Inactive-A "You are infected" call 1 888 666 xxxx

Thread starter Twinfire
Start date Jun 2, 2015

Status: Not open for further replies.

Twinfire

Posts: 53 +0

Jun 2, 2015

#1

Hello Techspot gods, my laptop has a pop out box stuck on the desktop rendering the area useless. Safemode allows me to come here.

As per guidelines here is the FRST log, the addition.txt in the following post.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by greg (administrator) on REDMACK620 on 03-06-2015 00:43:37
Running from C:\Users\greg\OneDrive\Pictures\Desktop
Loaded Profiles: greg (Available Profiles: greg & Administrator & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-04-01] (NVIDIA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2717176 2013-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [SacReminderBOX] => C:\ProgramData\Clickfree\BoxSoftware\reminder\SacReminder.exe [567120 2011-11-02] (SAC)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-05] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-20] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\MountPoints2: {394aaf3d-1ef3-11e4-bf36-24fd524d85ec} - "E:\AutoRun.exe"
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\MountPoints2: {495dbc98-f088-11e4-824f-24fd524d85ec} - "F:\AutoRun.exe"
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177624 2015-04-01] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-04-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164752 2015-04-01] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartUtilityUpdate.lnk [2015-05-10]
ShortcutTarget: SmartUtilityUpdate.lnk -> C:\Users\greg\AppData\Local\SmartUtilityUpdate\SmartUtilityUpdate.exe (TechnoChrome LLC)
Startup: C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-05-14]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.mytoshiba.com.au/start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1144771067-2304087280-3493909680-1002 -> {D0AD99D8-2C60-445A-B109-B7F58CA460CC} URL =
SearchScopes: HKU\S-1-5-21-1144771067-2304087280-3493909680-1002 -> {EF860DF9-0DB4-4950-8BE1-CEC61189B9FF} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-02] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-02] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Keyword.URL: https://au.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-02] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Extension: auto-plugin-checker - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\auto-plugin-checker@jetpack.xpi [2015-05-19]
FF Extension: CensureBlock - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\censureblock@gmail.com.xpi [2015-05-02]
FF Extension: Strict Pop-up Blocker - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2015-05-02]
FF Extension: Adblock Plus - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-02]
FF HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S4 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1522664 2015-05-18] (AVG Technologies CZ, s.r.o.)
S4 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
S4 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S4 CFUACProxy_boxsoftware; C:\ProgramData\Clickfree\BoxSoftware\UACProxy.exe [83792 2011-11-02] (Storage Appliance Corp.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S4 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-03-26] ()
S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-11] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-11] (Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-27] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165488 2012-12-19] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-03-27] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-05-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-05-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [293856 2015-05-04] (AVG Technologies CZ, s.r.o.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
S1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [56680 2015-05-10] (Kingsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SMR430; C:\Windows\System32\drivers\SMR430.SYS [108216 2015-06-03] (Symantec Corporation)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [110976 2013-03-26] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-08-01] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-05-03] (Microsoft Corporation)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 00:43 - 2015-06-03 00:43 - 00000000 ____D () C:\FRST
2015-06-03 00:37 - 2015-06-03 00:37 - 00000020 _____ () C:\WINDOWS\system32\Drivers\SMR430.dat
2015-06-03 00:34 - 2015-06-03 00:34 - 00000000 ____D () C:\NPE
2015-06-03 00:29 - 2015-06-03 00:37 - 00108216 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR430.SYS
2015-06-03 00:29 - 2015-06-03 00:37 - 00000000 ____D () C:\Users\greg\AppData\Local\NPE
2015-06-03 00:18 - 2015-06-03 00:18 - 00000077 _____ () C:\WINDOWS\setupact.log
2015-06-03 00:18 - 2015-06-03 00:18 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-06-03 00:17 - 2015-06-03 00:17 - 00033853 _____ () C:\WINDOWS\WindowsUpdate.log
2015-06-01 15:45 - 2015-06-01 15:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-06-01 12:25 - 2015-06-01 12:39 - 00000000 ____D () C:\AdwCleaner
2015-06-01 12:18 - 2015-06-01 12:18 - 00001136 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-01 12:18 - 2015-06-01 12:18 - 00000000 ____D () C:\Users\greg\AppData\Roaming\Malwarebytes
2015-06-01 12:18 - 2015-06-01 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2015-06-01 12:18 - 2015-06-01 12:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-06-01 12:18 - 2015-06-01 12:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-06-01 12:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-30 19:30 - 2015-05-30 19:30 - 00000000 ____D () C:\WINDOWS\pss
2015-05-30 10:07 - 2015-05-30 10:07 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2015-05-30 00:23 - 2015-05-30 00:30 - 00000000 ____D () C:\Users\greg\Camera Roll
2015-05-20 03:03 - 2015-05-20 03:04 - 171245482 _____ () C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\Recovery Session File # Wed, 20-May-2015[3 3 52].rrs4
2015-05-20 02:54 - 2015-05-20 02:54 - 00000000 ____D () C:\Unformat_Images
2015-05-20 02:51 - 2015-05-20 02:51 - 00003252 _____ () C:\WINDOWS\System32\Tasks\{28B6EE38-811B-4F16-9FDA-6C4CEDCAF2B2}
2015-05-19 14:48 - 2015-05-19 16:04 - 00000000 ____D () C:\ProgramData\Protexis
2015-05-19 14:46 - 2015-05-19 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broderbund
2015-05-19 14:45 - 2015-05-19 14:45 - 00000000 ____D () C:\ProgramData\Broderbund
2015-05-19 14:45 - 2015-05-19 14:45 - 00000000 ____D () C:\Program Files (x86)\Broderbund
2015-05-19 11:01 - 2015-05-19 11:01 - 00000000 ____D () C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TypeFaster
2015-05-19 11:01 - 2015-05-19 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TypeFaster
2015-05-19 11:01 - 2015-05-19 11:01 - 00000000 ____D () C:\Program Files (x86)\TypeFaster
2015-05-18 14:24 - 2015-05-18 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Scavenger 4.1
2015-05-18 14:24 - 2015-05-18 14:24 - 00000000 ____D () C:\Program Files (x86)\File Scavenger 4.1
2015-05-18 11:37 - 2015-05-20 10:01 - 00000000 ____D () C:\Program Files (x86)\Convar
2015-05-18 11:29 - 2015-05-18 11:29 - 00000000 ____D () C:\Program Files\EaseUS
2015-05-18 11:19 - 2015-05-18 11:19 - 00000000 ____D () C:\Program Files (x86)\CodeMeter
2015-05-17 16:18 - 2015-05-17 16:19 - 171088206 _____ () C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\Recovery Session File # Sun, 17-May-2015[16 18 52].rrs4
2015-05-17 16:15 - 2015-05-20 03:14 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-17 16:14 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2015-05-17 16:03 - 2015-05-17 16:03 - 00000000 ____D () C:\Program Files (x86)\IUWEshare
2015-05-17 15:42 - 2015-05-17 15:42 - 00000000 ____D () C:\Users\greg\AppData\Roaming\AmazingFileRecovery
2015-05-16 22:30 - 2015-05-16 22:30 - 00000000 ___HD () C:\$AVG-SHREDDER-TMP-72ec5905-f21e-434b-9df8-3a3ecd072211
2015-05-16 13:06 - 2015-05-16 13:06 - 00000000 ____D () C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\002GJN
2015-05-15 14:41 - 2015-05-15 14:41 - 00000000 ___HD () C:\$AVG-SHREDDER-TMP-9b6fb606-a48c-4705-a2d4-1453ec417a5a
2015-05-14 17:54 - 2015-05-01 04:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 17:54 - 2015-05-01 04:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 12:50 - 2015-05-14 12:50 - 00000000 ____D () C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\OneNote Notebooks
2015-05-14 10:30 - 2015-05-14 10:30 - 00002990 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-05-13 16:24 - 2015-01-30 08:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 16:23 - 2015-05-01 07:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 16:23 - 2015-05-01 06:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 16:23 - 2015-04-10 08:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 16:23 - 2015-04-10 08:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 16:23 - 2015-04-02 06:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 16:23 - 2015-04-02 06:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 16:23 - 2015-04-01 11:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 16:23 - 2015-04-01 10:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 16:23 - 2015-03-20 09:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 16:23 - 2015-03-18 01:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 16:23 - 2015-03-13 09:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 16:23 - 2015-03-13 08:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 16:23 - 2015-03-09 10:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 16:23 - 2015-03-04 09:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 16:23 - 2015-03-04 09:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 16:22 - 2015-04-22 01:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 16:22 - 2015-04-22 00:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 16:22 - 2015-04-22 00:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 16:22 - 2015-04-22 00:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 16:22 - 2015-04-22 00:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 16:22 - 2015-04-22 00:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 16:22 - 2015-04-22 00:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 16:22 - 2015-04-22 00:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 16:22 - 2015-04-21 23:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 16:22 - 2015-04-21 23:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 16:22 - 2015-04-21 23:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 16:22 - 2015-04-21 23:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 16:22 - 2015-04-21 23:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 16:22 - 2015-04-21 23:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 16:22 - 2015-04-21 23:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 16:22 - 2015-04-21 23:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 16:22 - 2015-04-21 22:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 16:21 - 2015-04-25 05:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 16:21 - 2015-04-22 00:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 16:21 - 2015-04-22 00:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 16:21 - 2015-04-22 00:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 16:21 - 2015-04-22 00:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 16:21 - 2015-04-22 00:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 16:21 - 2015-04-22 00:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 16:21 - 2015-04-22 00:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 16:21 - 2015-04-21 23:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 16:21 - 2015-04-21 23:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 16:21 - 2015-04-21 23:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 16:21 - 2015-04-21 23:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 16:21 - 2015-04-21 23:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 16:21 - 2015-04-21 23:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 16:21 - 2015-04-21 23:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 16:21 - 2015-04-21 23:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 16:21 - 2015-04-21 23:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 16:21 - 2015-04-21 23:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 16:21 - 2015-04-21 23:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 16:21 - 2015-04-21 23:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 16:21 - 2015-04-21 23:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 16:21 - 2015-04-21 23:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 16:21 - 2015-04-21 22:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 16:21 - 2015-04-14 06:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 16:21 - 2015-04-10 09:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 16:21 - 2015-04-10 08:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 16:21 - 2015-04-10 08:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 16:21 - 2015-04-09 06:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 16:21 - 2015-04-03 08:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 16:21 - 2015-04-03 08:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 16:21 - 2015-03-30 13:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 16:21 - 2015-03-27 11:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 16:21 - 2015-03-27 10:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 16:21 - 2015-03-27 10:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 16:21 - 2015-03-13 12:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 16:21 - 2015-03-13 12:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 16:21 - 2015-03-13 10:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 16:21 - 2015-03-13 08:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 16:21 - 2015-03-06 11:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 16:21 - 2015-03-06 10:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 16:21 - 2015-03-06 10:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 16:21 - 2015-03-05 07:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 16:21 - 2015-02-18 07:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-11 12:08 - 2015-05-11 12:08 - 00000000 ____D () C:\ProgramData\Synaptics
2015-05-10 20:51 - 2015-05-10 20:51 - 00002792 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-05-10 20:51 - 2015-05-10 20:51 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-10 20:51 - 2015-05-10 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-10 20:51 - 2015-05-10 20:51 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-10 12:16 - 2015-05-10 12:17 - 00000000 ____D () C:\Users\greg\AppData\Roaming\SMART PC TUNER
2015-05-10 12:09 - 2015-05-10 12:09 - 00000000 ____D () C:\Users\greg\AppData\Local\TechnoChrome_LLC
2015-05-10 12:07 - 2015-05-10 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Tuner
2015-05-10 12:07 - 2015-05-10 12:07 - 00000000 ____D () C:\Users\greg\AppData\Local\SmartUtilityUpdate
2015-05-10 12:07 - 2015-05-10 12:07 - 00000000 ____D () C:\Program Files (x86)\TechnoChrome LLC
2015-05-10 12:05 - 2015-05-10 12:05 - 00000000 ____D () C:\Users\greg\AppData\Roaming\TechnoChrome LLC
2015-05-10 11:50 - 2015-05-10 11:50 - 00000000 ____D () C:\ProgramData\cmcm
2015-05-10 11:50 - 2015-05-10 11:49 - 00056680 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi64.sys
2015-05-10 11:49 - 2015-05-10 11:49 - 00081768 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi.sys
2015-05-10 11:49 - 2015-05-10 11:49 - 00000000 ____D () C:\Program Files (x86)\cmcm
2015-05-07 13:58 - 2015-05-20 17:25 - 00007594 _____ () C:\Users\greg\AppData\Local\Resmon.ResmonCfg
2015-05-07 13:50 - 2015-05-07 13:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys
2015-05-07 13:49 - 2015-05-07 13:49 - 00253920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys
2015-05-07 13:49 - 2015-05-07 13:49 - 00220128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2015-05-07 12:07 - 2015-05-26 10:51 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F7463E1-A7A9-46AF-B237-0305C22DE536}
2015-05-07 12:06 - 2015-05-07 12:06 - 00000000 __SHD () C:\Users\greg\AppData\Local\EmieUserList
2015-05-07 12:06 - 2015-05-07 12:06 - 00000000 __SHD () C:\Users\greg\AppData\Local\EmieSiteList
2015-05-07 12:06 - 2015-05-07 12:06 - 00000000 __SHD () C:\Users\greg\AppData\Local\EmieBrowserModeList
2015-05-07 11:40 - 2015-05-07 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-05-07 11:40 - 2015-05-07 11:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-05-07 11:31 - 2015-05-07 11:31 - 00000386 _____ () C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SD STICK (E).lnk
2015-05-06 17:36 - 2015-05-06 17:36 - 00001776 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-06 17:36 - 2015-05-06 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-06 17:35 - 2015-05-06 17:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-06 17:35 - 2015-05-06 17:35 - 00000000 ____D () C:\Program Files\iPod
2015-05-06 17:35 - 2015-05-06 17:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-06 17:33 - 2015-05-06 17:33 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-06 17:33 - 2015-05-06 17:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2015-05-06 17:33 - 2015-05-06 17:33 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-06 16:26 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2015-05-06 16:24 - 2015-05-10 19:10 - 00000000 ____D () C:\Program Files\iTunes
2015-05-05 22:57 - 2015-05-11 12:37 - 00000000 ____D () C:\Users\greg\mitchells port headland
2015-05-05 22:57 - 2015-05-06 13:43 - 00000000 ____D () C:\Users\greg\MIXED PHOTOS 2014
2015-05-05 22:57 - 2015-05-06 13:43 - 00000000 ____D () C:\Users\greg\ike my best mate (rip)
2015-05-05 19:42 - 2015-06-03 00:19 - 00000000 ___RD () C:\Users\greg\OneDrive
2015-05-05 16:06 - 2015-05-05 16:06 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2015-05-05 16:05 - 2015-05-05 16:05 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2015-05-05 16:05 - 2012-09-21 09:33 - 00321024 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_BOL.dll
2015-05-05 16:05 - 2012-05-25 09:21 - 00103936 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_BOU.dll
2015-05-05 16:05 - 2012-05-15 16:03 - 00096512 _____ () C:\WINDOWS\SysWOW64\CNC1769D.TBL
2015-05-05 16:05 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2015-05-05 16:03 - 2015-05-05 16:03 - 00002052 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2015-05-05 15:58 - 2015-05-05 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-05-05 15:58 - 2015-05-05 16:04 - 00000000 ____D () C:\Program Files\Canon
2015-05-05 15:57 - 2015-05-05 15:57 - 00002389 _____ () C:\Users\Public\Desktop\Canon MX520 series On-screen Manual.lnk
2015-05-05 15:57 - 2015-05-05 15:57 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-05-05 15:57 - 2015-05-05 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX520 series Manual
2015-05-05 15:55 - 2015-05-05 15:56 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-05-05 15:08 - 2015-06-01 12:12 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-05-05 14:47 - 2015-05-05 14:47 - 00000000 ____D () C:\WINDOWS\SysWOW64\STRING
2015-05-04 20:51 - 2015-05-05 15:42 - 00000000 ____D () C:\Users\greg\AppData\Roaming\Canon
2015-05-04 20:51 - 2015-05-04 20:51 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2015-05-04 20:44 - 2015-05-05 16:03 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2015-05-04 20:31 - 2015-05-04 20:31 - 00000000 ____D () C:\WINDOWS\system32\STRING
2015-05-04 20:31 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\WINDOWS\system32\CNCALBO.DLL
2015-05-04 20:31 - 2012-07-31 17:18 - 00359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2015-05-04 20:31 - 2012-07-31 17:18 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2015-05-04 20:31 - 2012-07-31 17:17 - 00366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2015-05-04 20:29 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBO.DLL
2015-05-04 20:22 - 2015-05-05 16:07 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-05-04 20:22 - 2015-05-04 20:22 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2015-05-04 14:14 - 2015-05-04 14:14 - 00293856 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpa.sys
2015-05-04 10:42 - 2015-05-12 09:00 - 00000000 ____D () C:\Users\greg\AppData\Roaming\EssentialGrammarInUse
2015-05-04 10:42 - 2015-05-04 10:42 - 00000000 ____D () C:\Users\greg\AppData\Roaming\cld3-lookup
2015-05-04 10:41 - 2015-05-04 10:41 - 00000000 __RHD () C:\Users\greg\AppData\Roaming\SecuROM
2015-05-04 10:39 - 2015-05-04 10:39 - 00002358 _____ () C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essential Grammar in Use.lnk
2015-05-04 10:38 - 2015-05-04 10:38 - 00000000 ____D () C:\Program Files (x86)\Cambridge

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 00:33 - 2013-08-22 21:25 - 11272192 ___SH () C:\WINDOWS\system32\config\BBI
2015-06-03 00:20 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-06-03 00:19 - 2015-05-02 12:53 - 00000000 ____D () C:\Users\greg
2015-06-03 00:17 - 2015-05-02 21:53 - 00004978 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for REDMACK620-greg REDMACK620
2015-06-03 00:17 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-06-02 23:25 - 2015-05-01 21:05 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-02 23:00 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-06-02 19:21 - 2014-11-21 16:44 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-01 12:12 - 2015-05-01 14:39 - 00000438 _____ () C:\WINDOWS\Tasks\DriverUpdate Startup.job
2015-05-30 23:30 - 2015-05-01 13:41 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1144771067-2304087280-3493909680-1002
2015-05-30 19:21 - 2015-05-01 14:45 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-30 16:35 - 2015-05-02 12:53 - 00000000 ____D () C:\Users\Guest
2015-05-30 16:35 - 2015-05-02 12:53 - 00000000 ____D () C:\Users\Administrator
2015-05-29 23:17 - 2015-05-01 17:46 - 00000000 ____D () C:\Program Files\Recuva
2015-05-28 12:51 - 2015-05-01 13:25 - 00000000 ____D () C:\Users\greg\AppData\Local\Packages
2015-05-24 11:14 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-23 11:42 - 2012-07-26 15:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-23 11:41 - 2015-05-03 04:10 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-23 11:41 - 2015-05-03 04:10 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-22 16:39 - 2015-05-01 14:39 - 00000492 _____ () C:\WINDOWS\Tasks\DriverUpdate Scan.job
2015-05-22 11:11 - 2015-05-01 14:51 - 00000992 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-22 11:11 - 2015-05-01 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-22 11:06 - 2015-05-02 19:03 - 00000000 ____D () C:\Users\greg\AppData\Local\Avg
2015-05-20 18:16 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-20 10:01 - 2015-05-01 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-19 14:26 - 2015-05-02 01:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-19 10:01 - 2015-05-01 21:02 - 00000000 ____D () C:\Users\greg\AppData\Local\Adobe
2015-05-19 09:41 - 2015-05-01 21:05 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-05-19 09:08 - 2015-05-02 18:57 - 00002050 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-05-19 09:08 - 2013-03-31 12:47 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-16 16:39 - 2013-08-22 22:44 - 00482672 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-15 11:31 - 2015-05-01 21:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-14 17:54 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 17:53 - 2013-08-22 21:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 17:32 - 2015-05-02 03:48 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 17:27 - 2015-05-02 03:48 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 17:17 - 2014-11-21 16:25 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 13:53 - 2014-09-09 14:13 - 00000000 __RHD () C:\MSOCache
2015-05-10 21:03 - 2015-05-01 14:39 - 00000000 ____D () C:\Users\greg\AppData\Local\CrashDumps
2015-05-07 12:03 - 2015-05-02 14:12 - 00000000 ____D () C:\Users\greg\AppData\Roaming\Apple Computer
2015-05-07 11:40 - 2015-05-01 21:05 - 00001958 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-05-07 11:40 - 2015-05-01 21:05 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-05-06 17:32 - 2015-05-02 14:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-06 17:31 - 2015-05-02 14:06 - 00000000 ____D () C:\ProgramData\Apple
2015-05-06 15:05 - 2015-05-03 04:33 - 00000000 ___DC () C:\WINDOWS\Panther
2015-05-06 15:05 - 2013-08-22 21:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-05-06 13:03 - 2012-07-26 16:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-05-06 01:59 - 2014-11-22 00:03 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-06 01:59 - 2014-11-22 00:03 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-05 21:13 - 2015-05-01 13:27 - 00000000 ____D () C:\Users\greg\AppData\Local\VirtualStore
2015-05-05 16:05 - 2013-08-22 23:36 - 00000000 __RSD () C:\WINDOWS\Media

==================== Files in the root of some directories =======

2015-05-07 13:58 - 2015-05-20 17:25 - 0007594 _____ () C:\Users\greg\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-22 18:00

==================== End of log ============================

Twinfire

Posts: 53 +0

Jun 2, 2015

#2

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by greg at 2015-06-03 00:44:16
Running from C:\Users\greg\OneDrive\Pictures\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1144771067-2304087280-3493909680-500 - Administrator - Disabled) => C:\Users\Administrator
greg (S-1-5-21-1144771067-2304087280-3493909680-1002 - Administrator - Enabled) => C:\Users\greg
Guest (S-1-5-21-1144771067-2304087280-3493909680-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1144771067-2304087280-3493909680-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.8 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Aurora 29.0a2 (x86 en-US) (HKLM-x32\...\Aurora 29.0a2 (x86 en-US)) (Version: 29.0a2 - Mozilla)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4354 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX520 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX520_series) (Version: 1.00 - Canon Inc.)
Canon MX520 series On-screen Manual (HKLM-x32\...\Canon MX520 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Clickfree (HKLM-x32\...\{1EB9B986-CECA-4E05-B454-C9343EE9DDE7}) (Version: 3.16.449.0 - Clickfree Automatic Backup)
DriverUpdate (HKLM-x32\...\{9DE6EA82-B1F4-4156-9565-B38A1AA2D924}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
DTS Sound (HKLM-x32\...\{5A5BA3BD-630B-4707-A46C-788CF6A82AD9}) (Version: 1.00.0057 - DTS, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Essential Grammar in Use (HKLM-x32\...\{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}) (Version: 1.00.0000 - Cambridge)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
File Scavenger 4.1 (en) (HKLM-x32\...\QueTek File Scavenger 4.1 (en)) (Version: 4.1.1.0 - QueTek Consulting Corporation)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41504) (Version: 3.8.0.41504.23 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mavis Beacon Teaches Typing Deluxe 17 (HKLM-x32\...\{777A3891-D6D4-4C83-9367-FA45D40D40F3}) (Version: 17.00 - Broderbund Software)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobiiHotspot 4G (HKLM-x32\...\MobiiHotspot 4G) (Version: 1.12.00.1020 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.4 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.4 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6629.6406 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.0.0001 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.0.0.7 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.5.03 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
TypeFaster Typing Tutor (HKLM-x32\...\TypeFaster) (Version: - )
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

19-05-2015 10:40:17 Scheduled Checkpoint
23-05-2015 11:39:53 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0892901B-0C25-4A61-9E18-F66FD1D68D6F} - System32\Tasks\TOSHIBA\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-04-30] (Adobe Systems Incorporated)
Task: {228218F2-C530-414B-9194-FE42960C55EC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2A1BCFBB-0A7E-4532-A9A3-66891B1CED05} - System32\Tasks\Microsoft Office 15 Sync Maintenance for REDMACK620-greg REDMACK620 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-02] (Microsoft Corporation)
Task: {3A7A3B86-8A20-4904-92C3-603A003AC74E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {3E6453B0-85CF-4E82-A65A-4D6235EEF91E} - System32\Tasks\TOSHIBA\TSleepSrv => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [2013-03-05] (TOSHIBA Corporation)
Task: {53B65EDC-9043-41FB-BE99-BFDCABC12424} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2012-07-12] (TOSHIBA Corporation)
Task: {548DD8EB-A46D-4815-86EB-7FB7417FF09C} - System32\Tasks\DriverUpdate Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2015-04-02] (SlimWare Utilities, Inc.)
Task: {66333A93-97FA-4063-8A8C-2BEB4939D462} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {6773E157-788D-42B0-8CBF-1E4F9F445434} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {82AF1A44-4104-483F-A9AB-317FC5F4EBE7} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {86D6C3F0-C864-4C9B-B35B-89930C362B9D} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {9C102E93-7053-4CA4-872B-7EA2CF9B7C25} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-19] (Adobe Systems Incorporated)
Task: {B6075E41-569B-4FFA-B560-ECE75C45E7EF} - System32\Tasks\TOSHIBA\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-20] (Adobe Systems Incorporated)
Task: {BA4D45E2-2143-4F63-B4E5-8B161EC28E36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {C20CB1BE-F0F0-4786-A2DE-7613D7F53BE0} - System32\Tasks\{28B6EE38-811B-4F16-9FDA-6C4CEDCAF2B2} => pcalua.exe -a "C:\Users\greg\Programs\Uninstall Information\Art Plus\apui4.exe" -c /file:"C:\Users\greg\OneDrive\Pictures\Desktop\DPR\dpr.xui"
Task: {C9F1A40B-B79C-485A-8E84-C5735659F290} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {D0CA5739-6AA7-4EEE-BC45-6A18D4EE03F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-15] (Microsoft Corporation)
Task: {D2ED73B7-9E85-44B5-B7A8-BCA88A8554AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EAC8B3E8-0866-4691-BAD9-0ADFC9C46E98} - System32\Tasks\TOSHIBA\TODDMain => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [2012-08-05] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverUpdate Scan.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-01 23:33 - 2015-05-02 02:36 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9
AlternateDataStreams: C:\Users\greg\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR430 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR430.SYS => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\greg\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: avgfws => 2
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CFUACProxy_boxsoftware => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: dts_apo_service => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: HWDeviceService64.exe => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: TMachInfo => 3
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: TPCHSrv => 3
MSCONFIG\Services: UNS => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SacReminderBOX"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{73279ADA-2BA1-49DD-B735-648B8BDB35DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D294C3FF-742F-4C6D-8C03-3884D789AA32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A84A61C9-61A9-4F3E-B6FF-96A691DCE1C1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{805A6CAC-66BB-4C30-B9F8-599897C1017F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{2110D0AF-95F8-4646-9553-1B6CF9C8355A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3F4A7174-A131-4E17-ACB0-E55D50EF9403}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{603D064C-00E3-4851-BABD-52A8ACF6D7E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D3B864AE-D537-45EA-9521-C2FFF25E936F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FE2779A9-0E46-4AB8-988C-3FA6947D7C76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7B26CD1A-F1F9-4F20-A1B0-1B122AAD040D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{39262AD9-BAAD-46BA-89B1-C824270C9E06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DDA6948D-47A8-40A0-8B02-D3CDE587EF6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90BF9C5A-7661-4778-9AC7-E5B2FEA5EDC9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{56677E13-5924-4CCF-9DED-C0C7AFA5F8B4}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{BC8B9506-A7AA-48F9-A374-938C59CCDCDC}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{3799FAB3-4E74-4EAE-B3B2-CF7A71343D6D}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsiFD98.tmp\CnetInstaller-75715872.exe
FirewallRules: [{85FC4D74-E077-4FE0-A9F7-8B6A171ED648}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsiFD98.tmp\CnetInstaller-75715872.exe
FirewallRules: [{7629C29E-AECC-45CB-B387-DF7D00B99E43}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsaAFFE.tmp\CnetInstaller-10441764.exe
FirewallRules: [{DF5C07D0-C7B5-47CC-81C2-3A5062A29941}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsaAFFE.tmp\CnetInstaller-10441764.exe
FirewallRules: [{47B90EF5-0572-48E7-A077-70628CA45C30}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{8E371A53-0B2C-412F-995F-BAFBC8D5D32C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{6A43F73E-17B3-4104-BF54-470C826971EE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{70F1992E-12D1-4A00-8741-055B7B4E4351}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{33D6F97E-4401-47D5-BEDA-B9BD72D02F9C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{4B2C3049-C6D1-4843-AE0F-BF0AAAA80D02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2015 00:34:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/03/2015 00:31:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/03/2015 00:23:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/03/2015 00:23:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/03/2015 00:19:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/03/2015 00:16:39 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/02/2015 08:13:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/02/2015 08:08:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/02/2015 08:07:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/02/2015 08:07:01 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

System errors:
=============
Error: (06/03/2015 00:44:17 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/03/2015 00:44:17 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/03/2015 00:43:38 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/03/2015 00:43:38 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/03/2015 00:43:30 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/03/2015 00:43:18 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/03/2015 00:43:16 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/03/2015 00:43:16 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/03/2015 00:43:12 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/03/2015 00:43:12 AM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Microsoft Office:
=========================
Error: (06/03/2015 00:34:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/03/2015 00:31:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/03/2015 00:23:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/03/2015 00:23:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/03/2015 00:19:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/03/2015 00:16:39 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/02/2015 08:13:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestc:\users\greg\onedrive\pictures\desktop\esetsmartinstaller_enu.exe

Error: (06/02/2015 08:08:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestc:\users\greg\onedrive\pictures\desktop\esetsmartinstaller_enu.exe

Error: (06/02/2015 08:07:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (06/02/2015 08:07:01 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\windowsapps\codefromhome.spellit_1.2.0.15_x64__2rj187fe1jahy\SpellItJupiter.exec:\program files\windowsapps\codefromhome.spellit_1.2.0.15_x64__2rj187fe1jahy\SpellItJupiter.exe1

CodeIntegrity Errors:
===================================
Date: 2015-05-30 21:19:45.747
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-30 21:08:44.637
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-30 21:04:31.375
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 3960.15 MB
Available physical RAM: 2675.21 MB
Total Pagefile: 6776.15 MB
Available Pagefile: 5569.03 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (TI31053700C) (Fixed) (Total:682.69 GB) (Free:626.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

Broni

Posts: 56,041 +516

Jun 2, 2015

#3

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=======================================

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
- Launch Malwarebytes Anti-Malware
- A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Twinfire

Posts: 53 +0

Jun 3, 2015

#4

Hello Broni, your time and effort are greatly appreciated.

As requested here are the logs. More posts to follow.

RogueKiller V10.8.1.0 [Jun 3 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9600 ) 64 bits version
Started in : Safe mode with network support
User : greg [Administrator]
Started from : C:\Users\greg\OneDrive\Pictures\Desktop\RogueKiller.exe
Mode : Delete -- Date : 06/03/2015 23:04:56

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PCSUUCDRV -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCSUUCDRV -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1144771067-2304087280-3493909680-1002\Software\Microsoft\Internet Explorer\Main |

Default_Page_URL : http://toshiba13.msn.com -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1144771067-2304087280-3493909680-1002\Software\Microsoft\Internet Explorer\Main |

Default_Page_URL : http://toshiba13.msn.com -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [X]

-> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 [(Private

Address) (XX)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1D79C19F-2DD2-447C-

A9EF-4B7D6F2787A6} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Not selected
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1D79C19F-2DD2-447C-A9EF-

4B7D6F2787A6} | DhcpNameServer : 10.0.0.138 [(Private Address) (XX)] -> Not selected
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System |

ConsentPromptBehaviorAdmin : 0 -> Not selected
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System |

ConsentPromptBehaviorAdmin : 0 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABD075 +++++
--- User ---
[MBR] a84dd93b5b19931ceaddbccc47850486
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1024 MB
1 - [MAN-MOUNT] Basic data partition | Offset (sectors): 2099200 | Size: 260 MB
2 - [MAN-MOUNT] Basic data partition | Offset (sectors): 2631680 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2893824 | Size: 699074 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1434597376 | Size: 451 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1435521024 | Size: 350 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1436237824 | Size: 14116 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_06032015_191840.log - RKreport_DEL_06032015_192048.log - RKreport_SCN_06032015_225536.log

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/06/2015
Scan Time: 7:29:08 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.06.03.02
Rootkit Database: v2015.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: greg

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 476529
Time Elapsed: 22 min, 8 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EF860DF9-0DB4-4950-8BE1-CEC61189B9FF}, Quarantined, [f35bf0c6c0cae5518e2d10d7a360a65a],

Registry Values: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EF860DF9-0DB4-4950-8BE1-CEC61189B9FF}|URL, https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}, Quarantined, [f35bf0c6c0cae5518e2d10d7a360a65a]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 3
PUP.Optional.Proinstall, C:\$Recycle.Bin\S-1-5-21-1144771067-2304087280-3493909680-1002\$R7F47MM\MBTT Dlx 17 Setup-40069288.exe, Quarantined, [81cd5b5bbad041f5f42c1737cb379868],
PUP.Optional.Proinstall, C:\$Recycle.Bin\S-1-5-21-1144771067-2304087280-3493909680-1002\$R7F47MM\WDRSetup-39912922.exe, Quarantined, [cb83833327630c2a73adc98506fcd22e],
PUP.Optional.Spigot.A, C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://au.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=")

, Replaced,[09457e38afdb74c2a1fc85ec23e3d42c]

Physical Sectors: 0
(No malicious items detected)

(end)

Broni

Posts: 56,041 +516

Jun 3, 2015

#5

Go on.

Please disable "word wrap" in Notepad because some of your logs are hard to read.

Twinfire

Posts: 53 +0

Jun 4, 2015

#6

Ok,

I have encountered another issue that seems impossible for me but for you...?

I have reached the AdwCleaner part of the process. I have run the scan, AdwCleaner needed to restart after the scan to generate the report. As I can only run this machine in SafeMode the AdwCleaner report did not generate.

Restarted the machine in Normal mode, a report was generated but the desktop was taken over by the "you are infected" pop up

I have tried to search for the text document within this machine to no avail. The internet fails me too.

What can I do?

Broni

Posts: 56,041 +516

Jun 5, 2015

#7

Re-run AdwCleaner.

Broni

Posts: 56,041 +516

Jun 9, 2015

#8

Still with me?

Twinfire

Posts: 53 +0

Jun 13, 2015

#9

Hello Broni, yes still with you.

Twinfire

Posts: 53 +0

Jun 13, 2015

#10

# AdwCleaner v4.206 - Logfile created 13/06/2015 at 20:05:09
# Updated 01/06/2015 by Xplode
# Database : 2015-06-09.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : greg - REDMACK620
# Running from : C:\Users\greg\OneDrive\Pictures\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v38.0.5 (x86 en-US)

[uvn7m32o.default\prefs.js] - Line Deleted : user_pref("extensions.CensureBlock.Subs_Rgxp_Block_URLspecAhrefIMGsrc", "\\.(?

?:18123214069666\\d-)\\Da(?:a?-aabbydamdorablelexm(?:andaatoe?rbery)n(?:dreaettgelinanieus)propos[...]

*************************

AdwCleaner[R0].txt - [3066 bytes] - [01/06/2015 12:25:43]
AdwCleaner[R1].txt - [1141 bytes] - [05/06/2015 01:16:21]
AdwCleaner[R2].txt - [1223 bytes] - [13/06/2015 19:59:39]
AdwCleaner[S0].txt - [2619 bytes] - [01/06/2015 12:39:45]
AdwCleaner[S1].txt - [965 bytes] - [05/06/2015 01:27:14]
AdwCleaner[S2].txt - [1137 bytes] - [13/06/2015 20:05:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1196 bytes] ##########

Twinfire

Posts: 53 +0

Jun 13, 2015

#11

The previous post was the second attempt at running AdwCleaner.

Here is the original report Adwcleaner(S1).txt

# AdwCleaner v4.206 - Logfile created 05/06/2015 at 01:27:14
# Updated 01/06/2015 by Xplode
# Database : 2015-06-01.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : greg - REDMACK620
# Running from : C:\Users\greg\OneDrive\Pictures\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

Task Deleted : driverupdate startup

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v38.0.5 (x86 en-US)

*************************

AdwCleaner[R0].txt - [3066 bytes] - [01/06/2015 12:25:43]
AdwCleaner[R1].txt - [1141 bytes] - [05/06/2015 01:16:21]
AdwCleaner[S0].txt - [2619 bytes] - [01/06/2015 12:39:45]
AdwCleaner[S1].txt - [828 bytes] - [05/06/2015 01:27:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [886 bytes] ##########

Twinfire

Posts: 53 +0

Jun 13, 2015

#12

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.3 (06.13.2015:1)
OS: Windows 8.1 x64
Ran by greg on Sat 13/06/2015 at 20:43:40.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\DriverUpdate Scan
Successfully deleted: [Task] C:\WINDOWS\tasks\DriverUpdate Scan.job

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\users\public\desktop\driverupdate.lnk

~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\driverupdate
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\driverupdate
Successfully deleted: [Folder] C:\Users\greg\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Users\greg\appdata\local\slimware utilities inc

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 13/06/2015 at 20:45:21.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Broni

Posts: 56,041 +516

Jun 13, 2015

#13

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double-click to run it. When the tool opens click Yes to disclaimer.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

Twinfire

Posts: 53 +0

Jun 14, 2015

#14

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by greg (administrator) on REDMACK620 on 14-06-2015 18:38:38
Running from C:\Users\greg\OneDrive\Pictures\Desktop
Loaded Profiles: greg (Available Profiles: greg & Administrator & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-04-01] (NVIDIA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2717176 2013-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [SacReminderBOX] => C:\ProgramData\Clickfree\BoxSoftware\reminder\SacReminder.exe [567120 2011-11-02] (SAC)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-05] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-20] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\MountPoints2: {394aaf3d-1ef3-11e4-bf36-24fd524d85ec} - "E:\AutoRun.exe"
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\MountPoints2: {495dbc98-f088-11e4-824f-24fd524d85ec} - "F:\AutoRun.exe"
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177624 2015-04-01] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-04-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164752 2015-04-01] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartUtilityUpdate.lnk [2015-05-10]
ShortcutTarget: SmartUtilityUpdate.lnk -> C:\Users\greg\AppData\Local\SmartUtilityUpdate\SmartUtilityUpdate.exe (TechnoChrome LLC)
Startup: C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-05-14]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.mytoshiba.com.au/start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1144771067-2304087280-3493909680-1002 -> {D0AD99D8-2C60-445A-B109-B7F58CA460CC} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-02] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-02] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Keyword.URL: https://au.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-02] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Extension: auto-plugin-checker - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\auto-plugin-checker@jetpack.xpi [2015-05-19]
FF Extension: CensureBlock - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\censureblock@gmail.com.xpi [2015-05-02]
FF Extension: Strict Pop-up Blocker - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2015-05-02]
FF Extension: Adblock Plus - C:\Users\greg\AppData\Roaming\Mozilla\Firefox\Profiles\uvn7m32o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-02]
FF HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S4 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1522664 2015-05-18] (AVG Technologies CZ, s.r.o.)
S4 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
S4 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S4 CFUACProxy_boxsoftware; C:\ProgramData\Clickfree\BoxSoftware\UACProxy.exe [83792 2011-11-02] (Storage Appliance Corp.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S4 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-03-26] ()
S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-11] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-11] (Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-27] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165488 2012-12-19] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-03-27] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-05-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-05-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [293856 2015-05-04] (AVG Technologies CZ, s.r.o.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
S1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [56680 2015-05-10] (Kingsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [110976 2013-03-26] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-08-01] (Windows (R) Win 7 DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-03] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-05-03] (Microsoft Corporation)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 18:18 - 2015-06-14 18:23 - 00000154 _____ C:\WINDOWS\setupact.log
2015-06-14 18:18 - 2015-06-14 18:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-13 20:43 - 2015-06-13 20:43 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-REDMACK620-Windows-8.1-(64-bit).dat
2015-06-13 20:43 - 2015-06-13 20:43 - 00000000 ____D C:\RegBackup
2015-06-03 23:32 - 2015-06-03 23:32 - 00002113 _____ C:\mbamscan.txt
2015-06-03 23:05 - 2015-06-03 23:05 - 00003233 _____ C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\RKreport_DEL_06032015_230456.log
2015-06-03 19:28 - 2015-06-03 23:09 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 19:24 - 2015-06-03 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-03 19:24 - 2015-06-03 19:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-03 19:24 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-03 19:24 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-03 19:12 - 2015-06-03 22:51 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-06-03 19:12 - 2015-06-03 19:14 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-03 01:02 - 2015-06-03 19:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-03 00:43 - 2015-06-14 18:38 - 00000000 ____D C:\FRST
2015-06-03 00:34 - 2015-06-03 00:34 - 00000000 ____D C:\NPE
2015-06-03 00:29 - 2015-06-14 18:34 - 00000000 ____D C:\Users\greg\AppData\Local\NPE
2015-06-03 00:17 - 2015-06-13 20:16 - 00153302 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-01 15:45 - 2015-06-01 15:45 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-01 12:25 - 2015-06-13 20:05 - 00000000 ____D C:\AdwCleaner
2015-06-01 12:18 - 2015-06-03 19:24 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-01 12:18 - 2015-06-03 19:24 - 00000000 ____D C:\Users\greg\AppData\Roaming\Malwarebytes
2015-06-01 12:18 - 2015-06-03 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-01 12:18 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-30 19:30 - 2015-05-30 19:30 - 00000000 ____D C:\WINDOWS\pss
2015-05-30 10:07 - 2015-05-30 10:07 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2015-05-30 00:23 - 2015-05-30 00:30 - 00000000 ____D C:\Users\greg\Camera Roll
2015-05-20 03:03 - 2015-05-20 03:04 - 171245482 _____ C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\Recovery Session File # Wed, 20-May-2015[3 3 52].rrs4
2015-05-20 02:54 - 2015-05-20 02:54 - 00000000 ____D C:\Unformat_Images
2015-05-20 02:51 - 2015-05-20 02:51 - 00003252 _____ C:\WINDOWS\System32\Tasks\{28B6EE38-811B-4F16-9FDA-6C4CEDCAF2B2}
2015-05-19 14:48 - 2015-05-19 16:04 - 00000000 ____D C:\ProgramData\Protexis
2015-05-19 14:46 - 2015-05-19 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broderbund
2015-05-19 14:45 - 2015-05-19 14:45 - 00000000 ____D C:\ProgramData\Broderbund
2015-05-19 14:45 - 2015-05-19 14:45 - 00000000 ____D C:\Program Files (x86)\Broderbund
2015-05-19 11:01 - 2015-05-19 11:01 - 00000000 ____D C:\Users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TypeFaster
2015-05-19 11:01 - 2015-05-19 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TypeFaster
2015-05-19 11:01 - 2015-05-19 11:01 - 00000000 ____D C:\Program Files (x86)\TypeFaster
2015-05-18 14:24 - 2015-05-18 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Scavenger 4.1
2015-05-18 14:24 - 2015-05-18 14:24 - 00000000 ____D C:\Program Files (x86)\File Scavenger 4.1
2015-05-18 11:37 - 2015-05-20 10:01 - 00000000 ____D C:\Program Files (x86)\Convar
2015-05-18 11:29 - 2015-05-18 11:29 - 00000000 ____D C:\Program Files\EaseUS
2015-05-18 11:19 - 2015-05-18 11:19 - 00000000 ____D C:\Program Files (x86)\CodeMeter
2015-05-17 16:18 - 2015-05-17 16:19 - 171088206 _____ C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\Recovery Session File # Sun, 17-May-2015[16 18 52].rrs4
2015-05-17 16:15 - 2015-05-20 03:14 - 00000000 ____D C:\ProgramData\TEMP
2015-05-17 16:14 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2015-05-17 16:03 - 2015-05-17 16:03 - 00000000 ____D C:\Program Files (x86)\IUWEshare
2015-05-17 15:42 - 2015-05-17 15:42 - 00000000 ____D C:\Users\greg\AppData\Roaming\AmazingFileRecovery
2015-05-16 22:30 - 2015-05-16 22:30 - 00000000 ___HD C:\$AVG-SHREDDER-TMP-72ec5905-f21e-434b-9df8-3a3ecd072211
2015-05-16 13:06 - 2015-05-16 13:06 - 00000000 ____D C:\Users\greg\OneDrive\Pictures\Desktop\Documents\Documents\002GJN
2015-05-15 14:41 - 2015-05-15 14:41 - 00000000 ___HD C:\$AVG-SHREDDER-TMP-9b6fb606-a48c-4705-a2d4-1453ec417a5a

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 18:24 - 2013-08-22 22:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-13 20:54 - 2013-08-22 21:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-13 20:17 - 2014-11-21 16:44 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-13 20:15 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-13 20:13 - 2015-05-05 19:42 - 00000000 ___RD C:\Users\greg\OneDrive
2015-06-05 09:25 - 2015-05-01 21:05 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-05 09:07 - 2015-05-02 12:53 - 00000000 ____D C:\Users\greg
2015-06-05 09:00 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-03 19:06 - 2015-05-01 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 00:17 - 2015-05-02 21:53 - 00004978 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for REDMACK620-greg REDMACK620
2015-06-01 12:12 - 2015-05-05 15:08 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-05-30 23:30 - 2015-05-01 13:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1144771067-2304087280-3493909680-1002
2015-05-30 19:21 - 2015-05-01 14:45 - 00000000 ____D C:\ProgramData\MFAData
2015-05-30 16:35 - 2015-05-02 12:53 - 00000000 ____D C:\Users\Guest
2015-05-30 16:35 - 2015-05-02 12:53 - 00000000 ____D C:\Users\Administrator
2015-05-29 23:17 - 2015-05-01 17:46 - 00000000 ____D C:\Program Files\Recuva
2015-05-28 12:51 - 2015-05-01 13:25 - 00000000 ____D C:\Users\greg\AppData\Local\Packages
2015-05-26 10:51 - 2015-05-07 12:07 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F7463E1-A7A9-46AF-B237-0305C22DE536}
2015-05-24 11:14 - 2013-08-22 21:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-05-23 11:42 - 2012-07-26 15:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-05-23 11:41 - 2015-05-03 04:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-23 11:41 - 2015-05-03 04:10 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-22 11:11 - 2015-05-01 14:51 - 00000992 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-22 11:11 - 2015-05-01 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-22 11:06 - 2015-05-02 19:03 - 00000000 ____D C:\Users\greg\AppData\Local\Avg
2015-05-20 18:16 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-20 17:25 - 2015-05-07 13:58 - 00007594 _____ C:\Users\greg\AppData\Local\Resmon.ResmonCfg
2015-05-19 10:01 - 2015-05-01 21:02 - 00000000 ____D C:\Users\greg\AppData\Local\Adobe
2015-05-19 09:41 - 2015-05-01 21:05 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-05-19 09:08 - 2015-05-02 18:57 - 00002050 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-05-19 09:08 - 2013-03-31 12:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-16 16:39 - 2013-08-22 22:44 - 00482672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-15 11:31 - 2015-05-01 21:20 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2015-05-07 13:58 - 2015-05-20 17:25 - 0007594 _____ () C:\Users\greg\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\greg\AppData\Local\Temp\Quarantine.exe
C:\Users\greg\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-22 18:00

==================== End of log ============================

Twinfire

Posts: 53 +0

Jun 14, 2015

#15

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by greg at 2015-06-14 18:39:09
Running from C:\Users\greg\OneDrive\Pictures\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1144771067-2304087280-3493909680-500 - Administrator - Disabled) => C:\Users\Administrator
greg (S-1-5-21-1144771067-2304087280-3493909680-1002 - Administrator - Enabled) => C:\Users\greg
Guest (S-1-5-21-1144771067-2304087280-3493909680-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1144771067-2304087280-3493909680-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.8 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Aurora 29.0a2 (x86 en-US) (HKLM-x32\...\Aurora 29.0a2 (x86 en-US)) (Version: 29.0a2 - Mozilla)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4354 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX520 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX520_series) (Version: 1.00 - Canon Inc.)
Canon MX520 series On-screen Manual (HKLM-x32\...\Canon MX520 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Clickfree (HKLM-x32\...\{1EB9B986-CECA-4E05-B454-C9343EE9DDE7}) (Version: 3.16.449.0 - Clickfree Automatic Backup)
DriverUpdate (HKLM-x32\...\{9DE6EA82-B1F4-4156-9565-B38A1AA2D924}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
DTS Sound (HKLM-x32\...\{5A5BA3BD-630B-4707-A46C-788CF6A82AD9}) (Version: 1.00.0057 - DTS, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Essential Grammar in Use (HKLM-x32\...\{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}) (Version: 1.00.0000 - Cambridge)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
File Scavenger 4.1 (en) (HKLM-x32\...\QueTek File Scavenger 4.1 (en)) (Version: 4.1.1.0 - QueTek Consulting Corporation)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41504) (Version: 3.8.0.41504.23 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mavis Beacon Teaches Typing Deluxe 17 (HKLM-x32\...\{777A3891-D6D4-4C83-9367-FA45D40D40F3}) (Version: 17.00 - Broderbund Software)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobiiHotspot 4G (HKLM-x32\...\MobiiHotspot 4G) (Version: 1.12.00.1020 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.4 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.4 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6629.6406 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.0.0001 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.0.0.7 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.5.03 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
TypeFaster Typing Tutor (HKLM-x32\...\TypeFaster) (Version: - )
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

19-05-2015 10:40:17 Scheduled Checkpoint
23-05-2015 11:39:53 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0892901B-0C25-4A61-9E18-F66FD1D68D6F} - System32\Tasks\TOSHIBA\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-04-30] (Adobe Systems Incorporated)
Task: {228218F2-C530-414B-9194-FE42960C55EC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2A1BCFBB-0A7E-4532-A9A3-66891B1CED05} - System32\Tasks\Microsoft Office 15 Sync Maintenance for REDMACK620-greg REDMACK620 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-02] (Microsoft Corporation)
Task: {3A7A3B86-8A20-4904-92C3-603A003AC74E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {3E6453B0-85CF-4E82-A65A-4D6235EEF91E} - System32\Tasks\TOSHIBA\TSleepSrv => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [2013-03-05] (TOSHIBA Corporation)
Task: {53B65EDC-9043-41FB-BE99-BFDCABC12424} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2012-07-12] (TOSHIBA Corporation)
Task: {548DD8EB-A46D-4815-86EB-7FB7417FF09C} - \DriverUpdate Scan No Task File <==== ATTENTION
Task: {66333A93-97FA-4063-8A8C-2BEB4939D462} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {6773E157-788D-42B0-8CBF-1E4F9F445434} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {82AF1A44-4104-483F-A9AB-317FC5F4EBE7} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {86D6C3F0-C864-4C9B-B35B-89930C362B9D} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {9C102E93-7053-4CA4-872B-7EA2CF9B7C25} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-19] (Adobe Systems Incorporated)
Task: {B6075E41-569B-4FFA-B560-ECE75C45E7EF} - System32\Tasks\TOSHIBA\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-20] (Adobe Systems Incorporated)
Task: {BA4D45E2-2143-4F63-B4E5-8B161EC28E36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {C20CB1BE-F0F0-4786-A2DE-7613D7F53BE0} - System32\Tasks\{28B6EE38-811B-4F16-9FDA-6C4CEDCAF2B2} => pcalua.exe -a "C:\Users\greg\Programs\Uninstall Information\Art Plus\apui4.exe" -c /file:"C:\Users\greg\OneDrive\Pictures\Desktop\DPR\dpr.xui"
Task: {C9F1A40B-B79C-485A-8E84-C5735659F290} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {D0CA5739-6AA7-4EEE-BC45-6A18D4EE03F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-15] (Microsoft Corporation)
Task: {D2ED73B7-9E85-44B5-B7A8-BCA88A8554AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EAC8B3E8-0866-4691-BAD9-0ADFC9C46E98} - System32\Tasks\TOSHIBA\TODDMain => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [2012-08-05] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-01 23:33 - 2015-05-02 02:36 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9
AlternateDataStreams: C:\Users\greg\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR430 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\greg\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: avgfws => 2
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CFUACProxy_boxsoftware => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: dts_apo_service => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: HWDeviceService64.exe => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: TMachInfo => 3
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: TPCHSrv => 3
MSCONFIG\Services: UNS => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SacReminderBOX"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{73279ADA-2BA1-49DD-B735-648B8BDB35DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D294C3FF-742F-4C6D-8C03-3884D789AA32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A84A61C9-61A9-4F3E-B6FF-96A691DCE1C1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{805A6CAC-66BB-4C30-B9F8-599897C1017F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{2110D0AF-95F8-4646-9553-1B6CF9C8355A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3F4A7174-A131-4E17-ACB0-E55D50EF9403}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{603D064C-00E3-4851-BABD-52A8ACF6D7E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D3B864AE-D537-45EA-9521-C2FFF25E936F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FE2779A9-0E46-4AB8-988C-3FA6947D7C76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7B26CD1A-F1F9-4F20-A1B0-1B122AAD040D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{39262AD9-BAAD-46BA-89B1-C824270C9E06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DDA6948D-47A8-40A0-8B02-D3CDE587EF6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90BF9C5A-7661-4778-9AC7-E5B2FEA5EDC9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{56677E13-5924-4CCF-9DED-C0C7AFA5F8B4}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{BC8B9506-A7AA-48F9-A374-938C59CCDCDC}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{3799FAB3-4E74-4EAE-B3B2-CF7A71343D6D}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsiFD98.tmp\CnetInstaller-75715872.exe
FirewallRules: [{85FC4D74-E077-4FE0-A9F7-8B6A171ED648}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsiFD98.tmp\CnetInstaller-75715872.exe
FirewallRules: [{7629C29E-AECC-45CB-B387-DF7D00B99E43}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsaAFFE.tmp\CnetInstaller-10441764.exe
FirewallRules: [{DF5C07D0-C7B5-47CC-81C2-3A5062A29941}] => (Allow) C:\Users\greg\AppData\Local\Temp\nsaAFFE.tmp\CnetInstaller-10441764.exe
FirewallRules: [{47B90EF5-0572-48E7-A077-70628CA45C30}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{8E371A53-0B2C-412F-995F-BAFBC8D5D32C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{6A43F73E-17B3-4104-BF54-470C826971EE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{70F1992E-12D1-4A00-8741-055B7B4E4351}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{33D6F97E-4401-47D5-BEDA-B9BD72D02F9C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{4B2C3049-C6D1-4843-AE0F-BF0AAAA80D02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2015 06:26:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/13/2015 08:20:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/13/2015 08:14:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/13/2015 08:10:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/13/2015 08:06:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/13/2015 08:06:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/13/2015 07:53:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/13/2015 07:48:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/05/2015 10:43:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/05/2015 10:40:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

System errors:
=============
Error: (06/14/2015 06:39:20 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:20 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:20 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:20 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:10 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:10 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:10 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:10 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/14/2015 06:39:10 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/14/2015 06:39:10 PM) (Source: DCOM) (EventID: 10005) (User: REDMACK620)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Microsoft Office:
=========================
Error: (06/14/2015 06:26:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/13/2015 08:20:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/13/2015 08:14:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/13/2015 08:10:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/13/2015 08:06:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/13/2015 08:06:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/13/2015 07:53:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/13/2015 07:48:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/05/2015 10:43:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

Error: (06/05/2015 10:40:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\greg\OneDrive\Pictures\Desktop\esetsmartinstaller_enu.exe

CodeIntegrity Errors:
===================================
Date: 2015-05-30 21:19:45.747
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-30 21:08:44.637
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-30 21:04:31.375
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 34%
Total physical RAM: 3960.15 MB
Available physical RAM: 2582.81 MB
Total Pagefile: 6520.15 MB
Available Pagefile: 5234.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (TI31053700C) (Fixed) (Total:682.69 GB) (Free:626.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

Twinfire

Posts: 53 +0

Jun 14, 2015

#16

For laughs I tried a restart in normal mode and the same pop up banner appears, rendering the desktop useless.

Broni

Posts: 56,041 +516

Jun 14, 2015

#17

Uninstall McAfee Security Scan Plus, typical foistware.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Let me know if after running the above fix the issue is still there.

Twinfire

Posts: 53 +0

Jun 17, 2015

#18

Hello Broni, thank you for your time and patence with this problem of mine. As requested

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by greg at 2015-06-17 21:02:19 Run:1
Running from C:\Users\greg\OneDrive\Pictures\Desktop
Loaded Profiles: greg (Available Profiles: greg & Administrator & Guest)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\MountPoints2: {394aaf3d-1ef3-11e4-bf36-24fd524d85ec} - "E:\AutoRun.exe"
HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\...\MountPoints2: {495dbc98-f088-11e4-824f-24fd524d85ec} - "F:\AutoRun.exe"
SearchScopes: HKU\S-1-5-21-1144771067-2304087280-3493909680-1002 -> {D0AD99D8-2C60-445A-B109-B7F58CA460CC} URL =
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]
2015-05-07 13:58 - 2015-05-20 17:25 - 0007594 _____ () C:\Users\greg\AppData\Local\Resmon.ResmonCfg
C:\Users\greg\AppData\Local\Temp\Quarantine.exe
C:\Users\greg\AppData\Local\Temp\sqlite3.dll
Task: {548DD8EB-A46D-4815-86EB-7FB7417FF09C} - \DriverUpdate Scan No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9
AlternateDataStreams: C:\Users\greg\OneDrive:ms-properties

*****************

"HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{394aaf3d-1ef3-11e4-bf36-24fd524d85ec}" => key removed successfully
HKCR\CLSID\{394aaf3d-1ef3-11e4-bf36-24fd524d85ec} => key not found.
"HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{495dbc98-f088-11e4-824f-24fd524d85ec}" => key removed successfully
HKCR\CLSID\{495dbc98-f088-11e4-824f-24fd524d85ec} => key not found.
"HKU\S-1-5-21-1144771067-2304087280-3493909680-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D0AD99D8-2C60-445A-B109-B7F58CA460CC}" => key removed successfully
HKCR\CLSID\{D0AD99D8-2C60-445A-B109-B7F58CA460CC} => key not found.
SmbDrvI => Service removed successfully
C:\Users\greg\AppData\Local\Resmon.ResmonCfg => moved successfully.
C:\Users\greg\AppData\Local\Temp\Quarantine.exe => moved successfully.
C:\Users\greg\AppData\Local\Temp\sqlite3.dll => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{548DD8EB-A46D-4815-86EB-7FB7417FF09C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{548DD8EB-A46D-4815-86EB-7FB7417FF09C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverUpdate Scan" => key removed successfully
C:\ProgramData\TEMP => ":6DDED7D9" ADS removed successfully.
"C:\Users\greg\OneDrive" => ":ms-properties" ADS not found.

==== End of Fixlog 21:02:19 ====

Twinfire

Posts: 53 +0

Jun 17, 2015

#19

Hello Broni, I tried a restart in normal mode, problem still persisting. I will attempt a screenshot and post that soon. Not that seeing what it is will make a big difference anyways.

Twin

Broni

Posts: 56,041 +516

Jun 17, 2015

#20

Let's try to reset your router.

Turn the computer off.

On your router, you'll find a pinhole marked "Reset".
Keep pushing the hole, using a pencil, or a paperclip until all lights briefly come off and on.
NOTE. Simple router disconnecting from a power source will NOT do.
Restart computer.

NOTE. You may need to re-check your router security settings, as described HERE

Twinfire

Posts: 53 +0

Jun 20, 2015

#21

Hello Broni

Seeing as the access point I am using is not the usual means of accessing the www I do not wish to reset this particular router.

Is there any particular reason why a reset would be beneficial?

A 4G wifi hotspot is the usual means of internet access.

Twinfire

Broni

Posts: 56,041 +516

Jun 20, 2015

#22

Tell me little bit more about how exactly you're accessing internet.
Is this laptop or desktop?

Twinfire

Posts: 53 +0

Jun 21, 2015

#23

This particular machine is a laptop.

Broni

Posts: 56,041 +516

Jun 21, 2015

#24

Tell me little bit more about how exactly you're accessing internet.

Twinfire

Posts: 53 +0

Jun 22, 2015

#25

I am using my brothers wifi at the moment, the usual means of access is via a 4G wifi hotspot

Status: Not open for further replies.

Similar threads

Solved Svchost.exe launching multiple iexplore.exe - unknown cause

Replies: 23

Views: 3K

Locked

Inactive Not sure what's going on here....

Replies: 12

Views: 2K

Solved Malware removal for my son's pc

2

Replies: 33

Views: 5K

Latest posts

Larian is walking away from Baldur's Gate 3, no DLC, no expansions, no sequel
- Bamda replied
- 18 minutes ago
Microsoft is rolling out new Start menu ads to all Windows 11 users despite backlash
- user478318 replied
- 35 minutes ago
Nintendo DMCA lawyers shut down everything Mario on Garry's Mod
- Uncle Al replied
- 43 minutes ago
BlizzGone: Blizzard cancels 2024 convention but promises an eventual return
- GodisanAtheist replied
- Today at 6:42 PM
Russia sentences Meta's communications director to six years in prison over "terrorism" charges
- GodisanAtheist replied
- Today at 6:29 PM
G
Upgraded 4K Chromecast with Google TV set to launch soon with improved hardware
- Gezzer replied
- Today at 6:24 PM
U
Researchers have unlocked the "Holy Grail" of memory technology
- user556 replied
- Today at 6:16 PM
K
TSMC unveils A16 manufacturing process for 1.6nm chips in challenge to Intel's claims
- kiwigraeme replied
- Today at 5:57 PM

Ask a Question

See Recent Posts

TechSpot is dedicated to computer enthusiasts and power users.
Ask a question and give support.
Join the community here, it only takes a minute.