost.dll
    2017-01-11 02:03:13 42AFA15DE8FE204B74B3C8D2E2E12B0D 295424 ----a-w- C:\WINDOWS\Sysnative\CloudBackupSettings.dll
    2017-01-11 02:03:10 C9F62A3544BCEBACAF17E3EA22B0F5A2 590960 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll
    2017-01-11 02:03:10 C1AD9597ADC4770E221A25B8BEB7271C 418952 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll
    2017-01-11 02:03:10 A707CE085972BBDBA1F6780B444F6D3C 89416 ----a-w- C:\WINDOWS\Sysnative\remoteaudioendpoint.dll
    2017-01-11 02:03:10 82F99FCA5931BB62B465F5B6B1D420DD 534096 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll
    2017-01-11 02:03:10 7B993290E7691C446C16A56A431669BA 942080 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll
    2017-01-11 02:03:09 D70B1453ADA82A92E76EAE72D936A0F6 2275840 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
    2017-01-11 02:03:09 A1D181D6D7D14F4EB36675D0D62CE817 1692672 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.onecore.dll
    2017-01-11 02:03:09 7BA4E976F904AA6CD237A7A1555385AB 2169184 ----a-w- C:\WINDOWS\Sysnative\AppVEntSubsystems64.dll
    2017-01-11 02:03:09 47A61ECCDD1EC29E66EEAB90416B2064 5511680 ----a-w- C:\WINDOWS\Sysnative\aclui.dll
    2017-01-11 02:03:09 2DC3D53FFA0D10EB8C911AE2DB7BF4CF 337920 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
    2017-01-11 02:03:07 783B7FCD68D9C42EC4779140ED55E542 1235296 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll
    2017-01-11 02:03:06 E9543E74CC957BBD36D537BE9BCD075B 813408 ----a-w- C:\WINDOWS\Sysnative\AppVEntStreamingManager.dll
    2017-01-11 02:03:06 E33446727BBCC402913AFF2B440C7DB3 779616 ----a-w- C:\WINDOWS\Sysnative\AppVReporting.dll
    2017-01-11 02:03:06 B20202D8FA469630F21802EB460B43A3 696160 ----a-w- C:\WINDOWS\Sysnative\AppVPublishing.dll
    2017-01-11 02:03:06 ACF2C3CAB1FDC4B25ACB12EB60FA174E 1054048 ----a-w- C:\WINDOWS\Sysnative\AppVPolicy.dll
    2017-01-11 02:03:06 A01596A65A36416DE9DB3D5A0476EF9A 1669984 ----a-w- C:\WINDOWS\Sysnative\AppVIntegration.dll
    2017-01-11 02:03:06 9D9A803170E3DA9051F0B4B6C95B64E2 406368 ----a-w- C:\WINDOWS\Sysnative\AppVScripting.dll
    2017-01-11 02:03:06 99CA3E622070FDBD7B75EB7E86B2DE40 822624 ----a-w- C:\WINDOWS\Sysnative\AppVClient.exe
    2017-01-11 02:03:06 813A5AEC1D548506B98084E916CF4D5F 241504 ----a-w- C:\WINDOWS\Sysnative\AppVShNotify.exe
    2017-01-11 02:03:06 7ECDB81C6F0F8089D3027C8319CFC966 1400160 ----a-w- C:\WINDOWS\Sysnative\AppVEntSubsystemController.dll
    2017-01-11 02:03:06 556D38A47240BAF62EE4E41A0EA12BF2 704352 ----a-w- C:\WINDOWS\Sysnative\AppVEntVirtualization.dll
    2017-01-11 02:03:06 52F502271B9B779E8D630EE9F910F9A0 752992 ----a-w- C:\WINDOWS\Sysnative\AppVOrchestration.dll
    2017-01-11 02:03:06 3F38768BF36874A4E649FAD5F94009AE 513376 ----a-w- C:\WINDOWS\Sysnative\TransportDSA.dll
    2017-01-11 02:03:06 283B67D6DB413AD1F90F234F72945C84 571744 ----a-w- C:\WINDOWS\Sysnative\AppVCatalog.dll
    2017-01-11 02:03:06 113124C7ED0B942AD954DD4E81C3B93B 190816 ----a-w- C:\WINDOWS\Sysnative\AppVDllSurrogate.exe
    2017-01-11 02:03:06 03A3AA14BD6567BD17F973239773C2A9 992096 ----a-w- C:\WINDOWS\Sysnative\AppVManifest.dll
    2017-01-11 02:03:05 BD19B0A85E7F7D70543A77C61CE21054 324608 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll
    2017-01-11 02:03:03 4B1302F2DDF5B7F19520B20B380FBE39 455520 ----a-w- C:\WINDOWS\Sysnative\securekernel.exe
    2017-01-11 02:03:00 D4BEF92AFE4C1BBF3216D159E2B9B0F7 1356864 ----a-w- C:\WINDOWS\Sysnative\ClipUp.exe
    ====== C:\WINDOWS\Sysnative\drivers =====
    2017-01-11 02:03:54 90C07EB909C42316982E753BDAA7860D 624048 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys
    2017-01-11 02:02:38 3BB8D153A9A514EC9FFCB586251A1925 715104 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys
    2017-01-11 02:02:38 29AF16726F4DD84376ECA85AB6AFF2C6 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys
    2017-01-05 23:48:58 4032C71C9CB3F6FE1B918BD9F72B9588 75888 ----a-w- C:\WINDOWS\Sysnative\drivers\dbx-stable.sys
    2017-01-05 23:48:58 4032C71C9CB3F6FE1B918BD9F72B9588 75888 ----a-w- C:\WINDOWS\Sysnative\drivers\dbx-dev.sys
    2017-01-05 23:48:58 4032C71C9CB3F6FE1B918BD9F72B9588 75888 ----a-w- C:\WINDOWS\Sysnative\drivers\dbx-canary.sys
    ====== C:\WINDOWS\Tasks ======
    ====== C:\WINDOWS\Temp ======
    ======= C:\Program Files =====
    ======= C:\PROGRA~2 =====
    2017-01-20 01:09:07 -------- d-----w- C:\PROGRA~2\Adware Removal Tool by TSA
     
  17. 2017/01/24
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Zoek part 2


    ======= C: =====
    ====== C:\Users\Rick\AppData\Roaming ======
    2017-01-23 01:34:10 -------- d-----w- C:\Users\Rick\AppData\Local\PeerDistRepub
    2017-01-12 23:06:12 -------- d-----w- C:\Users\Rick\AppData\Local\Apple Computer
    2017-01-09 14:20:01 -------- d-----w- C:\Users\Rick\AppData\Local\Apple
    2017-01-03 14:44:18 -------- d-----w- C:\Users\Rick\AppData\Local\Adobe
    ====== C:\Users\Rick ======
    2017-01-22 12:04:09 -------- d-----w- C:\ProgramData\HitmanPro
    2017-01-21 19:11:25 589A494D72066677B9FD1439AB8CF4F5 2513920 ----a-w- C:\Users\Rick\Desktop\ZHPCleaner.exe
    2017-01-20 13:25:15 76ACA89383D1B0EE9FD71F7603DAA7B4 11581544 ----a-w- C:\Users\Rick\Desktop\HitmanPro_x64.exe
    2017-01-20 01:02:34 0FF0F5C72CF494A6A431DF733A4F1E83 752296 ----a-w- C:\Users\Rick\Desktop\Adware Removal Tool by TSA.exe
    2017-01-20 01:01:57 9DF1469E76C21CFB43017D04847F6782 1663040 ----a-w- C:\Users\Rick\Desktop\JRT.exe
    2017-01-20 00:58:04 E05BC40301AB39A2DFC1E03B9B117A99 3988944 ----a-w- C:\Users\Rick\Desktop\AdwCleaner.exe
    2017-01-20 00:52:26 DC57926B0AA518A3A884A8B7F7158E16 892416 ----a-w- C:\Users\Rick\Desktop\MiniToolBox.exe
    2017-01-19 08:32:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
    2017-01-11 21:40:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

    ====== C: exe-files ==
    2017-01-22 12:29:42 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe
    2017-01-21 19:16:59 589A494D72066677B9FD1439AB8CF4F5 2513920 ----a-w- C:\Users\Rick\AppData\Roaming\ZHP\ZHPCleaner.exe
    2017-01-21 19:11:25 589A494D72066677B9FD1439AB8CF4F5 2513920 ----a-w- C:\Users\Rick\Desktop\ZHPCleaner.exe
    2017-01-20 13:25:15 76ACA89383D1B0EE9FD71F7603DAA7B4 11581544 ----a-w- C:\Users\Rick\Desktop\HitmanPro_x64.exe
    2017-01-20 01:09:07 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Windows\SysWOW64\subinacl.exe
    2017-01-20 01:02:34 0FF0F5C72CF494A6A431DF733A4F1E83 752296 ----a-w- C:\Users\Rick\Desktop\Adware Removal Tool by TSA.exe
    2017-01-20 01:01:57 9DF1469E76C21CFB43017D04847F6782 1663040 ----a-w- C:\Users\Rick\Desktop\JRT.exe
    2017-01-20 00:58:04 E05BC40301AB39A2DFC1E03B9B117A99 3988944 ----a-w- C:\Users\Rick\Desktop\AdwCleaner.exe
    2017-01-20 00:52:26 DC57926B0AA518A3A884A8B7F7158E16 892416 ----a-w- C:\Users\Rick\Desktop\MiniToolBox.exe
    2017-01-20 00:19:22 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Rick\AppData\Local\Temp\jrt\nfo\nircmdc.exe
    2017-01-19 08:31:38 24383607E7E33ED1F808555AFFBDDCBC 49878168 ----a-w- C:\Windows\Temp\tmp1A93.tmp.exe
    2017-01-16 20:45:38 3FCE1DA0F96C183D605BDF11C70B1176 1039376 ----a-w- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
    2017-01-16 20:45:30 AEF03704B26B765179896DDD6D4BDB6E 25512 ----a-w- C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
    2017-01-16 20:45:22 81695D103AF037CC363877B209AD54F9 24958456 ----a-w- C:\Program Files (x86)\Garmin\Express\express.exe
    2017-01-16 20:45:06 A2B91786A24A2F285C5C41D7F9CE62D9 1407912 ----a-w- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
    2017-01-16 20:44:58 2896469E5211D2BB6FCDFBA64DC0376F 64936 ----a-w- C:\Program Files (x86)\Garmin\Express Elevated Installer\ElevatedInstaller.exe
    === C: other files ==
    2017-01-20 01:27:44 CFCFFCADD95E8917CB7E544A53003674 1055311 ----a-w- C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    2017-01-20 01:24:55 CFCFFCADD95E8917CB7E544A53003674 1055311 ----a-w- C:\Users\Rick\Desktop\Old Firefox Data\mt66i2pk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    2017-01-18 12:16:40 17845DDC10F763D20A7BC3F37B864100 76741 ----a-w- C:\Users\Rick\Downloads\mileagelogbah.zip

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

    [HKEY_USERS\S-1-5-21-2695648794-3928458116-4113379522-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OneDrive"="C:\Users\Rick\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
    "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
    "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    "ZipScript"="C:\Program Files (x86)\WORDsearch 10\ZipScript.exe"

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
    "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "D-Link D-Link Wireless N Dual Band DWA-160 "="C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe"
    "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
    "QuickFinder Scheduler"="c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\QFSCHD160.EXE"
    "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "OneDrive"="C:\Users\Rick\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
    "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
    "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    "ZipScript"="C:\Program Files (x86)\WORDsearch 10\ZipScript.exe"

    ==== Startup Registry Enabled x64 ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
    "Persistence"="C:\WINDOWS\system32\igfxpers.exe"
    "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
    "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
    "Unattend0000000001{8CEC7F9D-83AA-4128-B302-5914EF434DC2}"="devmgmt.msc "
    "WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe""

    ==== Task Scheduler Jobs ======================

    C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [01/10/2017 09:13 PM]
    C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [08/10/2016 03:41 AM]
    C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [08/10/2016 03:41 AM]

    ==== Other Scheduled Tasks ======================

    "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
    "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe]
    "C:\WINDOWS\SysNative\tasks\AVG EUpdate Task" [avgsetupx.exe]
    "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
    "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe]
    "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
    "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Rick\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe]
    "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
    "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{AAC44032-199B-4C65-8DFB-5F95910FA0A9}" [C:\Windows\system32\msfeedssync.exe]
    "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

    ==== Firefox Start and Search pages ======================

    ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823
    user_pref("browser.startup.homepage", "Google");

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
    "{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [10/12/2016 05:31 AM]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823
    - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

    AppDir: C:\Program Files (x86)\Mozilla Firefox
    - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823
    9E602A9634AC3EFA8CD5BC4CD943416B - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll - Shockwave Flash


    ==== Chromium Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[12/17/2016 02:15 PM]

    Google Slides - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
    Google Docs - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
    Google Drive - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
    YouTube - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
    selector is not a valid CSS selector - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
    Logitech Smooth Scrolling - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk
    Adobe Acrobat - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
    Google Sheets - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
    Google Docs Offline - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
    Chrome Web Store Payments - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
    Gmail - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
    Chrome Media Router - Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="Google"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="Google"

    ==== All HKLM and HKCU SearchScopes ======================

    HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - {searchTerms} - Bing
    HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - {searchTerms} - Bing
    HKLM\Wow6432Node\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - {searchTerms} - Google Search
    HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - {searchTerms} - Google Search
    HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - {searchTerms} - Bing
    HKCU\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - {searchTerms} - Google Search

    ==== Reset IE Proxy ======================

    Value(s) before fix:
    "ProxyOverride"="*.local"
    "ProxyEnable"=dword:00000000

    Value(s) after fix:
    "ProxyEnable"=dword:00000000

    ==== Uninstall List x64 ======================

    64 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{284F4C1C-380D-4F10-88C8-1F9E386EFE98}]
    Adobe Acrobat XI Standard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-1033-FFFF-BA7E-000000000006}]
    Adobe Flash Player 24 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI]
    Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824211354}]
    ANT Drivers Installer x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{40609980-A00D-4DA9-B8C9-1B56C5628C7B}]
    Apple Application Support (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}]
    Apple Application Support (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}]
    Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}]
    Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56EC47AA-5813-4FF6-8E75-544026FBEA83}]
    Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}]
    CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
    D-Link DWA-160 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{294A97F8-CC15-41F7-8718-CEE6B0C7D7E0}]
    Dropbox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]
    Dropbox Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}]
    Elevated Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6637E1C6-0A9D-48D4-B594-35610962F14F}]
    Garmin Express [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{249CFC92-210D-401D-89AF-5B40B60BC3F4}]
    Garmin Express [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}]
    Garmin Express Tray [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7DE2141B-D3B0-4FDA-A9D0-6F58C7C2B89D}]
    Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
    Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}]
    iTalk Sync 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iTalk Sync]
    iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}]
    Logitech SetPoint 6.67 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\sp6]
    Malwarebytes Anti-Malware version 2.2.1.1043 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1]
    Microsoft Office Professional 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.SingleImage]
    Microsoft OneDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneDriveSetup.exe]
    Microsoft Streets & Trips 2013 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C82185E8-C27B-4EF4-2013-4444BC2C2B6D}]
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}]
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)]
    Mozilla Firefox 50.1.0 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 50.1.0 (x86 en-US)]
    Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
    Nitro Reader 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9EA981E5-EE67-4662-86F1-58937D31FE07}]
    Visual Studio 2012 x64 Redistributables [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}]
    Visual Studio 2012 x86 Redistributables [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}]
    VLC media player [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46]
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2]
    WordPerfect Office IFilter 32-bit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}]
    WordPerfect Office IFilter 64-bit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}]
    WordPerfect Office X6 - Common Files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{315FE707-7A15-4B1B-8C5A-955428AAA01D}]
    WordPerfect Office X6 - Common Files English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1AF3785-AA77-471E-ABC5-4C2B459B877A}]
    WordPerfect Office X6 - IPM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{230100D9-27B4-49A3-A30F-D44B51EF56AA}]
    WordPerfect Office X6 - Lightning Files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{440F51A9-8CA3-41D7-AFD5-F47820895949}]
    WordPerfect Office X6 - Lightning Files English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4D92146-95DE-415A-99CC-51FBFF7C10CF}]
    WordPerfect Office X6 - Oxford [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8959569B-D9BA-43A9-972A-D509EE7D4BA9}]
    WordPerfect Office X6 - Presentations Files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EAA5C699-6DB5-4508-BD64-B79EB9409C9D}]
    WordPerfect Office X6 - Presentations Files English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86ACFB25-0FA5-4A01-96B5-EE8F229D456E}]
    WordPerfect Office X6 - Quattro Pro Files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{069793F3-E123-47B9-88DB-5DE76FF32ADB}]
    WordPerfect Office X6 - Quattro Pro Files English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{10FFE1D7-6A72-4483-9856-1A2FBBC5A425}]
    WordPerfect Office X6 - Setup Files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26D6D2A4-F08A-4212-86E7-7F1F75033610}]
    WordPerfect Office X6 - System Files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8270ABE3-53A5-4046-BF84-EB5FBB0F5B10}]
    WordPerfect Office X6 - WordPerfect Files [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCADD122-70A5-47A6-8722-1BD5267B85F5}]
    WordPerfect Office X6 - WordPerfect Files English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD29C36F-2C6D-4ED3-BC21-B20C8038E9A5}]
    WordPerfect Office X6 - WT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F7A0D0F-6576-489E-B20B-B7C8F95BBCC3}]
    WordPerfect Office X6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\_{26D6D2A4-F08A-4212-86E7-7F1F75033610}]
    WordPerfect Office X6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F6582F6F-6CD1-4B62-8BC6-EACF98AF410F}]
    WORDsearch 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4420F521-D5EC-487D-9AAB-AD30AF903A52}]
    WORDsearch 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WORDsearch 10]
    WORDsearch 8 Discipleship Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3E9E0874-5DF4-470E-9567-A88BD4AFEF64}]
    WORDsearch 8 Discipleship Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WORDsearch 8 Discipleship Edition]

    ==== HijackThis Entries ======================

    O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
    O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [D-Link D-Link Wireless N Dual Band DWA-160 ] C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe
    O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\QFSCHD160.EXE"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rick\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    O4 - HKCU\..\Run: [ZipScript] C:\Program Files (x86)\WORDsearch 10\ZipScript.exe
    O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: D-Link Wireless N Dual Band DWA-160 _WPS Service (D-Link Wireless N Dual Band DWA-160 _WPS) - Unknown owner - C:\Program Files (x86)\D-Link\DWA-160\ANIWConnService.exe
    O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    ==== Empty IE Cache ======================

    C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
    C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
    C:\Users\Rick\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
    C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

    ==== Empty FireFox Cache ======================

    C:\Users\Rick\AppData\Local\Mozilla\Firefox\Profiles\de4mge7f.default-1484875452823\cache2 emptied successfully

    ==== Empty Chrome Cache ======================

    C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    No Flash Cache Found

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=30474 folders=970 2356121672 bytes)

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\WINDOWS\Temp successfully emptied
    C:\Users\Rick\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on Sun 01/22/2017 at 19:51:00.79 ======================
     
  18. 2017/01/24
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Autoruns

    [​IMG]
     
  19. 2017/01/24
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Last scan - Security Checkup

    Results of screen317's Security Check version 1.014 --- 12/23/15
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Windows Defender
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    MVPS Hosts File
    Adobe Flash Player 24.0.0.194
    Mozilla Firefox (50.1.0)
    Google Chrome (55.0.2883.87)
    Google Chrome (SetupMetrics...)
    ````````Process Check: objlist.exe by Laurent````````
    Windows Defender MSMpEng.exe
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbam.exe
    Malwarebytes Anti-Malware mbamscheduler.exe
    Windows Defender MSASCuiL.exe
    Windows Defender MpCmdRun.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````
     
  20. 2017/01/24
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,593
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Click Start< Control Panel< Uninstall a program and remove the following items:

    Elevated Installer
    Garmin Express
    Garmin Express Tray
    (Unless you use the Garmin software)

    Then in Autoruns remove the following items:

    Adobe Updater Startup Utility
    Logitech SetPoint
    hkcmd module
    igfxTray
    iTunesHelper
    Logitech Download
    Persistance Module
    Unattend
    AcroTray
    D-Link WLAN Application
    CCleaner
    Garmin Express Tray
    Microsoft OneDrive
    ZipScript
    Google Chrome
    Windows Mail (Both Entries)
    The item highlighted in yellow

    Then reboot the computer after running those steps.

    After the computer reboots, click Start< Run and type msconfig and hit enter. After the System Configuration Utility opens, click on the Services tab, and then select the checkbox that says Hide all Microsoft services. Then take a screenshot of the Services tab and post it here in your next reply.

    Also, has Java been removed from the machine?
     
  21. 2017/01/24
    basketcase Contributing Member

    basketcase Well-Known Member Thread Starter

    Joined:
    2008/01/22
    Messages:
    226
    Likes Received:
    3
    Trophy Points:
    233
    Location:
    Roll Tide Central, Alabama
    Computer Experience:
    Level 4 case whacker
    Yes, Java has been removed.

    Just to be sure I understand, when you say "remove the following items" (in Autorun), does that mean to check them and then click on delete (the red x at the top)?

    Or, does it mean uncheck them and then do ... what?
     

Share This Page